On 29.09.09 02:20, tookers wrote:
Why not make use of some of your RAM for cache_mem? It will make requests
for smaller, more frequently requested files a hell of a lot quicker, and it
should give you a better hit ratio.
mostly because we weren't sure if his RAM will be enough for the cache
On 28.09.09 15:04, Chris Hostetter wrote:
My company currently runs several clusters of application servers
behind load balancers, which are each in turn sitting behind a cluster
of squid machines configured as accelerators. each squid cluster is then
sitting behind a load balancer that is
I am using squid2.6stable18 on ubuntu 8.04 server.
I have configured squid for very basic proxy and my squid.conf is below.
I am not able to access thunderbird email through this proxy
configuration, I am using thunderbird from a Ubuntu client, but i am
able to access internet using
Thanks for response.
I will try it.
But as Markus mentioned before, authentication doesn't need any configured
KDCs because it looks into AD - it didn't help for me maybe caused by one kdc
entry in the realm section you mentioned below.
I hope I find time to test both scenarios.
Regards
--
View this message in context:
http://www.nabble.com/%27Waiting-For...%27-tp25747264p25747264.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Recently I've observed squid hanging.
I've only noticed this on some forum websites such as
http://forums.overclockers.com.au
The Paige loads 100% (As far as i can observe) but still the page appears to
be loading, displaying the messages Waiting for url or Transferring data
from which never
Hi,
my company are going to buy Websense web security suite.
It seems to be able to decrypt and check contents in ssl tunnel.
Is it really important to do this to prevent malicius code or dangerous
threat?
Thanks and regards.
Ivan
On Wed, 30 Sep 2009 14:58:08 +0200,
fre 2009-09-25 klockan 16:30 -0500 skrev Luis Daniel Lucio Quiroz:
Hi,
I have a squid with some parents. Suddenly I'm habb
2009/09/25 16:09:03| TCP connection to 10.10.50.233/3228 failed
2009/09/25 16:09:03| TCP connection to
fre 2009-09-25 klockan 17:40 -0500 skrev Luis Daniel Lucio Quiroz:
I dont know usernames users try. I just wonder if there is a way to tell
squid to ignore usernames that they doesnt exists.
access.log should contain the user info. Look for TCP_DENIED/407
responses with a username.
Regards
fre 2009-09-25 klockan 17:40 -0500 skrev Luis Daniel Lucio Quiroz:
I dont know usernames users try. I just wonder if there is a way to tell
squid to ignore usernames that they doesnt exists.
Maybe an external ACL with 2 days cache?
Unfortunately not. Authentication have to be passed before
mån 2009-09-28 klockan 12:23 +0400 skrev Mario Remy Almeida:
Hi Amos,
Thanks for that, My problem is solved.
Is there any way to by-pass such problems. I mean for known source IP if
HTTP headers are not set then still it is pass through.
There is preleminary support for chunked encoding
mån 2009-09-28 klockan 17:55 -0400 skrev Matthew Morgan:
Is it possible to set range_offset_limit per domain?
Not today, but should not be too hard to add in the code.
If you know a little C programming then you are very welcome to give it
a try. Just join squid-dev list and ask for hints on
tis 2009-09-29 klockan 15:41 +0800 skrev wangwen:
alter HTTP_Port as follow:
http_port 192.168.0.164:88 accel vhost defaultsite=192.168.24.198
When Clients access http://192.168.0.164:88/rdims/index.jsp
HTTP request header which Squid sent to backend server is:
GET /rdims/index.jsp
tis 2009-09-29 klockan 02:41 -0700 skrev tookers:
Hello all,
I'm running several Squid boxes as reverse proxies, the problem i'm seeing
is when there are a high number of connections in the region of 80,000 per
Squid at peak I'm getting 1,000's of TCP_MISS for the same URL hitting the
back
fre 2009-09-25 klockan 10:57 -0500 skrev Dean Weimer:
2009/09/25 11:38:07| SSL unknown certificate error 18 in...
2009/09/25 11:38:07| fwdNegotiateSSL: Error negotiating SSL connection on FD
15: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed (1/-1/0)
This
tis 2009-09-29 klockan 07:54 -0500 skrev Dean Weimer:
I didn't see that one, though I have the real certificate now and
everything is working with it. I figure the sslflags on the cache peer
settings should accomplish the same thing, but they didn't seem to make
a difference whether I
Henrik Nordstrom wrote:
mån 2009-09-28 klockan 12:23 +0400 skrev Mario Remy Almeida:
Hi Amos,
Thanks for that, My problem is solved.
Is there any way to by-pass such problems. I mean for known source IP if
HTTP headers are not set then still it is pass through.
