Hello.
Version: Squid 3.0.STABLE13 on Gentoo 2.6.22-vs2.2.0.7
`squid -k reconfigure` do not close old authenticator processes if that
was a clients. So my 'NTLM Authenticator Statistics' looks like below.
Is anybody has same symptom?
Oleg.
pre
NTLM Authenticator Statistics:
program:
Hi, Amos
Ah, you need the follow_x_forwarded_for feature on Proxy(1).
That's right, I know about that, but I'd like to use source address
spoofing...
Just only following enables my anxiety.
replacing In tunnelStart()#tunnel.cc
sock = comm_openex(SOCK_STREAM,
Chris Robertson wrote:
Phibee Network Operation Center wrote:
Hi
i have a new problems with my Squid Server (NTLM AD)
My configuration:
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 15
auth_param ntlm keep_alive on
auth_param basic
Chris Woodfield wrote:
So I'm running with COSS under 2.7STABLE6, we've noticed (as I can see
others have, teh Googles tell me so) that the COSS rebuild a. happens
every time squid is restarted, and b. takes quite a while if the COSS
stripes are large. However, I've noticed that while the
joe ryan wrote:
Hi,
I have a simple webserver that listens on port 80 for requests. I
would like to secure access to this webserver using squid and SSL. I
can access the simple website through http without any issue. When I
As your config shows. Squid is never involved with port 80 inbound
Wilson Hernandez - MSD, S. A. wrote:
Hello.
I was writing a script to control traffic on our network. I created my
rules with tc and noticed that it wasn't working correctly.
I tried this traffic shaping on a linux router that has squid doing
transparent cache.
When measuring the download
Oleg wrote:
Hello.
Version: Squid 3.0.STABLE13 on Gentoo 2.6.22-vs2.2.0.7
`squid -k reconfigure` do not close old authenticator processes if that
was a clients. So my 'NTLM Authenticator Statistics' looks like below.
Is anybody has same symptom?
Maybe. The 23 of 15 issue has been resolved
Hi,
I'm still trying to solve this issue but I was not able to find a solution.
Here follows the log where SQUID assigns the 600 code that DansGuardian
is not able to process:
2009/04/10 15:17:08| clientProcessRequest: GET
'http://dst.domain.com/sc-security/registrazione.html'
2009/04/10
Hello all,
Tproxy-4 patch for squid 2.7 STABLE6 is been released. Tproxy helps in
IP spoofing, which means when a browser request for an URL, the client
IP is sent to the webserver instead of the proxy server's IP.
The patch is available at http://www.visolve.com/squid/squid-tproxy.php
On Apr 22, 2009, at 4:56 AM, Amos Jeffries wrote:
Chris Woodfield wrote:
So I'm running with COSS under 2.7STABLE6, we've noticed (as I can
see others have, teh Googles tell me so) that the COSS rebuild a.
happens every time squid is restarted, and b. takes quite a while
if the COSS
Hi,
one of our customers has an issue with a Debian Lenny based squid 3.x in
connection with an IBM Proventia security appliance.
The setup is like this:
internet - proventia - squid
Now proventia comes with a transparent web content filter, removing
dangerous things (viruses, ...) from
...and sure enough, it's right there in -h output...
cache$ /usr/local/squid/sbin/squid -h
...
-FDon't serve any requests until store is rebuilt.
...
/me goes to write I will RTFM Before Posting To squid-users 100
times on the whiteboard... :)
-C
On Apr 22,
Amos Jeffries-2 wrote:
acl localhost src 192.168.2.5 # 192.168.2.5 Server IP, 192.168.2.1 Modem
IP
localhost is a special term used in networking to mean the IPs 127.0.0.1
and sometimes ::1 as well. When defining an ACL for 'public' squid box IPs
its better to use a different name.
Greetings
working on creating a simple web access cache with authentication. I
want to use my current LDAP directory to get login info.
running squid 3.0 stable 13
so close. clients browser pops up and asks for credentials. The
username and pass are given and the browser prompts again.
Udo Rader wrote:
Hi,
one of our customers has an issue with a Debian Lenny based squid 3.x in
connection with an IBM Proventia security appliance.
