- Original Message -
From: Robert Mena [EMAIL PROTECTED]
To: fooler [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 10:25 AM
Subject: Re: [squid-users] Squid, WCCP, transparent proxy
How stable is this wccp daemon ?
honestly i didnt try this daemon because im using
Hi, I like to use Mysql as source of the acl's for squid. We want to block
several sites, so they cant be viewed. The problem with the standard acl's
used by squid is, if you want to add/remove a site from the list, you need
to restart squid all the time, wich takes several minutes. In these
h if you have just single cache for your network then no need to run
WCCP ... I will suggest better to redirect port 80 traffic to your cache
simple is that. and of course iptables or ipchains will redirect your
traffic.
--
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^
I have some Idea about transparent proxy with authentication but I dont
sure it makes sense or not, may be some one can craft this.
Im using backbone switch to route HTTP request to transparent squid and it
works fine. I know that no way (by now) to automatically pop up authen
screen for routed
Hi,
I just installed and configured squid with delay pools according to
'Bandwidth Limiting How-to' by Tomasz.
I also configured it to be a transparent proxy. I have a running apache
in the same machine.
When I start squid, apache stops serving the webpages.
Below is how how I managed squid to
On Tue, 2003-08-05 at 10:30, Chettawan Senapant. wrote:
Im using backbone switch to route HTTP request to transparent squid and it
works fine. I know that no way (by now) to automatically pop up authen
screen for routed users while Im using transparent proxy. But suppose I
have some firewall
On Tuesday 05 August 2003 01.47, Carlos Simbana wrote:
ldapsearch -x -h 192.168.1.222 -b dc=interna1,dc=com -D
cn=Admin,dc=interna1,dc=com -wmaster uid=juan
And if you try the same thing, binding to juan instead of Admin?
Regards
Henrik
--
Donations welcome if you consider my Free Squid
IBM Netfinity 7000 M10
OS?
dual pentium 2 400 mhz
Your second processor doesn`t help you much
2048 MB ECC RAM
OK, thats enough for about 140 GB of cache_dir
3 SCSI drivers 7,2k upm ( raid 5 )
Don`t do RAID 5.
Instead use 1 drive for system and 2 drives for cache or if you need HD
dual pentium 2 400 mhz
Your second processor doesn`t help you much
2048 MB ECC RAM
OK, thats enough for about 140 GB of cache_dir
3 SCSI drivers 7,2k upm ( raid 5 )
Don`t do RAID 5.
Instead use 1 drive for system and 2 drives for cache or if you need HD
redundancy, 2 Disks as RAID 1
On Tue, 2003-08-05 at 11:20, [EMAIL PROTECTED] wrote:
Redhat 7.3
ok, i reinstall the server with redhat 9 and RAID 1, should i use XFS as
filesystem?
There is a benchmarking document which is produced by Duane on web it
says ext2 with aufs is better than the other options.
Regards,
hrm.. spawning 2 external processes per request when thousands
of requests are going through is implausible.. the authentication thing
might be a little far fetched (and could be done externally if needed
since it would only be spawned if the header was there, although
I don't know how such an
Hi,
How do I modify the Access Denied page that Squid returns?
Regards,
Mun Fai
i'm trying to make accounting with squid
squid logs into access.log number of bytes transmitted to a client...
it's not enough for me i need to log number of bytes received from
internet for a particular request. how to do that? :-)
Agri
I stopped squid and restarted again. Cache size is
reduced to 25 % of
previous. May be due to this now squid is giving good
performance.
From this i guess you have a memory problem. You have to less memory for
your cache or to much cache for your memory.
Is it necessary to reduce cache size
I finally remembered to check the cache log for details
:-( arg. OK so the groups are being read correctly now.
Good.
This particular configuration leads to everyone at full
speed, which is a better default option!
For the 'overused' acl, should i be using external_auth or
RFC391 User
Can somebody tell me please, I want to know, how many requests
per sec (req/sec) can handle normally a box with these technical
charachteristics:
I can give you some tuning suggestions, but not a specific number.
RAM - 900 MByte
HDD - 16 GByte
Swap Partition - 1G
cache_dir diskd
What about tcp/ip headers of packets?
