Hi,
When i have heavy traffic that time squid always consume 100% cpu
utilization. Is there anyway to tune squid or OS to reduce cpu utilization?
When i remove traffic from router to squid means that time, there is no
traffic on squid box and that time also i can see same 100% cpu
mån 2011-12-19 klockan 23:53 +1300 skrev Amos Jeffries:
Do you have a trace from this server when requesting something from the
login-required area of the site?
If the requested URL contains login credentials then anonymous FTP login
SHOULD NOT be attempted.
Regards
Henrik
* Benjamin benjo11...@gmail.com:
Hi,
When i have heavy traffic that time squid always consume 100% cpu
utilization. Is there anyway to tune squid or OS to reduce cpu
utilization?
Usually restarting squid fixes things.
It does for me
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung
mån 2011-12-19 klockan 18:35 +0200 skrev E.S. Rosenberg:
Hi all,
We have a Cisco WLC controlling our local wireless network, I would
like it for squid to know which user is associated with the IP of the
wireless client, so that I can implement user based
restrictions/freedoms for our wireless
tis 2011-12-20 klockan 14:02 +0530 skrev Benjamin:
When i remove traffic from router to squid means that time, there is no
traffic on squid box and that time also i can see same 100% cpu
utilization in top command.
Sounds like a bug.
First step, upgrade to a current release. 3.1.10 is
* Henrik Nordström hen...@henriknordstrom.net:
tis 2011-12-20 klockan 14:02 +0530 skrev Benjamin:
When i remove traffic from router to squid means that time, there is no
traffic on squid box and that time also i can see same 100% cpu
utilization in top command.
Sounds like a bug.
Hi ,
Iam getting more read timeout while iam using Squid proxy with
persistent connection off state.
What is the maximum values for read_timeout and connect_timeout.
Thanks in Advance,
Sekar
Thank you all. Yes. My LB is not sending the original IP to squid.
Regards,
Sekar
2011/12/19 Henrik Nordström hen...@henriknordstrom.net:
lör 2011-12-17 klockan 19:15 +0530 skrev Sekar Duraisamy:
I have configured the log format with %{X-Forwarded-For}h . But in
this field shows - . Not
On 20/12/2011 7:40 p.m., Tom Tux wrote:
Hi
I have found the following web-based tool to calculate the objects freshness:
http://web.forret.com/tools/squid.asp
If it's useful for others too, can a site-admin publish this url on
squid-cache.org (perhaps 'Related Software')?
Thanks and regards,
On 12/20/2011 02:06 PM, Ralf Hildebrandt wrote:
* Benjaminbenjo11...@gmail.com:
Hi,
When i have heavy traffic that time squid always consume 100% cpu
utilization. Is there anyway to tune squid or OS to reduce cpu
utilization?
Usually restarting squid fixes things.
It does for me
Hi,
When i
On 20/12/2011 7:40 a.m., Wladner Klimach wrote:
Look at this:
Every 2.0s: lsof -i :3128
Mon Dec
19 16:38:22 2011
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
squid 20367 squid 12u IPv6 2474452 0t0 TCP
On 20/12/2011 9:56 p.m., Sekar Duraisamy wrote:
Hi ,
Iam getting more read timeout while iam using Squid proxy with
persistent connection off state.
A strong sign that there is something broken at the TCP level of the
networks your traffic travels over (yours, your suppliers or peers).
Dear all
I'm writing this topic here because it seems that the dansguardian
mailing list is very silent.
I have set squid 3.2 with nlm has this
#- NTLM AUTH settings
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
auth_param basic program
On 20/12/2011 9:35 p.m., Henrik Nordström wrote:
mån 2011-12-19 klockan 23:53 +1300 skrev Amos Jeffries:
Do you have a trace from this server when requesting something from the
login-required area of the site?
