Marcel Grandemange wrote:
Good day.
Im wondering if anybody could shed some light for me.
Ive had to downgrade a machine of mine due to bugs in stable10, however
since the downgrade im noticing a HELL of a lot of TCP_SWAPFAIL_MISS/200
Messages in access.log. And I do mean an extreme amount.
Hi,
Ok, well you were all right! Unfortunately I didn't know that the allow acl
had to be above the deny.
Ive used this and it works like a charm.
acl misc_allow_list url_regex -i /etc/squid/block/misc_allow.list
http_access allow misc_allow_list
acl misc_block_list url_regex -i
On mån, 2008-11-17 at 15:25 +, Roger Thomas wrote:
Hi,
This is my first time posting to the mailing list, but I just wanted to know
whether anyone knew how to do the below:
I use the following to block a list of words from URL’s:
acl misc_block_list url_regex -i
On mån, 2008-11-17 at 08:48 -0800, Mark Krawec wrote:
I'm running Squid 3-STABLE10 and Samba 3.2.4.
My auth_param statement looks like:
auth_param ntlm program /usr/local/squid/libexec/ntlm_auth -b dc01 dc02
dc03
Ouch... see mailinglist discussions regarding this helper.
On tis, 2008-11-18 at 09:47 +0200, Marcel Grandemange wrote:
Good day.
Im wondering if anybody could shed some light for me.
Ive had to downgrade a machine of mine due to bugs in stable10, however
since the downgrade im noticing a HELL of a lot of TCP_SWAPFAIL_MISS/200
Messages in
On lör, 2008-11-15 at 05:51 +0900, Takashi Tochihara wrote:
I think to send Allow: 204 Preview: , squid must buffer not the
whole message, but the whole *Previewed* message. (part of the message)
Allow: 204 is not related to previews. It tells the ICAP server that
it's OK to respond with 204
On fre, 2008-11-14 at 02:05 +1300, Amos Jeffries wrote:
Based on this and a few other occurrences I'm beginning to suspect that
credential re-checks are missing on all reply controls.
Also reply_body_max_size is a fast acl lookup.
Regards
Henrik
signature.asc
Description: This is a
On tor, 2008-11-13 at 19:40 +0200, Marcel Grandemange wrote:
Under further investigation system log file presented following:
Nov 13 19:37:21 thavinci kernel: pid 66367 (squid), uid 100: exited on
signal 6 (core dumped)
Nov 13 19:37:21 thavinci squid[66118]: Squid Parent: child process
On fre, 2008-11-14 at 16:41 +0100, Rudi Vankemmel wrote:
I have seen quite some postings indicating errors when issuing a
squid -k reconfigure or squid -k rotate from within a chroot jail.
-k rotate should work fine in a chroot, but -k reconfigure requires a
bit of dual filesystem layout and
On fre, 2008-11-14 at 10:31 -0600, Johnson, S wrote:
I just got the squid_ldap_auth working ok on my segment but when
watching the protocol analyzer I see that the auth requests against the
AD are coming in as clear text passwords. Is there anyway we can
encrypt the ldap domain requests?
By
On lör, 2008-11-15 at 14:24 -0800, Gregori Parker wrote:
You could enforce proxy-pac file via global policy, or depending on
your network equipment, you may be able to do policy-based routing
(route by port) and/or even wccp...there are a several ways to get
squid inbetween your users and
On sön, 2008-11-16 at 10:48 -0800, Chuck Kollars wrote:
Eavesdropping on all network traffic from any connection used to be a big
problem when network hubs repeated all traffic everywhere. Although Ethernet
has changed hugely, the old paranoia remains. Any modern device is
a switch (not a
On tis, 2008-11-18 at 21:14 +1300, Amos Jeffries wrote:
Do you have the same 64/32 bit settings and --with-large-files on both
builds?
Didn't we make the cache and swap.state format large-files independent
in Squid-3?