The setup is like this:
internet - proventia - squid
Now proventia comes with a transparent web content filter, removing
dangerous things
Matus UHLAR - fantomas wrote:
I'm upgrading to 3.0 (finally) and I see that the new refresh_pattern
default was added in the config file:
refresh_pattern (cgi-bin|\?) 0 0% 0
I hope this is just to always verify the dynamic content, and should not
have any impact of caching it,
Mikio Kishi wrote:
Hi, Amos
Ah, you need the follow_x_forwarded_for feature on Proxy(1).
That's right, I know about that, but I'd like to use source address
spoofing...
Just only following enables my anxiety.
lol.
replacing In tunnelStart()#tunnel.cc
sock =
Amos Jeffries wrote:
So of course the problem is proventia corrupting the HTTP headers and
we will raise an issue about that with IBM.
But for the time being: is there a chance to make squid more
tolerant about those kind of problems? Without surprize I did not
find any fitting config
Henrique M. wrote:
Amos Jeffries-2 wrote:
acl localhost src 192.168.2.5 # 192.168.2.5 Server IP, 192.168.2.1 Modem
IP
localhost is a special term used in networking to mean the IPs 127.0.0.1
and sometimes ::1 as well. When defining an ACL for 'public' squid box IPs
its better to use a
Hello,
I have 4 cache servers on the same network, configured as siblings, with
cache digests rutned on. AFAIK using cache digests (nearly) wipes out
benefits of ICP. Now I am not sure, if:
- I should turn ICP off
- I should turn icp_hit_stale on (allow_miss is off)
- should I leave it as it is?
Hello,
I would like to know if with SQUID it is possible to disable a resource
via a POST, PUT or DELETE request on a resource caching via a GET (same
URI)
Here is an example of what I would do:
* A client sends a GET request on a page ex : / mapage1
* The response is cached by the proxy SQUID
Just tested this - -F appears to work for aufs rebuilds but not COSS
rebuilds.
To reproduce:
- Config squid with an aufs and a coss store, like so:
cache_dir aufs /usr/squidcache 5000 16 256 min-size=50
cache_dir coss /usr/squidcache/coss1.dat 500 block-size=4096 max-
size=50
Hello,
I was searching for the logic of setting visible_hostname and
unique_hostname. I found out that value of unique_hostname is set by calling
getMyHostname() function, which returns value of visible_hostname, if it's
set. However, I would prefer not to do this - to use autodected hostname,
Hello Amos and fellow Squid users, I am running Squid 3.0. I would like to
block access to port 8080 accept for one or two public IPs and one or two
internal class C IPs (192.168.1.1/24). Please advise if you have some definite
caveats to share. Thanks, David.
OS: CentOS 5.2
Squid: 3.0
port
Hi,
This is my first post.
I have two proxies
Network(Users) - ProxyA (sibling)--
ProxyB (parent)
In proxyA I have:
forwarded_for on
In ProxyB I have:
follow_x_forwarded_for allow all
No there's not. See:
http://www.squid-cache.org/bugs/show_bug.cgi?id=2627
On 23/04/2009, at 7:59 AM, Dean Weimer wrote:
Working on Testing a child parent proxy setup using HTCP, I was
wondering if there is any way to see a log of the HTCP requests on
the parent similar to how you see the
Squid2-HEAD does this. See:
http://www.squid-cache.org/Versions/v2/HEAD/changesets/12355.patch
(be aware that that has dependencies on several other changesets on
HEAD)
Cheers,
On 23/04/2009, at 1:42 AM, pgrisolano@orange-ftgroup.com pgrisolano@orange-ftgroup.com
wrote:
I am trying to use the ESI parser in Squid. I have compiled with
--enable-esi and set esi_parser custom in my squid.conf file.
Through the squid client, I can access a JSP page running on my local machine,
but I am unable to parse ESI pages.
Questions:
1) Is there a set of instructions
Hi
I'm new to Squid. New in the sense that this time yesterday, I didn't know
what Squid was. I knew what I wanted to achieve though, and I've achieved
most of this today using Squid and a few helpful online guides...
