Hi,
As you say, it is hard to strike a right balance between downloading too
much and not downloading data that can be cached. This is especially hard
for general purpose cache engines like Squid without some knowledge about
the access patters of the URLs being accessed.
Since Squid provides
I read this note for Squid 2.5, because I'm going to install SSL update:
Added SSL gatewaying support, allowing Squid to act as a SSL server in accelerator
setups.
So I have only to reconfigure Squid with -ssl option or I must download
SSL patch at Devel.squid-cache.org :
Current Patches: 2.5:
I have 3 IPs configured on my box, while Squid is binded with IP B (it
only accepts requests on this IP),
So your squid is listening as IP-B:3128.
Squid show's up as IP A (which is
my main IP on this box) when doing a request on pages.
If your setting of forwarded_for on then it will send
On Wed, 28 Apr 2004, Marc Slaon wrote:
Since Squid provides parameters to change the behavior, I think it is doing
a very good job.
Thanks.
Some suggestions would be
* Provide a higher default than 16KB for quick_abort_max parameter.
Not sure I agree on this. But it should be noted that I
On Wed, 28 Apr 2004, Will Lowe wrote:
1) Have squid ignore a cache_peer config line that lists the local
machine. This way I can put the same squid.conf file on all servers
and list all the servers as peers in it.
This is good. I think I have even seen a patch for it.
2) Have squid be able
Hello,
is there a plan for implementing CRL checking in Squid?
Regards,
David
Hello,
is there a plan for implementing CRL checking in Squid?
Regards,
David
Hello,
is there a plan for implementing CRL checking in Squid?
What is 'CRL' ?
M.
Begin forwarded Message from Roman Rathler,
Thu, 29 Apr 2004 11:06:01 +0200 (METDST):
Hi,
in the meanwhile i got it running using the wbinfo_group.pl helper.
There is a bug in the perl script that comes with the fedora package
squid-2.5.STABLE3-1.fc1 when it tries converting groupSID to
CRL stands for Certificate Revocation List (CRL) Management. Using this
list you can check whether some certificate is revoked.
-Original Message-
From: Elsen Marc [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 11:03 AM
To: David Hajek; [EMAIL PROTECTED]
Subject: RE:
CRL stands for Certificate Revocation List (CRL) Management. Using this
list you can check whether some certificate is revoked.
-Original Message-
From: Elsen Marc [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 11:03 AM
To: David Hajek; [EMAIL PROTECTED]
Subject: RE:
On Thu, 29 Apr 2004, Roman Rathler wrote:
in the meanwhile i got it running using the wbinfo_group.pl helper. There is a bug
in the perl script that comes with the fedora package
squid-2.5.STABLE3-1.fc1 when it tries converting groupSID to groupGID...
As far as I know this is fixed in
On Thu, 29 Apr 2004, krv wrote:
I am planning to block the port 80 for these clients in our multilayer
switch instead of transparently redirecting them to cache and force them
to configure the proxy manually.
Any other solutions for this problem?
Automatic firewalling on the proxy when a
On Thu, 29 Apr 2004, David Kandou wrote:
How to insert image in to file ERR_ACCESS_DENIED, i already try but until
now i can't see that image on browser when user try to connect to porn web.
You need to use a absolute url (http://server.domain/path/to/image.png),
and your clients need to be
On Thu, 29 Apr 2004 [EMAIL PROTECTED] wrote:
I read this note for Squid 2.5, because I'm going to install SSL update:
Added SSL gatewaying support, allowing Squid to act as a SSL server in accelerator
setups.
You don't need the update to act as SSL server, only if you want to be
able to have
On Thu, 29 Apr 2004, David Hajek wrote:
is there a plan for implementing CRL checking in Squid?
Yes, when there is a paying customer requiring the feature.
Regards
Henrik
- Original Message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: krv [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 3:37 PM
Subject: Re: [squid-users] strange requests
On Thu, 29 Apr 2004, krv wrote:
I am planning to block the port 80 for these clients in our
Hi all,
Only I have log files for three days, ¿ why ?
I want to have logs for about 60 days ago.
-rw-r- 1 proxy proxy 334737 Apr 29 10:04 access.log
-rw-r- 1 proxy proxy 2429270 Apr 28 20:27 access.log.1
-rw-r- 1 proxy proxy 225187 Apr 27 21:17 access.log.2.gz
Thanks.
users] About log files
Hi all,
Only I have log files for three days, ¿ why ?
I want to have logs for about 60 days ago.
