On Wednesday 20 August 2003 07.34, Vladimir wrote:
This is 2.4 Stable 7
Then you should consider upgrading.
Regards
Henrik
e wrote:
Hi,
After three or four days installed Squid 2.5.STABLE3, I've got following
message. but server was running OK.
Has any one had same experience? what is this all about?
==
You've encountered a fatal error in the Squid Cache version
On Tuesday 19 August 2003 17.35, [EMAIL PROTECTED] wrote:
Squid is coreing frequently now (every few minutes). This is a
2.5STABLE3 on RH 7.2 for s/390.
Then register a bug report.
Regards
Henrik
--
Donations welcome if you consider my Free Squid support helpful.
On Tuesday 19 August 2003 22.22, [EMAIL PROTECTED] wrote:
runtime information page it shows squid seeing 1024 file
descriptors available.
Do I need to recompile squid to fix this?
Most likely yes.
The ulimit set when you compile Squid is built into the Squid binary
and this binary can not
On Wednesday 20 August 2003 02.02, Arief Kurniawan wrote:
Still the pop-up shows. Any Idea ?
No other than the security level settings pointed out by Guido. Last
time I looked there is settings both at the domain controllers and in
the clients telling what level of authentication to support.
On Wednesday 20 August 2003 05.02, Jim Flowers wrote:
Thanks, that's very clear. I can do the rewriting OK. What I
can't figure out is what directive(s) I use to accomplish
forwarded using FTP to the FTP server
This you do with the always_direct directive.
as I thought that was the
On Wednesday 20 August 2003 05.22, Robert Collins wrote:
you may also need to relax any never_direct rules you have - jsut
enough - to allow this.
This is not needed. always_direct allow always have a higer priority
than whatever never_direct rules there is.
Regards
Henrik
--
Donations
On Wednesday 20 August 2003 03.17, e wrote:
Hi,
After three or four days installed Squid 2.5.STABLE3, I've got
following message. but server was running OK.
Has any one had same experience? what is this all about?
Your Squid encountered a internal error and restarted. See cache.log
for more
I want squid to detect whether the internet link is avaliable or not.
And then of course, if not available, have squid to inform people that the problem is
coming from our ISP, not from squid nor anything else.
What comes to mind is to ping to our ISP's router (or DNS server, as
this morning
Hi,
I am trying to stress test my Squid installation. I am running it on a
Suse Linux 8.2.
I tried to use polygraph 2.7.6, but unfortunately it doesn't compile
under gcc 3.3.
Any other squid benchmarking software to recommend? Preferably
open-source, of course!
Thanks.
Lee
Hi,
I've configured three squid box with iptables, and all works fine,
squid-box1 -- squid-box2 -- squid-box3(proxys-cache)
squid-box4 --- squid-box5 (proxys-filter with squidguard)
but in squid-box4 and box5 with iptables, I've seen in cache.log
comm_udp_sendto: FD 4,
Dear Sir
actually we have an ISP setup and running 120 lines and one
squid machine. Our uplink is of 256K and downlink 512K. the issue
is that I want to run two proxies without wccp , any idea how to
manage it so that we can balance the traffic load .
Arfan Ahmad
On Wednesday 20 August 2003 10.25, aqil wrote:
Is it possible that squid can can interpret the ping result ? How ?
Have the test program you use modify or replace squid.conf and then
issue a squid -k reconfigure.
What is squid's pinger all about?
No. The Squid pinger is about measuring
On Wednesday 20 August 2003 11.28, MunFai wrote:
Hi,
I am trying to stress test my Squid installation. I am running it
on a Suse Linux 8.2.
I tried to use polygraph 2.7.6, but unfortunately it doesn't
compile under gcc 3.3.
Then install a older GCC, SuSe or FreeBSD version on the benchmark
Hi,
I have a little bit question about ACL blocking the downloading.
here's my squid.conf some line
acl download url_regex /path/to/denydownload.txt
acl POST method POST
http_access deny download !POST
here's my denydownload.txt
[eE][xX][eE]
[zZ][iI][pP]
my problem is when my clients search
Scratch that - I made the silly mistake of assuming that
req_mime_type would match on the entire data; it probably
looks for the Content-Type: line and matches from there.