Regards
Henrik
signature.asc
Description: This is a digitally signed
On ons, 2008-11-12 at 21:45 -0600, Johnson, S wrote:
I'm trying to get the squid_radius_auth working and have tried to
manually connect to my Microsoft radius server. I cannot get an ok
for a response when manually testing the connection. Although, I can
see the attempts in my Microsoft
Good day.
Im wondering if anybody could shed some light for me.
Ive had to downgrade a machine of mine due to bugs in stable10,
however since the downgrade im noticing a HELL of a lot of
TCP_SWAPFAIL_MISS/200
Messages in access.log. And I do mean an extreme amount.
Any ideas?
Sounds
Under further investigation system log file presented following:
Nov 13 19:37:21 thavinci kernel: pid 66367 (squid), uid 100: exited on
signal 6 (core dumped) Nov 13 19:37:21 thavinci squid[66118]: Squid
Parent: child process 66367 exited due to signal 6 Nov 13 19:37:24
thavinci
Good day.
Im wondering if anybody could shed some light for me.
Ive had to downgrade a machine of mine due to bugs in stable10, however
since the downgrade im noticing a HELL of a lot of TCP_SWAPFAIL_MISS/200
Messages in access.log. And I do mean an extreme amount.
Any ideas?
Do you
On fre, 2008-11-14 at 13:24 -0800, Ramon Moreno wrote:
How do I configure this parameter for 3 sites while using the same
port? I am guessing, but would it be something like this:
http_port 80 accel defaultsite=bananas.mysite.com vhost
http_port 80 accel defaultsite=apples.mysite.com vhost
On tis, 2008-11-18 at 12:01 +0200, Marcel Grandemange wrote:
How and why would this happen? The box hasn't been powered off in months.
Also first time something like this has happened.
So far im guesing it was upgrade to stable 10 that mucked things up.
Personally ive never had so many issues
Henrik Nordstrom wrote:
On tis, 2008-11-18 at 21:14 +1300, Amos Jeffries wrote:
Do you have the same 64/32 bit settings and --with-large-files on both
builds?
Didn't we make the cache and swap.state format large-files independent
in Squid-3?
Not 3.0 that I know of.
Certainly not different
Henrik Nordstrom wrote:
On fre, 2008-11-14 at 02:05 +1300, Amos Jeffries wrote:
Based on this and a few other occurrences I'm beginning to suspect that
credential re-checks are missing on all reply controls.
Also reply_body_max_size is a fast acl lookup.
That would be it. Thanks Henrik.
Hi, Henrik
From: Henrik Nordstrom [EMAIL PROTECTED]
Subject: Re: [squid-users] About squid ICAP implementation
Date: Tue, 18 Nov 2008 09:34:51 +0100
On lör, 2008-11-15 at 05:51 +0900, Takashi Tochihara wrote:
I think to send Allow: 204 Preview: , squid must buffer not the
whole message,
Hi,
I want to detect if any of my clients are using NAT on their end and serving
multiple PCs. While such detection is very difficult, I think the MaxConn
ACL directive seems to be a good way of minimize the impact. But, I'm not
sure how many concurrent connections should be an acceptable
Hi
I've been testing Squid's icap client (Squid 3.0Stable10) together with a
trial license of Kaspersky's kav4proxy version 5.5.51.
On specific websites I get a status 400 from the icap server when POST is
used together with icap reqmod.
Of course once just could deny the POST method for reqmod
How and why would this happen? The box hasn't been powered off in months.
Also first time something like this has happened.
So far im guesing it was upgrade to stable 10 that mucked things up.
Personally ive never had so many issues with any particular version of
squid.
As Amos already
--- On Tue, 11/18/08, Henrik Nordstrom [EMAIL PROTECTED] wrote:
From: Henrik Nordstrom [EMAIL PROTECTED]
Based on how long the object has been in the cache, and
received Age and
Date headers.
Thanks. If there is no received Age, then how to calculate the Age value?
Hello List,
I'am having problems with my squid 3 on Centos.
If I try to use POST-Method (e.g. Webmail, Bugzilla) the proxy returns
Read Timeout
No Error
I have no idea why this is happening.