If the requested URL contains login credentials then anonymous FTP login
SHOULD NOT
On 20/12/2011 11:50 p.m., David Touzeau wrote:
Dear all
I'm writing this topic here because it seems that the dansguardian
mailing list is very silent.
I have set squid 3.2 with nlm has this
#- NTLM AUTH settings
auth_param ntlm program /usr/bin/ntlm_auth
Hi there,
I'm building new squid box which is 3.2.0.14 on OpenIndiana 151a, the
configuration is as usual but when squid started up, intercept mode
didn't work.
IP NAT table already works:
# ipnat -l
List of active MAP/Redirect filters:
rdr rtls0 0.0.0.0/0 port 80 - 10.2.176.31 port 3129
On 21/12/2011 12:33 a.m., Nguyen Hai Nam wrote:
Hi there,
I'm building new squid box which is 3.2.0.14 on OpenIndiana 151a, the
configuration is as usual but when squid started up, intercept mode
didn't work.
IP NAT table already works:
# ipnat -l
List of active MAP/Redirect filters:
rdr
2011/12/20 Henrik Nordström hen...@henriknordstrom.net
mån 2011-12-19 klockan 18:35 +0200 skrev E.S. Rosenberg:
Hi all,
We have a Cisco WLC controlling our local wireless network, I would
like it for squid to know which user is associated with the IP of the
wireless client, so that I can
tis 2011-12-20 klockan 14:09 +0200 skrev E.S. Rosenberg:
About the wlc I don't know for sure yet, I can probably create a
script/program that when presented with an IP can convert it to a
username on the Radius server...
But I don't know how that would then interact with squid...
Thanks,
Hallo, Amos,
Du meintest am 13.12.11:
The Squid HTTP Proxy team is very pleased to announce the
availability of the Squid-3.2.0.14 beta release!
Slackware binary:
http://helmut.hullen.de/filebox/Linux/slackware/n/squid-3.2.0.14-i486-1hln.tgz
Viele Gruesse!
Helmut
Hi,
sslbump allows me to interrupts ssl connections and run an AV check on them.
It generates a certs for the target domain (via sslcrtd), so that the
users browser sees a server cert signed by the proxy.
If the target domain has a certificate that is expired, or it not
signed by a recognised
It might be possible to sent the WLC logs to a syslog server, where
one could pipe into a parser to extract the pairs needed and front
there create an ACL for squid?
Sean
2011/12/20 Henrik Nordström hen...@henriknordstrom.net:
tis 2011-12-20 klockan 14:09 +0200 skrev E.S. Rosenberg:
About the
tis 2011-12-20 klockan 15:37 +0100 skrev Sean Boran:
It might be possible to sent the WLC logs to a syslog server, where
one could pipe into a parser to extract the pairs needed and front
there create an ACL for squid?
As soon as you from the Squid server somehow can query who is the user
at
Thanks.
After looking into it more, it appears squidGuard seems to be taking a
while to initialize the blacklists. The only reason I have to reload
squid3 is for squidGuard to recognize the new blacklist entries.
I am using Berkley DB for the first time, perhaps that's why it takes
longer?
Hi all!
My squid cannot run any external acl script or soft
I want to restrict web access by Windows AD group..
I test with other helpers, softs and scripts in this location and other
location (ex. /tmp, /, /etc/squid3) and I got same error on cache.log
I use Ubuntu 64 11.10 and Squid 3.1.14
Hi,
I am getting error when compile helpers/external_acl/session on freebsd 7.4.
Error details are below.
What can be the problem?
Thanks,
Yusuf
squid version is squid-3.2.0.14-20111219-r11470
berkeley db version is 4.8
$make
/usr/local/bin/bash ../../../libtool --tag=CXX
On Tue, 2011-12-20 at 20:18 +0200, yusuf özbilgin wrote:
Hi,
I am getting error when compile helpers/external_acl/session on freebsd 7.4.
Error details are below.
What can be the problem?