Well... I'm still at it:
acl msn_no_block src 10.167.211.165/255.255.255.255
acl msn_server rep_mime_type
I have a little bit question about ACL blocking the
downloading.
here's my squid.conf some line
acl download url_regex /path/to/denydownload.txt
acl POST method POST
http_access deny download !POST
here's my denydownload.txt
Try replacing with the following:
acl download url_regex -i
On Wednesday 20 August 2003 14.17, Serassio Guido wrote:
There is an old post on this list about this:
http://www1.it.squid-cache.org/mail-archive/squid-users/200111/0655
.html
The offline_mode is gradually improved in Squid-2 as users submits
patches making it work better.
None of the
I will suggest better to block it via your firewall it can be Linux firewall
ipfw, ipchains, iptables or router etcc..
--
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| * * * * * * * * * * * * * * * * * * * * * * * *
| Fibre Net (Pvt)
Since you are matching on the reply MIME type, you should
probably use this line instead:
http_reply_access deny !msn_no_block msn_server
I have no idea why that did not occur to me before.
Me neither.. The fact is: NOW IT'S WORKING!
I can't get connected anymore!!! ;)
The only thing
but in squid-box4 and box5 with iptables, I've seen in cache.log
comm_udp_sendto: FD 4, ip-dns-server, port 53: (1) Operation not
permitted 2003/08/20 11:21:48| idnsSendQuery: FD 4: sendto: (1)
Operation not permitted
Make sure the iptables rules allow outgoing packets on UDP port 53.
It
ok, so i'm trying to track how many open FDs squid is using, just to get an
idea where things are with that. 20. uhm, what? oh look, it restarted
recently. why did it do that? oh look, a core file in the log directory.
and this in cache.log:
2003/08/19 12:26:28| comm_accept: FD 14: (130)
I will suggest better to block it via your firewall it can be
Linux firewall ipfw, ipchains, iptables or router etcc..
The messenger programs do use their own ports that you can block
with a firewall, but they also can be set to tunnel their traffic
through HTTP. Most will even autodetect this.
On Wednesday 20 August 2003 13.44, Boniforti Flavio wrote:
Scratch that - I made the silly mistake of assuming that
req_mime_type would match on the entire data; it probably
looks for the Content-Type: line and matches from there.
Well... I'm still at it:
acl msn_no_block src
Why I don't get any TCP/DENIED
Because Squid is allowing the request, and is just blocking
the reply.
Should I be doing it on req_mime_type instead?
That is the normal procedure. You would need to change the
http_reply_access line to http_access.
Adam
ohh my dears simple is that block port 1863 and I'm 100% sure MSN will be
blocked :)
--
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| * * * * * * * * * * * * * * * * * * * * * * * *
| Fibre Net (Pvt) Ltd. Lahore, Pakistan
|
ohh my dears simple is that block port 1863 and I'm 100%
sure MSN will be blocked :)
And I'm 100% sure you have no clue what you're talking about.
MSN messenger (along with Yahoo! and AOL) will tunnel their
traffic through HTTP if the port they normally use is not open.
Quit being
Hi all.
Squid doesn't load some images on some websites.
Instead of the picture all I am getting is an empty box with a red cross at
the top corner.
Some popups cannot be loaded at all. The frame stays empty and eventually
I get an error message Connection failed 113 no route to host.
When
blocking on extensions is silly anyway, i've seen windows sites
that have something like http://site/cgi-bin/somescript.exe
that turns out to be html, you really need to block on mime
type. Also, the !POST thing doesn't make a lot of sense either
since most search engines (like google) uses GET
squid_auth_ldap is not the same program as squid_ldap_auth.
squid_ldap_auth is the LDAP helper shipped with Squid.
squid_auth_ldap is another third-party LDAP helper for Squid, to some
extent providing similar functionality to squid_ldap_auth but
entirely different configuration.