Agri
On Tue, 5 Aug 2003 11:20:53 +0200
Henrik Nordstrom [EMAIL PROTECTED] wrote:
On Tuesday 05 August 2003 09.57, Agri wrote:
i'm trying to make accounting with squid
squid logs into access.log number of bytes transmitted to a
client... it's not
Adam,
All Wbinfo commands function OK and wb_auth -d work OK too...
My pdc and bdc´s are NT4.0 and the station is logged to the lan.
If i use basic NTLM authentication (with pop up) works fine!!! but
transparent autehntication doesn´t work
Rgds
-Mensaje original-
De: Adam Aube
I worked mysql with squid 2.4 and not is necesary restart squid.
Today I am looking for an external acl for squid 2.5 stable 3. Do you have
it?
Carlos
Markus wrote:
Hi, I like to use Mysql as source of the acl's for squid. We want to block
several sites, so they cant be viewed. The problem
Dear frined.
A t first you ought to enbale forwarding on your squid box.
Then you should use this command to set its transparency :
iptables -t nat -A PREROUTING -p tcp -i interface name --dport 80 -j
REDIRECT --to-port 3128
Then it should be work
On of your problems is that you want to DNAT
Access.log
2003/08/05 00:00:10| storeDirWriteCleanLogs: Starting...
2003/08/05 00:00:10| Finished. Wrote 897 entries.
2003/08/05 00:00:10| Took 0.0 seconds (984632.3 entries/sec).
2003/08/05 00:00:10| logfileRotate: /usr/local/squid/logs/access.log
2003/08/05 00:00:10|
Thank you Tay and Adam.
Valton
- Original Message -
From: Adam Aube [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 3:30 PM
Subject: RE: [squid-users] squid performances
Can somebody tell me please, I want to know, how many requests
per sec (req/sec) can
On Tuesday 05 August 2003 02.56, Jesse Reynolds wrote:
But I can't figure out how to specify the rest of those linker
flags. Any suggestions would be greatly appreciated! I assume I
need to edit the Makefile but I'm lost.
Search for -lssl in src/Makefile after running configure. Then modify
On Thu, Jul 31, 2003 at 09:52:22PM +0200, Henrik Nordstrom wrote:
I ran from 127.0.0.1 itself.
Shall I try it from other browser?
I mean from any other machine?
Your interception rule in iptables only applies to traffic forwarded,
not traffic originating from the box itself.
Thanks a
will null fs with a cache_mem of 250MB could give me a
higher hit rate compared to a 250MB cache_mem with a
3gig cache_dir, or with a 250MB with a 100MB cache_dir
since i want to lessen I/O bound operations on squid.
You can usually hold more cache on disk than you can in
memory. Using no
For everyone struggling with reverse proxy implementations of squid 3.0
look over the information presented at:
http://www.ists.dartmouth.edu/IRIA/projects/d_jeanne.htm
Even if you do not want to use this particular approach, I found the
documentation of how they do it refreshing.
Because I
Hi!
I tried the rule you wrote, but I got no success...
Btw, the rule I wrote in my first message wasn't
accurate... In the box, I used the -t nat. :)
What tricks me is that going through the browser, all
works fine... Through the redirect, the error page
appear.
The error page contains the
how to I configure squid to work with BOTH msnt_auth and
squid_ldap_auth.
If msnt_auth is a basic auth helper (like squid_ldap_auth),
then I'm afraid you're somewhat stuck - Squid supports only
a single helper of a given auth type (basic, digest, NTLM).
You could setup NTLM auth for the
will null fs with a cache_mem of 250MB could give me a
higher hit rate compared to a 250MB cache_mem with a 3gig
cache_dir, or with
a 250MB with a 100MB cache_dir, since i want to lessen I/O bound
operations on squid.
The bigger the cache, whether in RAM or on disk, the better the hit
The application opens in a java applet after the user is
authenticated to the app. Before the user is able to enter all of
the needed data (about two minutes time) the connection is lost
and we get some kind of timeout error.
I'm going to guess that this application uses a persistent
On Tuesday 05 August 2003 12.08, Boniforti Flavio wrote:
1059726903.862 1012 10.167.211.11 TCP_MISS/200 344 POST
http://gateway.messenger.hotmail.com/gateway/gateway.dll? -
FIRST_PARENT_MISS/proxy.reteunitaria.pie
monte.it application/x-msn-messenger
These are allowed.
Which rules dud
some suggestions...though not very related to your
question.