Here's my Config:
snip
http_port 172.25.1.40:80
http_port 127.0.0.1:3128
hierarchy_stoplist cgi-bin ?
You might want to run make showconfig under each version of the port and verify
that none of the configuration options have changed on the new version of the
port.
Thanks,
Dean Weimer
Network Administrator
Orscheln Management Co
-Original Message-
From: Marcel
Hi,
I'm trying to modify logformat to display header of this folowing websites. My
purpose is to be able to use the correct pattern for refresh_pattern. Here are
my rules
acl googlevideo url_regex -i googlevideo\.com
acl kaspersky url_regex -i kaspersky\.com
acl kaspersky-labs url_regex -i
I just wanted to say thanks for the replies on this. I have not forgotten nor
am I putting your help in the trash bin, I have simply become overwhelmed with
other tasks at this point. I will get back to this thread as soon as possible
and as soon as I can start working on it so that I can try
sweet...had to compile a newer version of PCRE and do a bit of symbolic linking
but got it working!
Thanks!
PS...I like how you set your reply-to address to squid-users :)
- Original Message -
From: Henrik K
Date: Monday, November 17, 2008 11:25 pm
Subject: Re: [squid-users] Regex
Is posible to configure squid to access the internet using a SOCKS5 server
the configuration does not have a direct option to do this, so I tried
using tsocks, but
squids returns to the browser :
The following error was encountered:
Zero Sized Reply
Any idea how to solve the problem?? Any
Amos Jeffries wrote:
ICP is yet another very different way of choosing the peer to send
through. It's always on by default so needs to be turned off for the
methods that break with ICP selection.
Care to expound on this? What cache_peer selection methods break with
ICP enabled? I'm not
Kinkie wrote:
Could you try a more recent version of squid?
I don't think that 2.6S4 supports proxying content when the server
only offers ntlm authentication
For what it's worth, any 2.6 (or 2.7) release should perform the
required connection pinning to proxy NTLM authentication...
Roger Thomas wrote:
Hi,
This is my first time posting to the mailing list, but I just wanted to know
whether anyone knew how to do the below:
I use the following to block a list of words from URL’s:
acl misc_block_list url_regex -i /etc/squid/block/misc_block.list
http_access deny
zulkarnain wrote:
Hi,
I'm trying to modify logformat to display header of this folowing websites. My
purpose is to be able to use the correct pattern for refresh_pattern. Here are
my rules
acl googlevideo url_regex -i googlevideo\.com
acl kaspersky url_regex -i kaspersky\.com
acl
Hello List,
I'am having problems with my squid 3 on Centos.
If I try to use POST-Method (e.g. Webmail, Bugzilla) the proxy returns
Read Timeout
No Error
This error indicates a network issue below Squid. The remote server has
been sent and accepted the request, but has not sent back any
sweet...had to compile a newer version of PCRE and do a bit of symbolic
linking but got it working!
Thanks!
PS...I like how you set your reply-to address to squid-users :)
Reply-All in the mailer. ;)
Amos
- Original Message -
From: Henrik K
Date: Monday, November 17, 2008
Hi,
I'm trying to modify logformat to display header of this folowing
websites. My purpose is to be able to use the correct pattern for
refresh_pattern. Here are my rules
acl googlevideo url_regex -i googlevideo\.com
acl kaspersky url_regex -i kaspersky\.com
acl kaspersky-labs url_regex
Amos Jeffries wrote:
ICP is yet another very different way of choosing the peer to send
through. It's always on by default so needs to be turned off for the
methods that break with ICP selection.
Care to expound on this? What cache_peer selection methods break with
ICP enabled? I'm not
On tis, 2008-11-18 at 12:37 -0900, Chris Robertson wrote:
Care to expound on this? What cache_peer selection methods break with
ICP enabled? I'm not seeing anything regarding this in the
documentation (http://www.squid-cache.org/Doc/config/cache_peer/)...
None or all depending on your
41 matches
Mail list logo