Regards
On Wednesday 20 August 2003 14.40, Boniforti Flavio wrote:
http_reply_access deny !msn_no_block msn_server
Why I don't get any TCP/DENIED but instead I get:
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE3-http_reply_access-denied
Regards
Henrik
--
Donations welcome if
On Wednesday 20 August 2003 14.45, Brian Hechinger wrote:
ok, so i'm trying to track how many open FDs squid is using, just
to get an idea where things are with that. 20. uhm, what? oh
look, it restarted recently. why did it do that? oh look, a core
file in the log directory.
#8
On Wed, Aug 20, 2003 at 05:38:32PM +0200, Henrik Nordstrom wrote:
This problem (the crash) seems to be Smartfilter related.
hmmm.
I would suggest trying if you can repeat the same problem in a Squid
version without the Smartfiler third party patch, or reporting this
issue to your
On Wednesday 20 August 2003 16.10, michel lodap wrote:
Hi all.
Squid doesn't load some images on some websites.
Instead of the picture all I am getting is an empty box with a red
cross at the top corner.
Some popups cannot be loaded at all. The frame stays empty and
eventually I get an
On Wednesday 20 August 2003 17.08, Joshua Brindle wrote:
type. Also, the !POST thing doesn't make a lot of sense either
since most search engines (like google) uses GET vars, not POST
Not a problem for these, as url_regex will not match GET form
submissions as these do not end in \.exe$ even
Hello,
i have running in the same machine QMAIL/Vpopmail (with POP3 server, too!),
and Squid-Cache running on.
Well, i would like my users to be authenticated against the POP3 Server,
using their username/password to suft the Internet.
Is there a POP3 authenticator nearby??
Thank you in
Hi Folks--
I've been using squid and have had no problems (till now). I must
be a creature of habit; current hit rate is 38%. Very nice.
About a week ago, a site that had been working, I could no longer
access. It would seem to hang. Not sure if it would timeout or
whatever, I was too
The day the log was split was actually not the day I had the problem
sorry for the confusion.
What I am finding is that on days where the log was not split I do
sometimes have many users listed.
For example we only have several hundred users on the internet but
when this report
I have Squid-2.5STABLE3 setup with Samba 2.2.8a and basic and NTLM via the
winbind and wb_group helpers. Everything runs perfectly.
On this box I also installed squid-3.0-PRE3-20030820 to test the new Squid-3
series using the same auth setup as my 2.5STABLE3 install. There are a few
issues:
1) I
As I have not yet been able to get an ftp gateway working in accelerator
mode, I am working with Squid3 in proxy-cache mode to try and understand more
about how it works.
I can rewrite http URL to ftp URL and get it to work fine for anonymous ftp
but not for user ftp with password
On Wednesday 20 August 2003 19.43, gnu not unix wrote:
domain name to my browser's (mozilla) no proxy entry, allowed me
immediate access to this site. It seems that going there via squid
simply hangs. Here's what lynx reports their server
(www.jameco.com) as:
Seems to work just fine here,
On Wednesday 20 August 2003 19.52, Jim_Brouse/[EMAIL PROTECTED]
wrote:
I searched access.log and I did find a mention of 007
although it is part of a URL. Some how the access.log is different
than normal so then SARG is running against the wrong fields. What
do you think is the
On Wednesday 20 August 2003 20.19, Adam Aube wrote:
1) I sometimes get prompted for the username and password. Right
now I am the only one using this copy of Squid, and it's launching
10 NTLM helpers.
Anything relevant to this in cache.log?
2) I'm getting several of these errors in
is there a way to use acl with max size body reply?
In message [EMAIL PROTECTED] you write:
On Wednesday 20 August 2003 19.43, gnu not unix wrote:
(squid hang)
Hello Henrik--
Thanks for the reply and checking.
Seems to work just fine here, but I am using the current Squid-2.5
sources (what will become 2.5.STABLE4).
(...)
It can also be the
On Wednesday 20 August 2003 20.40, Jim Flowers wrote:
I can rewrite http URL to ftp URL and get it to work fine for
anonymous ftp but not for user ftp with password authentication
provided by the ftpserver.
