Re: [squid-users] Squid 3.1.12 is available

On Wed, 6 Apr 2011 11:26:09 +0800, Sharl.Jimh.Tsin wrote: how about the dev branch? i found the tarball of 6th version of 3.2.0.x,any information? The bundles were made, however we have already found a few nasty problems. I'm giving it a few more days to see how much can be fixed. Amos

Re: [squid-users] Problems with transparancy and pf

On Tue, 5 Apr 2011 10:49:37 -0400, Kevin Wilcox wrote: On Wed, Mar 30, 2011 at 01:06, Indunil Jayasooriya wrote: some PF syntax have been changed since OpenBSD 4.7. one is rdr . pls see this http://www.openbsd.org/faq/upgrade47.html So, when it comes to FreeBSD 8.2, I do NOT know, whether t

Re: [squid-users] Squid 3.1.12 is available

how about the dev branch? i found the tarball of 6th version of 3.2.0.x,any information? Best regards, Sharl.Jimh.Tsin (From China **Obviously Taiwan INCLUDED**) 2011/4/5 Amos Jeffries : > The Squid HTTP Proxy team is very pleased to announce the > availability of the Squid-3.1.12 release! > >

Re: [squid-users] Fwd: squid 3.1 to export access_log to rsyslog

On Tue, 5 Apr 2011, osm...@es.quimefa.cu wrote: Hi everyone, I would like to know how to export access_log in squid to a central rsyslog in my network I know I should you a local rsyslog daemon to forward logs to the central server but I just can't get squid to actually write to the local rsysl

[squid-users] request_body_max_size

hi, can anybody show me an example for some domain limit file size? let say global download limit is 100MB domain for dell.com more than 100MB > 400MB limit. (for downloading drivers) what about time based download ? acl working time MTWHF 08:00-17:00 how to do this ? i'm using squid 2.6 ST

RE: [squid-users] Why doesn't REQUEST_HEADER_ACCESS work properly with aclnames?

Hello Amos, > What is the definition of OFFICE ? > request_header_access are fast ACL which will not wait for unavailable > details to be fetched. Ah! proxy_auth :) Jenny

Re: [squid-users] filter http body (xml) content with dynamic behaviour

On Tue, 5 Apr 2011 23:21:45 +0200, dario p wrote: Hello! I'm dario, from italy! I was looking to squid because i need a proxy that can filter request to my server. I need a proxy to filter web-service request like soap message (tcp-http-soap-xml). The request body of http is a xml. I want somethi

Re: [squid-users] Transparent proxy

On Wed, 06 Apr 2011 08:40:32 +1200, Mike Bordignon (GMI) wrote: Hello I'm using squid 3.1.6 on Debian Squeeze. I run two instances of squid - on port 3128 and 3129. The instance on port 3128 services my LAN clients, authenticating via Kerberos/negotiate. The other instance acts as a transparent

Re: [squid-users] Why doesn't REQUEST_HEADER_ACCESS work properly with aclnames?

On Tue, 5 Apr 2011 18:26:45 +, Jenny Lee wrote: Hello Squid Folks, Here is an excerpt from squid.conf.documented: # TAG: request_header_access # Usage: request_header_access header_name allow|deny [!]aclname ... This seems to work only as: request_header_access User-Agent deny al

Re: [squid-users] block upload / attachment

On Tue, 5 Apr 2011 16:34:22 -0400, Mohammad Fattahian wrote: Hi folk, I want to restric my users upload (Attachment) capacity. I'm using Squid Version 2.6.STABLE21 This is one part of my configuration: acl UPLIMIT req_header Content-Length [5-9][0-9]{5,} acl UPMETH method post http_access den

Re: [squid-users] Limiting outgoing port range.

"Thomas Pietsch" 4/5/2011 3:08 AM >>> Hey, yes i am referring to outbound ports. I know there is no speed advantage of doing so. Its simply a security matter (firewaling, trusted partys and so on .. ). So the proxy shall be running on the same machine as the browser and then proxy every requ

Re: [squid-users] Proxy-Connection: Keep-Alive

On Tue, 5 Apr 2011 22:55:07 +0100, Markus Moeller wrote: Which RFC describes Proxy-Connection: Keep-Alive ? Thank you Markus AFAICT there is no RFC or even draft. It was a failed experiment from way, way back. Current Squid will no longer send it but may (only sometimes) treat it like Conn

Re: [squid-users] Fwd: squid 3.1 to export access_log to rsyslog

On Tue, 05 Apr 2011 09:24:52 -0400, osm...@es.quimefa.cu wrote: Hi everyone, I would like to know how to export access_log in squid to a central rsyslog in my network I know I should you a local rsyslog daemon to forward logs to the central server but I just can't get squid to actually write t

[squid-users] Proxy-Connection: Keep-Alive

Which RFC describes Proxy-Connection: Keep-Alive ? Thank you Markus

[squid-users] squid reverse proxy config problem

I'm having some trouble with squid. I wish i could config something like this: Client(192.168.0.60)---Proxy(Squid+GreasySpoon)(2interface:192.168.0.50 and 196.254.19.30)---Server(Apache and Tomcat)(196.254.19.13). I've read that i should config squid like reverse proxy, but i'm having some trouble.