Thanks,
Yusuf
squid version is squid-3.2.0.14-20111219-r11470
berkeley db version is 4.8
On Tue, 2011-12-20 at 15:49 -0200, Igor NM wrote:
Hi all!
My squid cannot run any external acl script or soft
I want to restrict web access by Windows AD group..
I test with other helpers, softs and scripts in this location and other
location (ex. /tmp, /, /etc/squid3) and I got same
How do you reload, by doing restart or -k reconfigure (must faster)
Sean
On 20 December 2011 16:48, Terry Dobbs tdo...@associatedbrands.com wrote:
Thanks.
After looking into it more, it appears squidGuard seems to be taking a
while to initialize the blacklists. The only reason I have to
Hi Andy,
The permissions and path is ok.
I find the problem... In my server, I disabled the ipv6, but squid try use it
to connect 'external acl'... On the line of acl, put the 'ipv4' parameter and
the problem is gone!
I don't find any solution where say 'put ipv4 on', but I find this:
On 21/12/2011 3:03 a.m., Wladner Klimach wrote:
But the problem is that i'm not running IPv6 in my network. That's why
Welcome to your IPv6 enabled transit network. Whether you like it, or not.
- Rob Issac, 2008.
On 21/12/2011 3:34 a.m., Sean Boran wrote:
Hi,
sslbump allows me to interrupts ssl connections and run an AV check on them.
It generates a certs for the target domain (via sslcrtd), so that the
users browser sees a server cert signed by the proxy.
If the target domain has a certificate that is
On 21/12/2011 4:48 a.m., Terry Dobbs wrote:
Thanks.
After looking into it more, it appears squidGuard seems to be taking a
while to initialize the blacklists. The only reason I have to reload
squid3 is for squidGuard to recognize the new blacklist entries.
I am using Berkley DB for the first
On 21/12/2011 10:28 a.m., Igor NM wrote:
Hi Andy,
The permissions and path is ok.
I find the problem... In my server, I disabled the ipv6, but squid try use it
to connect 'external acl'... On the line of acl, put the 'ipv4' parameter and
the problem is gone!
I don't find any solution where
On 12/20/2011 7:06 PM, Amos Jeffries wrote:
On 21/12/2011 12:33 a.m., Nguyen Hai Nam wrote:
Hi there,
I'm building new squid box which is 3.2.0.14 on OpenIndiana 151a, the
configuration is as usual but when squid started up, intercept mode
didn't work.
IP NAT table already works:
# ipnat
On 21/12/2011 2:02 p.m., Nguyen Hai Nam wrote:
Squid Cache: Version 3.2.0.14
configure options: '--prefix=/usr/squid' '--enable-ipf-transparent'
--enable-ltdl-convenience
I forgot to attach the debug errors; by the way, it failed at ioclt()
lookup:
2011/12/20 04:06:03 kid1| BUG: Orphan
Hi
Greetings Squid team. I am stuck on squid situation. actually while
using gmail using as SSL version it's browsing data is too much for
our server as we have limited bandwidth. we are using a squid 2.7
stable version. so can you suggest me any way to force gmail to load
basic HTML view so that
On 21/12/2011 6:30 p.m., Girish Dudhwal wrote:
Hi
Greetings Squid team. I am stuck on squid situation. actually while
using gmail using as SSL version it's browsing data is too much for
our server as we have limited bandwidth. we are using a squid 2.7
stable version. so can you suggest me any
On 21/12/2011 7:17 p.m., Girish Dudhwal wrote:
Hi Squid Team,
Greetings for today. well we are currently on track of updating our
squid versio to 3.1. So could you give us a solution for our problem
if we update our squid version. Because tackling with QoS standards of
our OS and informing
According to the doc, sslproxy_flags only has only one other value
NO_DEFAULT_CA.
That doesn't seem of much use... it does recognise and refuse the
expired cert though:
2011/12/21 07:30:01.269| Self signed certificate:
40 matches
Mail list logo