To have users promted to authenticate when they start their browser (Check)
Matus UHLAR - fantomas wrote:
Hello,
I was searching for the logic of setting visible_hostname and
unique_hostname. I found out that value of unique_hostname is set by calling
getMyHostname() function, which returns value of visible_hostname, if it's
set. However, I would prefer not to do this
Alejandro Martinez wrote:
Hi,
This is my first post.
I have two proxies
Network(Users) - ProxyA (sibling)
-- ProxyB (parent)
In proxyA I have:
forwarded_for on
In ProxyB I have:
follow_x_forwarded_for
gavguinness wrote:
Hi
I'm new to Squid. New in the sense that this time yesterday, I didn't know
what Squid was. I knew what I wanted to achieve though, and I've achieved
most of this today using Squid and a few helpful online guides...
To have users promted to authenticate when they start
On Wed, 2009-04-22 at 22:20 +, James Ellis wrote:
I am trying to use the ESI parser in Squid. I have compiled with
--enable-esi and set esi_parser custom in my squid.conf file.
You shouldn't need to set esi_parser at all.
Through the squid client, I can access a JSP page running on my
i do believe a native squid transparent settings will do this. you can
configure squid with transparency settings, configure squid with authentication
(basic or LDAP) , set your Unix box (i will assume Linux) to be the default
gateway, enable ip forwarding (act as a router), configure ipchains
Amos Jeffries wrote:
So of course the problem is proventia corrupting the HTTP headers and
we will raise an issue about that with IBM.
But for the time being: is there a chance to make squid more
tolerant about those kind of problems? Without surprize I did not
find any fitting config
Hello,
Periodically I get messages in cache.log like:
redirector #1 (FD 6) exited
It is possible to put squid in a debug mode level so I can see what query was
submitted that caused my redirector to die?
- Mensagem encaminhada -
De: Pedro Corá pedro.c...@interop.com.br
Para: squid-users@squid-cache.org
Cc: Romulo Giordani. Boschetti rom...@interop.com.br
Enviadas: Quarta-feira, 22 de Abril de 2009 19:19:54 (GMT-0300) Auto-Detected
Assunto: Problem accessing a webpage
Hi there.
No there's not. See:
http://www.squid-cache.org/bugs/show_bug.cgi?id=2627
Aye. FWIW I'm clearing up the logging code in 3.1 and extending it in 3.2.
When the 3.1 cleanup is done and approved I'll take a look at how easy
adding HTCP would be for that release. But chances are small for
I've been able to do a little more monitoring on squid - the DNS Lookups are
still below 1 seconds for the 5 minute averages during the times when there
is a slowdown in squid response. And the connections averages around 5 per
seconds, just like the time when there isn't a slow down...
Just
i do believe a native squid transparent settings will do this. you can
configure squid with transparency settings, configure squid with
authentication (basic or LDAP) , set your Unix box (i will assume Linux)
to be the default gateway, enable ip forwarding (act as a router),
configure
gavguinness wrote:
Hi
I'm new to Squid. New in the sense that this time yesterday, I didn't
know
what Squid was. I knew what I wanted to achieve though, and I've
achieved
most of this today using Squid and a few helpful online guides...
To have users promted to authenticate when they
On Wed, Apr 22, 2009 at 2:55 PM, Amos Jeffries squ...@treenet.co.nz wrote:
Wilson Hernandez - MSD, S. A. wrote:
Hello.
I was writing a script to control traffic on our network. I created my
rules with tc and noticed that it wasn't working correctly.
I tried this traffic shaping on a linux
All,
Below the lines that exist in my squid.conf
acl our_networks src 192.168.1.0/24
http_access allow our_networks
http_access deny all
Will it be more effective below? And what is the impact?
acl our_networks src 192.168.1.0/24
http_access deny !our_networks
(and line http_access deny all
Done. http://www.squid-cache.org/bugs/show_bug.cgi?id=2648
Amos Jeffries пишет:
Oleg wrote:
Hello.
Version: Squid 3.0.STABLE13 on Gentoo 2.6.22-vs2.2.0.7
`squid -k reconfigure` do not close old authenticator processes if
that was a clients. So my 'NTLM Authenticator Statistics' looks like
44 matches
Mail list logo