[squid-users] filter http body (xml) content with dynamic behaviour

Hello! I'm dario, from italy! I was looking to squid because i need a proxy that can filter request to my server. I need a proxy to filter web-service request like soap message (tcp-http-soap-xml). The request body of http is a xml. I want something like count the number of the tag inside the xml a

[squid-users] Transparent proxy

Hello I'm using squid 3.1.6 on Debian Squeeze. I run two instances of squid - on port 3128 and 3129. The instance on port 3128 services my LAN clients, authenticating via Kerberos/negotiate. The other instance acts as a transparent proxy (via a DNAT rule on a router). I have two questions.

[squid-users] block upload / attachment

Hi folk, I want to restric my users upload (Attachment) capacity. I'm using Squid Version 2.6.STABLE21 This is one part of my configuration: acl UPLIMIT req_header Content-Length [5-9][0-9]{5,} acl UPMETH method post http_access deny group1 UPMETH UPLIMIT This blocks anything => 500 KB I just

Re: [squid-users] storeClientReadHeader: no URL!

On Tue, Apr 5, 2011 at 12:32 AM, Amos Jeffries wrote: > On 05/04/11 17:09, Tory M Blue wrote: >>> >>> Problem is that this is happening in every cache server. Even if I >>> start clean I get these. What debug level/numbers can I use to track >>> this down? This happens constantly, so ya as you sai

[squid-users] Why doesn't REQUEST_HEADER_ACCESS work properly with aclnames?

Hello Squid Folks, Here is an excerpt from squid.conf.documented: # TAG: request_header_access # Usage: request_header_access header_name allow|deny [!]aclname ... This seems to work only as: request_header_access User-Agent deny all Why can't I do: request_header_access

Re: [squid-users] Fwd: squid-3.2.0.6 - make issue on OpenBSD 4.8 - 64 bit

On 04/05/2011 12:05 PM, Indunil Jayasooriya wrote: > Hi ALL, > > I downloaded squid-3.2.0.6 from below URL > > http://www.squid-cache.org/Versions/v3/3.2/squid-3.2.0.6.tar.gz > > > I ran (this is on OpenBSD 4.8 - 64 bit) > > ./configure > > It went fine. > > Then, ran > > make > > stoped a

Re: [squid-users] Problems with transparancy and pf

On Wed, Mar 30, 2011 at 01:06, Indunil Jayasooriya wrote: > some PF syntax have been changed since OpenBSD 4.7. one is rdr . pls see this > > http://www.openbsd.org/faq/upgrade47.html > > > So, when it comes to FreeBSD 8.2, I do NOT know, whether these syntax > are present. Pls check. I hate to

Re: [squid-users] Limiting outgoing port range.

In short, I don't believe so. Squid isn't meant to be limited in such ways, and I still stand firm in believing that OUTBOUND ports that get binded to a local machine has no effect on firewalling. Only DESTINATION ports are compared in Firewall ACL's. >>> "Thomas Pietsch" 4/5/2011 3:08 AM >>> H

Re: [squid-users] tproxy bridge very slow when cache is full

On 22.03.11 06:49, rpere...@lavabit.com wrote: > I have installed a bridge tproxy proxy in a fast server with 8GB ram. The > traffic is around 50mb/s. > > When I start for first time the proxy (with the cache empty) the proxy > works very well but when the cache becomes full (few hours later) the

[squid-users] Fwd: squid 3.1 to export access_log to rsyslog

Hi everyone, I would like to know how to export access_log in squid to a central rsyslog in my network I know I should you a local rsyslog daemon to forward logs to the central server but I just can't get squid to actually write to the local rsyslog daemon and I tried various things: access_log s

Re: [squid-users] Squid3 with ClamAV and Contentfilter

On 06/04/11 00:05, Sebastian Schnur wrote: First, thanks for your reply... Where did you get that "fact"? I don't recall that being true. I got it from several sites and my collegue. Didn't get anything in changlogs of squidclamav or libc-icap-mod-squidclamav

Re: [squid-users] 3.2.0.6 problems

On 05/04/11 23:34, Ralf Hildebrandt wrote: * Amos Jeffries: 3.2.0.6 has a fix for the mime.conf issues that hit 3.2.0.5. The old icons are moved to the new location (/var/www/squid/icons) so the names in the old mime.conf can be loaded. This also resolves issues with local customizations in mim

Re: [squid-users] Squid3 with ClamAV and Contentfilter

First, thanks for your reply... Where did you get that "fact"? I don't recall that being true. I got it from several sites and my collegue. Didn't get anything in changlogs of squidclamav or libc-icap-mod-squidclamav . * The old cl