-rw-r- 1 proxy proxy 334737 Apr 29 10:04 access.log
-rw-r- 1 proxy proxy 2429270 Apr 28 20:27 access.log.1
-rw-r- 1 proxy proxy 225187 Apr 27
Hm. Seems strange to me. Can't believe that anyone from opensource world
don't use certificate authentication.
-D
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 12:14 PM
To: David Hajek
Cc: [EMAIL PROTECTED]
Subject: Re:
Hm. Seems strange to me. Can't believe that anyone from opensource world
don't use certificate authentication.
-D
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 12:14 PM
To: David Hajek
Cc: [EMAIL PROTECTED]
Subject: Re:
I am new to squid. I want to know to generate the password file used by
the digest_pw_auth application that is included with Squid 2.5.STABLE5?
I tried using htdigest which I use with Apache but that does not see to
work.
Thanks!
Hi everyone,
I would like to know the current status of using Squid as a Reverse Proxy and (Sticky)
Load Balancer. I've Google'd and searched the mailing list archives.
I found this in an email:
--snip--
On Wed, 22 Oct 2003 17:16:11 +0200 (CEST)
Henrik Nordstrom [EMAIL PROTECTED] wrote:
This
On Thu, 29 Apr 2004, Aeon wrote:
I am new to squid. I want to know to generate the password file used by
the digest_pw_auth application that is included with Squid 2.5.STABLE5?
It is plain text
username:password
I tried using htdigest which I use with Apache but that does not see to
work.
Hi,
I have Squid. It has some cache objects. But Squid doesn't seem to use this cache.
#has cache: - on startup I see the number of cache objects
#doesnt use cache: I want to cache the result of JSP (java server pages). In the logs
of Tomcat
(java application server) I can see how
Henrik what automatic firewalling will be a problem when you have a small ip
pool like i do however am about to try this maxconn acl.
I didnt get a denial of service or enahanced cpu usage. I got Uplink choking
whenever i come accross such requests havent really been able to make a
connection.
A Squid-ICAP tarball can be found from http://www.webwasher.com/squid-icap
At the moment, there is a bug in response mode which causes the ICAP server
to be sometimes marked as unreachable, but a fix developed by the Alcove
company should be available in a few days.
---
Stéphane Davy
Hi List,
I am interested in using ident or something similar to control who is
allowed to browse and who isnt.
The only snag is this. I need the ident request to be sent to the radius
server, the results (being a username) should then be compared against a
dynamic list (provisioned by the billing
It works perfectly. thanks!
On Thu, 29 Apr 2004, Henrik Nordstrom wrote:
On Thu, 29 Apr 2004, Aeon wrote:
I am new to squid. I want to know to generate the password file used by
the digest_pw_auth application that is included with Squid 2.5.STABLE5?
It is plain text
On Thu, 29 Apr 2004, Jake Gold wrote:
This function is not yet in mainline Squid, but can be found in the rproxy
patch at the location above..
Is any/all of this functionality available yet in mainline Squid?
Not yet. The feature will most likely be in Squid-3.1.
Is there any
On Thu, 29 Apr 2004, Hilal Afridi wrote:
I didnt get a denial of service or enahanced cpu usage. I got Uplink choking
whenever i come accross such requests havent really been able to make a
connection.
What does access.log say in your case?
(including URL)
Regards
Henrik
On Thu, 29 Apr 2004, Rob Hartzenberg wrote:
I am interested in using ident or something similar to control who is
allowed to browse and who isnt.
This is not easily done in a transparent proxy unless your OS has strong
IP-Spoofing capabilities.
IDENT needs to make the query using the source
Can you point me to material describing Squid as an
FTP proxy?
I'm not sure 'proxy' is even the right term. How does
squid translate the domain name of the ftp server, if
the external client has already done it? I assume
squid listens to the ftp ports and accepts connections
on behalf of internal
Thanks for the answer. I think I have to choose from one of these: ;)
1/ write a CRL patch myself
2/ become a paying customer
3/ explore newest stunnel, which seems to have CRL checking implemented
-D
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent:
On Thu, 29 Apr 2004, Elvis Presley wrote:
Can you point me to material describing Squid as an
FTP proxy?
Squid is not an FTP proxy.
I'm not sure 'proxy' is even the right term. How does
squid translate the domain name of the ftp server, if
the external client has already done it? I assume
On Thu, 29 Apr 2004, David Hajek wrote:
Thanks for the answer. I think I have to choose from one of these: ;)
1/ write a CRL patch myself
2/ become a paying customer
3/ explore newest stunnel, which seems to have CRL checking implemented
Or
4/ Wait for some one else to have a CRL patch to
On Thu, 29 Apr 2004 [EMAIL PROTECTED] wrote:
#doesnt use cache: I want to cache the result of JSP (java server pages). In the
logs of Tomcat
(java application server) I can see how everytime the Code is executed. ... - not
the cache
being taken.