There is preleminary support
tis 2009-09-29 klockan 00:10 -0400 skrev Michael Lenaghan:
I've had a very difficult time finding good docs for vhost, vport and
defaultsite. I've looked and I've searched in many places, but I
haven't found anything that would help me explain *why* this change
worked. Indeed, the bits I did
tor 2009-09-24 klockan 09:30 -0700 skrev dtinazzi:
You can see the request has the starting part truncated (all final
characters are mine...), probably it's the reason because I've unsupported
method error and then Invalid request, but I've these problems only for
certain pages and not
tis 2009-09-29 klockan 09:52 -0700 skrev dtinazzi:
Anyway, the only way to resolve this problem seems to be to update Squid,
right?
Worth a try, but doubt it will make a difference. What needs to be done
is identify why the client and Squid gets out of sync. Either the client
is sending bad
ons 2009-09-30 klockan 15:35 +1200 skrev dmor...@tycoflow.co.nz:
I have now built another Squid server based on 3.0 STABLE19 but am
experiencing the same results.
I can resolve all non-FQDN addresses perfectly (across our three internal
domains) from the server command line yet Squid refuses
Al - Image Hosting Services wrote:
Hi,
I seem to have created a lot of problems for myself. We are using squid
with custom written software to filter web content. Because the server
is in one location and my users are in other locations and because of
the large number of hours spent helping
could any body tell me How can i leave this mail list.
Leonel Florín Selles wrote:
could any body tell me How can i leave this mail list.
http://www.squid-cache.org/Support/mailing-lists.dyn
To unsubscribe ...
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.14
ons 2009-09-30 klockan 08:28 -0500 skrev Luis Daniel Lucio Quiroz:
Hi all,
Well, after implementing cache, in a heavy environment (with about 5k users)
I'm seeing that our squid is not freeing far enough objects, our 100GB disk
cache fills in 5 days. I wonder I misunderstood
tor 2009-10-01 klockan 07:45 -0400 skrev mic...@casa.co.cu:
Would like to make a script for my squid server then checks against
mysql search if the user is connected, compare against a file if the
user exists in that list, take the ip address that I assign freeradius
(stored in mysql)
tor 2009-10-01 klockan 23:01 +0200 skrev - leer -:
Dear guys,
I have running Squid 2.7 under SUSE.
And it works fine with a parent Squid in another network.
But when I use the IP to my webserver for example 192.168.0.1
I can't get the page, because Squid is trying to resolv the IP
with the
fre 2009-10-02 klockan 14:09 +1300 skrev Amos Jeffries:
Is this still usable with squid 3.x?
I believe so. There have been no problem reports here to my knowledge.
There is a small patch required for 2.6 or later at
http://www.henriknordstrom.net/code/
The cache storage systems have not
fre 2009-10-02 klockan 11:42 +0200 skrev Stefan Dengscherz:
i'm using 'external_acl_type' with a homebrew script to lookup remote
user ids via the windows registry at the moment because NTLM and
Kerberos did not work well in my environment.
Interesting. Can you provide more information on the
tis 2009-09-29 klockan 21:28 -0500 skrev David Boyer:
I've been using squid_ldap_auth (Squid 2.7, SLES 11) for basic
authentication, and it wasn't terribly difficult to set up. What
concerns me is the passing of credentials from the browser to Squid in
plain text. When we use basic
fre 2009-10-02 klockan 14:56 -0500 skrev Al - Image Hosting Services:
This is where I ran into problems. Both https and ftp are filtered fine
when configured in the browser, but don't work when just pushed to the
proxy though the software. Since the software runs on the end users
mån 2009-10-05 klockan 02:05 -0700 skrev Morphine.:
Recently I've observed squid hanging.
I've only noticed this on some forum websites such as
http://forums.overclockers.com.au
The Paige loads 100% (As far as i can observe) but still the page appears to
be loading, displaying the messages
mån 2009-10-05 klockan 22:56 +1300 skrev Amos Jeffries:
I'm not sure if that applies to this situation since it requires an
intermediate proxies to upgrade as well.
Ofcourse.
For the record, Chunked coding is in all current 3.x releases since
3.0.STABLE16.
That's just responses right?
espoire20 wrote:
I use sarg to generate the report but my disk space come full now so
i need to create a logrotate. so like this i can rotates my logs every
day and automatically delete the eldest logs. I should configure it to
rotate my squid logs every week and keep the logs for more
-Original Message-
From: Henrik Nordstrom [mailto:hen...@henriknordstrom.net]
Sent: Monday, October 05, 2009 4:48 AM
To: Dean Weimer
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] SSL Reverse Proxy testing With Invalid
Certificate, can it be done.
fre 2009-09-25
Squid version 2.6. This is the apt-get version for ubuntu 8.04. I think you
are right about the ignore-reload.