[squid-users] Squid Proxy Server 3.1: Beginner's Guide

The Squid HTTP Proxy team is very pleased to announce and acknowledge the availability of this new Squid guide book authored by Kulbir Saini and published by Packt Publishing. This book seeks to be an introductory guide to Squid and specifically to the features available in the Squid-3 series

[squid-users] Squid 3.1.12 is available

The Squid HTTP Proxy team is very pleased to announce the availability of the Squid-3.1.12 release! This release fixes a range of bugs in 3.1 and a few regressions which have been found. A change to increase reply read buffers several releases back had the side-effect of reducing the initia

Re: [squid-users] 3.2.0.6 problems

* Amos Jeffries : > 3.2.0.6 has a fix for the mime.conf issues that hit 3.2.0.5. The old > icons are moved to the new location (/var/www/squid/icons) so the names > in the old mime.conf can be loaded. This also resolves issues with > local customizations in mime.conf. > > But it can break if the

Re: [squid-users] 3.2.0.6 problems

On 05/04/11 22:41, Ralf Hildebrandt wrote: * Helmut Hullen: Hallo, Ralf, Du meintest am 05.04.11: 1) squid won't start, since it complains about a missing /usr/share/squid3/iconsdirectory 2) Once I mkdir'ed that directory, squid will start, but it keeps crashing: 2011/04/05 11:56:50

Re: [squid-users] 3.2.0.6 problems

* Helmut Hullen : > Hallo, Ralf, > > Du meintest am 05.04.11: > > > 1) squid won't start, since it complains about a missing > > /usr/share/squid3/iconsdirectory > > > 2) Once I mkdir'ed that directory, squid will start, but it keeps > > crashing: > > > 2011/04/05 11:56:50| mimeLoadIconFile

Re: [squid-users] 3.2.0.6 problems

Hallo, Ralf, Du meintest am 05.04.11: > 1) squid won't start, since it complains about a missing > /usr/share/squid3/iconsdirectory > 2) Once I mkdir'ed that directory, squid will start, but it keeps > crashing: > 2011/04/05 11:56:50| mimeLoadIconFile: > /usr/share/squid3/icons/anthony-imag

[squid-users] Fwd: squid-3.2.0.6 - make issue on OpenBSD 4.8 - 64 bit

Hi ALL, I downloaded squid-3.2.0.6 from below URL http://www.squid-cache.org/Versions/v3/3.2/squid-3.2.0.6.tar.gz I ran (this is on OpenBSD 4.8 - 64 bit) ./configure It went fine. Then, ran make stoped at below error /usr/include/arpa/inet.h:74: warning: 'struct in_addr' declared inside

Re: [squid-users] 3.2.0.6 problems

* Ralf Hildebrandt : > 1) squid won't start, since it complains about a missing > /usr/share/squid3/icons >directory > > 2) Once I mkdir'ed that directory, squid will start, but it keeps > crashing: After purging the cache entirely, I'm getting: 2011/04/05 11:58:56| assertion failed: com

[squid-users] 3.2.0.6 problems

1) squid won't start, since it complains about a missing /usr/share/squid3/icons directory 2) Once I mkdir'ed that directory, squid will start, but it keeps crashing: 2011/04/05 11:56:47| assertion failed: comm.cc:216: "fd_table[fd].halfClosedReader != NULL" 2011/04/05 11:56:50| Starting Squ

Re: [squid-users] SSL traffic

On 05/04/11 21:40, Víctor José Hernández Gómez wrote: El 05/04/11 10:31, Amos Jeffries escribió: On 05/04/11 20:01, Víctor José Hernández Gómez wrote: Dear squid users, we remember to have measured the percentage of bandwitch devoted to SSL in our squid installation, and it was about 10 percen

Re: [squid-users] SSL traffic

El 05/04/11 10:31, Amos Jeffries escribió: On 05/04/11 20:01, Víctor José Hernández Gómez wrote: Dear squid users, we remember to have measured the percentage of bandwitch devoted to SSL in our squid installation, and it was about 10 percent of total traffic. SSL is not cacheable, and I think

Re: [squid-users] SSL traffic

On 05/04/11 20:01, Víctor José Hernández Gómez wrote: Dear squid users, we remember to have measured the percentage of bandwitch devoted to SSL in our squid installation, and it was about 10 percent of total traffic. SSL is not cacheable, and I think its use is increasing. I wonder if there is

[squid-users] SSL traffic

Dear squid users, we remember to have measured the percentage of bandwitch devoted to SSL in our squid installation, and it was about 10 percent of total traffic. SSL is not cacheable, and I think its use is increasing. I wonder if there is any experience with squid software using SSL engines

Re: [squid-users] storeClientReadHeader: no URL!

On 05/04/11 17:09, Tory M Blue wrote: Problem is that this is happening in every cache server. Even if I start clean I get these. What debug level/numbers can I use to track this down? This happens constantly, so ya as you said something is going on but it doesn't appear to be, someone mucking wi