See the cacheability engine to
Hi all,
I'm making progress getting OWA and squid (2.4STABLE6) to play nice when the
client is using IE. I have added the following WEBDAV options to my
squid.conf configuration, and it is now pulling mail into the browser:
extension_methods SEARCH PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK
Could this have something to do with my authentication problem?
http://www.squid-cache.org/mail-archive/squid-users/200403/0811.html
--Trevor
-Original Message-
From: Trevor [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 12:54 PM
To: [EMAIL PROTECTED]
Subject: [squid-users]
requests are somewhat like this.
083178815.070 1035 66.76.79.56 TCP_MISS/000 0 GET
http://popup.msn.com/lbpopupframe.asp? - DIRECT/65.54.192.248 -
1083178816.081 17 66.76.79.54 TCP_MISS/000 0 GET http://ca.msn.com/ -
NONE/- -
1083178853.054197 66.76.79.54 TCP_MISS/000 0 GET
I need an FTP proxy that's capable of binding to a specific address for
outgoing FTP connections. IE to the FTP server I'm connecting to it has
to look like it's coming from a specific IP address on my gateway. Any
way to do this?
-Daniel
1) Have squid ignore a cache_peer config line that lists the local
This is good. I think I have even seen a patch for it.
Great! Any idea where I'd find that patch?
Multicast needs a bit of work in Squid, currently nobody is maintaining
this aspect.
It also looks like HTCP needs some
Hi,
squid as reverse proxy
See the cacheability engine to determine how cacheable (or not) your JSP
pages are.
ty
Cacheability engine:
http://www.ircache.net/cgi-bin/cacheability.py?query=http%3A%2F%2F62.178.190.10%3A8440%2Fsma_test%2FlistVS.do
it tells: Cache-Control no-cache
so
Thanks for the tip. I'll google for frox. In the
meantime,
Doesn't the browser normally resolve ftp urls itself,
connecting directly to the ftp server/proxy?
If it doesn't, how does an ftp url get to an http
server/proxy, as a GET ftp://, a POST ftp://?
That would be mixing metaphors, wouldn't
On Thu, 29 Apr 2004, Will Lowe wrote:
1) Have squid ignore a cache_peer config line that lists the local
This is good. I think I have even seen a patch for it.
Great! Any idea where I'd find that patch?
It should be on either the squid-dev or squid-users list. Probably
squid-dev. I
On Fri, 30 Apr 2004, Hilal Afridi wrote:
requests are somewhat like this.
083178815.070 1035 66.76.79.56 TCP_MISS/000 0 GET
http://popup.msn.com/lbpopupframe.asp? - DIRECT/65.54.192.248 -
1083178816.081 17 66.76.79.54 TCP_MISS/000 0 GET http://ca.msn.com/ -
NONE/- -
1083178853.054
On Thu, 29 Apr 2004, Trevor wrote:
So, I know I'm getting somewhere; however, the when the client logs in, it
immediately prompts them to log in again, over and over. Any ideas? Is
this a cookies thing? Where should I be looking?
You need to have support for plain text authentication
On Thu, 29 Apr 2004 [EMAIL PROTECTED] wrote:
Cacheability engine:
http://www.ircache.net/cgi-bin/cacheability.py?query=http%3A%2F%2F62.178.190.10%3A8440%2Fsma_test%2FlistVS.do
it tells: Cache-Control no-cache
so I think that I have to remove meta http-equiv=cache-control
On Thu, 29 Apr 2004, David Hubner wrote:
Hi,
I have tried to post a mail to the webmaster at [EMAIL PROTECTED]
but with no reply for about a month now.
We do not have a webmaster address, or at least not a functional one..
the contact address for the Squid project is [EMAIL PROTECTED],
On Thu, 29 Apr 2004, Elvis Presley wrote:
Thanks for the tip. I'll google for frox. In the
meantime,
http://www.squid-cache.org/related-software.html
Regards
Henrik
On Fri, 30 Apr 2004 01:34:26 +0200 (CEST)
Henrik Nordstrom [EMAIL PROTECTED] wrote:
On Thu, 29 Apr 2004, David Hubner wrote:
Hi,
I have tried to post a mail to the webmaster at [EMAIL PROTECTED]
but with no reply for about a month now.
We do not have a webmaster address, or at
51 matches
Mail list logo