--- Valton Hashani [EMAIL PROTECTED] wrote: Hi all,
Can somebody tell me please, I want to know, how
many requests per sec
(req/sec) can handle normally a box with these
technical charachteristics:
Kernel - 2.4.20-gentoo-r5
Henrik wrote:
On Tuesday 05 August 2003 01.47, Carlos Simbana wrote:
ldapsearch -x -h 192.168.1.222 -b dc=interna1,dc=com -D
cn=Admin,dc=interna1,dc=com -wmaster uid=juan
And if you try the same thing, binding to juan instead of Admin?
Regards
Henrik
I tryed
ldapsearch -x -h
On Tuesday 05 August 2003 19.26, [EMAIL PROTECTED] wrote:
Does squid support windows authentication for Samba 3?
Samba 3 supports Basic and NTLM authentication for Squid and many
other programs. See the Samba release notes (I think).
With Samba 3 you DO NOT use the helpers shipped with Squid.
Does squid support windows authentication for Samba 3? I'm trying out
Red Hat Enterprise Linux 3 beta, and squid and samba seem appropriately
compiled.
# squid -v
Squid Cache: Version 2.5.STABLE3
configure options: --host=s390-redhat-linux --build=s390-redhat-linux
On Tuesday 05 August 2003 12.00, Agri wrote:
What about tcp/ip headers of packets?
This Squid can never get a figure of. Such information is only known
to packet level accounting, not TCP applications like Squid.
Regards
Henrik
--
Donations welcome if you consider my Free Squid support
On Monday, Aug 4, 2003, at 20:43 Australia/Melbourne, Bob Arctor wrote:
hello, i have following problem :
squid 1 squid 2 squid 3,
when i ask squid 3 for a http://www.google.com/search?q=something
it returns :
/search?q=something is invalid URL..
You aren't using Macintosh clients are you? I'm
I am using Dansguardian to determine if something is porn, and
I modified it to set a header (X-Naughty and X-Naughty-Why)
so that the page would still go through, but squid should be
able to identify it as naughty.
The way I envision it working is, people can browse freely and
unlogged
Make sure the OWA web server has support for virtual domains enabled.
If all else fails, create a virtual domain instance with the external
domain name.
The key to get this to work is to make sure OWA knows it's external
name and use it.
Regards
Henrik
On Tuesday 05 August 2003 20.06,
Can I distribute this (312 Kbps) bandwidth to three
different networks using Squid 128, 128, 56
respectivly.
OR proportanatly.
If your 3 networks are class C portions of a single
class B address space, you can use a class 3 delay pool.
If you're not setup like this, or you want to allocate
Interesting question which I also would like to know the answer.
The default 16 didn't work that well for me, as I had queue congestion
messages almost every second. The I recompiled it to use 32 threads, and
right now it seems to be working just fine.
My setup is as follows:
Dell P3 733MHz
At 10:57 +0200 5/8/2003, Henrik Nordstrom wrote:
On Tuesday 05 August 2003 02.56, Jesse Reynolds wrote:
But I can't figure out how to specify the rest of those linker
flags. Any suggestions would be greatly appreciated! I assume I
need to edit the Makefile but I'm lost.
Search for -lssl in
Henrik:
I have compile the latest, and although the hosts file is now being
used, and I have tried out your suggestion as below, I am still getting
redirects on the browser. Do you have any other suggestions?
jg
On Wednesday, July 30, 2003, at 04:08 PM, Henrik Nordstrom wrote:
On Wednesday
Payal Rathod wrote:
On Thu, Jul 31, 2003 at 09:52:22PM +0200, Henrik Nordstrom wrote:
I ran from 127.0.0.1 itself.
Shall I try it from other browser?
I mean from any other machine?
Your interception rule in iptables only applies to traffic forwarded,
not traffic originating from the box itself.
Hello,
I have a 2.5STABLE3 squid installation running under RedHat9. I have trimmed
the rredir.c program that was included in the squid contrib directory down
to its bare essentials (granted it's useless in that it does not perform any
redirection at this point) and added a while(1) statement to
When i add a user to AD and prompt the user to have to change their
password at next logon i cannot get the account to authenticate.
Does anyone know a workaround or something to fix this?
new user added to AD and box checked for user to change password at
next logon,
46 matches
Mail list logo