Probably correct. For this to work you need to define a HTTP url
namespace which can
1) I sometimes get prompted for the username and password. Right
now I am the only one using this copy of Squid, and it's launching
10 NTLM helpers.
Anything relevant to this in cache.log?
I've just noticed a couple of other errors in cache.log:
2003/08/20 13:44:43| Attempt to lower Auth
So the answer appears to be that although squid has the mechanics of an http
to ftp gateway that can be made to work for anonymous ftp, there is no
provision in the standards or in squid for accomodating a user name from the
browser address window.
While I appreciate that there are probably
I need to run two instance of squid in the same box...
so I compile the second instance with --prefix=/usr/local/squid2
Also i modified the squid startup file but when i start this instance
receive the following error...
Starting web proxy server: FATAL: Could not determine fully qualified
I am running squid 2.5.STABLE3, samba 2.2.8a with wb_group. wb_group is
working fine, but what i want to know is if there is a way that i can
setup the configuration so that if the user is not in the group the
wb_group helper will put them back to basic and IE will give them the
login box? They
On Wednesday 20 August 2003 22.05, Adam Aube wrote:
I will test some more to see if the login prompt corresponds with
the cache.log entries I'm seeing before submitting a report.
Please register a report already, collecing the information you have.
By registering a report you make sure the
On Wednesday 20 August 2003 22.46, Jim Flowers wrote:
So the answer appears to be that although squid has the mechanics
of an http to ftp gateway that can be made to work for anonymous
ftp, there is no provision in the standards or in squid for
accomodating a user name from the browser address
On Wednesday 20 August 2003 22.52, Diego Dasso wrote:
is there a way to use acl with max size body reply?
Yes.
Squid-2.5 or later required.
Regards
Henrik
--
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
If you
On Wednesday 20 August 2003 23.20, Montervino, Mariano wrote:
Starting web proxy server: FATAL: Could not determine fully
qualified hostname. Please set 'visible_hostname'
Then please set 'visible_hostname'. This is a squid.conf directive in
case it is not obvious from the error message..
On Wednesday 20 August 2003 23.24, Edward Mann wrote:
I am running squid 2.5.STABLE3, samba 2.2.8a with wb_group.
wb_group is working fine, but what i want to know is if there is a
way that i can setup the configuration so that if the user is not
in the group the wb_group helper will put them
On Wednesday 20 August 2003 18.16, Francesco wrote:
Hello,
i have running in the same machine QMAIL/Vpopmail (with POP3
server, too!), and Squid-Cache running on.
Well, i would like my users to be authenticated against the POP3
Server, using their username/password to suft the Internet.
On Thu, 2003-08-21 at 06:05, Adam Aube wrote:
Can you add a debug trace at ALL,1 29,9 to the bug report.
Cheers,
Rob
--
GPG key available at: http://members.aardvark.net.au/lifeless/keys.txt.
signature.asc
Description: This is a digitally signed message part
Hello all,
I was wondering if anyone know if the squidGuard mailing list is still active
or not?
Thanks!!
Amy A.
Thanks to all of you guys,
Mike
- Original Message -
From: Adam Aube [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 8:28 PM
Subject: RE: [squid-users] ACL Question
I have a little bit question about ACL blocking the
downloading.
here's my squid.conf
I was wondering if anyone know if the squidGuard mailing list is
still active or not?
I'm afraid not. I think they shut it down around the beginning of
June.
Rick
-Original Message-
From: Amy A [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 8:23 PM
To: [EMAIL
Would you suggest still using squidguard or going with a different web
filtering tool such as DansGuardian?
Amy A.
On Wednesday 20 August 2003 10:30 pm, Rick Matthews wrote:
I was wondering if anyone know if the squidGuard mailing list is
still active or not?
I'm afraid not. I think they
There's a POP3 pam module out there. Looked at it once, it shoudl do the
trick paired with Squid's PAM helper.
Jerry
- Original Message -
From: Francesco [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, August 20, 2003 12:16 PM
Subject: [squid-users] POP3 authenticator
62 matches
Mail list logo