Here is my squid.conf that I will put into production at 3pm today.
http_port 3128
acl QUERY urlpath_regex cgi-bin \?
cache_mem 512 MB# May need to set lower if I run low on RAM
Hi,
I configured ssl_bump as follows:
sslproxy_version 1
ssl_bump allow all
sslproxy_cert_error deny all
always_direct allow all
http_port 3128 sslBump cert=/usr/local/squid/etc/cert.pem
My problem is, that the client receives a certificate issued fo the
squid, not
for the original server
Henrik Nordstrom-5 wrote:
tis 2009-09-29 klockan 02:41 -0700 skrev tookers:
Hello all,
I'm running several Squid boxes as reverse proxies, the problem i'm
seeing
is when there are a high number of connections in the region of 80,000
per
Squid at peak I'm getting 1,000's of TCP_MISS
Henrik Nordstrom wrote:
mån 2009-10-05 klockan 02:05 -0700 skrev Morphine.:
Recently I've observed squid hanging.
I've only noticed this on some forum websites such as
http://forums.overclockers.com.au
The Paige loads 100% (As far as i can observe) but still the page appears to
be loading,
Hi,
we're seeing something odd on squid v2.6.18-1ubuntu3. I know this is an
old version and not recommended but I just thought I'd point it out to make
sure this has been fixed in a more recent version.
After some time running, a couple of squid's pointers appear to be
wrapping, like signed
Hello,
I have squid up and running and the one issue which is causing
headaches is the viewing of PDF files. From sites which are in my
'approved' list, if I click on a PDF link, my browser (Firefox) will
just hang and I eventually have to kill it. If I do the same action
without going
Henrik Nordstrom wrote:
mån 2009-09-28 klockan 17:55 -0400 skrev Matthew Morgan:
Is it possible to set range_offset_limit per domain?
Not today, but should not be too hard to add in the code.
If you know a little C programming then you are very welcome to give it
a try. Just join
Dear Amos,
thank you for your fast help. The config works perfectly.
Kind regards
Michael
Amos Jeffries schrieb:
You have a big huge problem.
You wanted a reverse proxy. But you configured something else very weird
instead.
Also, the bug in Squid-3 which allowed this configuration to work
I use Debian 5.0 with kernel 2.6.31 compiled with tproxy
dmesg |grep TPROXY
I downloaded ad installed iptables from git.balabit.hu/bazsi
I use current squid (version squid-3.HEAD-20090929) with options
'--enable-linux-netfilter'
I can't open web page from client.
The following error was
Hello all,
I would like to know if there is a way to query squid for the total
amount of files that it has in its cache.
Reason is we are using squid in http_accell mode and if I do a wget on
/ I can get a listing of all the files that reside on the docroot
and all the directories that are there
* Miguel Cruz toky.c...@gmail.com:
Hello all,
I would like to know if there is a way to query squid for the total
amount of files that it has in its cache.
Yes, via SNMP
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin
On Mon, 5 Oct 2009 21:51:15 +0200, Roman ro...@snaiper.net wrote:
I use Debian 5.0 with kernel 2.6.31 compiled with tproxy
dmesg |grep TPROXY
I downloaded ad installed iptables from git.balabit.hu/bazsi
I use current squid (version squid-3.HEAD-20090929) with options
On Mon, 5 Oct 2009 16:33:10 -0400, Miguel Cruz toky.c...@gmail.com wrote:
Hello all,
I would like to know if there is a way to query squid for the total
amount of files that it has in its cache.
Reason is we are using squid in http_accell mode and if I do a wget on
/ I can get a listing
Hello all,
have somebody already get some experience with squid_ldap_group on squid
2.7.X because I try to find some info on what reasonable value I can
define for concurrency and if concurrency can also be used with children
... let we say something like this :
external_acl_type name
On Mon, 05 Oct 2009 14:30:06 +0200, Henrik Nordstrom
hen...@henriknordstrom.net wrote:
mån 2009-10-05 klockan 22:56 +1300 skrev Amos Jeffries:
I'm not sure if that applies to this situation since it requires an
intermediate proxies to upgrade as well.
Ofcourse.
For the record, Chunked
On Mon, 05 Oct 2009 10:59:49 -0400, Carsten Lührs carsten...@aol.com
wrote:
Hi,
I configured ssl_bump as follows:
sslproxy_version 1
ssl_bump allow all
sslproxy_cert_error deny all
always_direct allow all
http_port 3128 sslBump cert=/usr/local/squid/etc/cert.pem
My problem is, that
On Mon, 5 Oct 2009 10:23:20 -0700, Randall Fidler rfidle...@gmail.com
wrote:
Hello,
I have squid up and running and the one issue which is causing
headaches is the viewing of PDF files. From sites which are in my
'approved' list, if I click on a PDF link, my browser (Firefox) will
just
Hello!
I've been hunting, but I can't find any extra info on the
--enable-ntlm-fail-open configure argument.
What needs to be setup in the squid.conf to enable this behaviour?
This has been asked before:
http://www.squid-cache.org/mail-archive/squid-users/200512/0328.html
But there was no
Matthew Morgan-3 wrote:
Henrik Nordstrom wrote:
mån 2009-10-05 klockan 02:05 -0700 skrev Morphine.:
Recently I've observed squid hanging.
I've only noticed this on some forum websites such as
http://forums.overclockers.com.au
The Paige loads 100% (As far as i can observe) but still
54 matches
Mail list logo