or testing performance but
well-known and very simple.
Alex.
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team, level
Date: Thu, 11 Apr 2024 09:55:14 +
From: PinPin Poola
To:"squid-users@lists.squid-cache.org"
Subject: [squid-users] Squid as a http/https transparent web proxy in
2024 do I still have to build from source?
Message-ID:
Content-Type: text/plain;
-only site.
David
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
__
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/sq
Thank Alex
This will fix the issue!
Le 31/01/2024 à 17:43, Alex Rousskov a écrit :
On 2024-01-31 09:23, David Touzeau wrote:
Hi %note is used by our external_acls and for log other tokens
And we use also Group as token.
it can disabled by direcly removing source kerberos code before
Hi %note is used by our external_acls and for log other tokens
And we use also Group as token.
it can disabled by direcly removing source kerberos code before
compiling but i would like to know if there is another way
Le 31/01/2024 à 14:36, Andrey K a écrit :
Hello, David,
> Any
Anyway to remove these entries from the log ?
Le 31/01/2024 à 10:01, Andrey K a écrit :
Hello, David,
group values in your logs are BASE64-encoded binary AD-groups SIDs.
You can try to decode them by a simple perl script sid-reader.pl
<http://sid-reader.pl> (see below):
BIB%0D%0Aaccessrule:%20final_allow%0D%0Afirst:%20ERROR%0D%0Awebfilter:%20pass%0D%0Aexterr:%20invalid_code_431%0D%0A
ua="-" exterr="-|-"|
--
David Touzeau - Artica Tech France
Development team, level 3 support
--
P: +33 6 58 44 69 46
www:https:
On 11/27/23 11:36, Amos Jeffries wrote:
On 27/11/23 23:05, David Komanek wrote:
On 11/27/23 10:40, Amos Jeffries wrote:
On 27/11/23 22:21, David Komanek wrote:
here are the debug logs (IP addresses redacted) after connection
attempt to https://samba.org/ :
...
2023/11/27 09:58:07.370
On 11/27/23 11:36, Amos Jeffries wrote:
On 27/11/23 23:05, David Komanek wrote:
On 11/27/23 10:40, Amos Jeffries wrote:
On 27/11/23 22:21, David Komanek wrote:
here are the debug logs (IP addresses redacted) after connection
attempt to https://samba.org/ :
...
2023/11/27 09:58:07.370
On 11/27/23 10:40, Amos Jeffries wrote:
On 27/11/23 22:21, David Komanek wrote:
here are the debug logs (IP addresses redacted) after connection
attempt to https://samba.org/ :
...
2023/11/27 09:58:07.370 kid1| 11,2| Stream.cc(274)
sendStartOfMessage: HTTP Client REPLY:
-
HTTP/1.1
Date: Thu, 23 Nov 2023 01:44:30 +1300
From: Amos Jeffries
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] how to avoid use http/1.0 between squid and
the target
Message-ID:
Content-Type: text/plain; charset=UTF-8; format=flowed
On 22/11/23 23:03, David Komanek wrote
not aware
of any configuration directives which could cause this.
browsers: chrome, firefox (both updated)
squid: freebsd package (now version 6.5, but the I had the same problem
with 5.9 before)
Thanks in advance for some hints here.
Best regards,
David Komanek
Charles University in Prague
8:50| WARNING: (B) '64.34.72.232' is a subnetwork of
(A) '64.34.72.232'
According to all warning, Squid won't start with this error
*2023/10/02 20:20:09| FATAL: assertion failed: debug.cc:606:
"earlyMessages->size() < 1000"**
**Aborted*
How to avoid this ??
--
David Touzeau - Arti
72.232'
According to all warning, Squid won't start with this error
*2023/10/02 20:20:09| FATAL: assertion failed: debug.cc:606:
"earlyMessages->size() < 1000"**
**Aborted*
How to avoid this ??
--
David Touzeau - Artica Tech France
Development team, level 3 support
-
Many thanks Francesco !!
On 17/09/2023 16:55, Francesco Chemolli wrote:
Hi David,
PR 1481 <https://github.com/squid-cache/squid/pull/1481> should
address your problem, it needs to be reviewed,
merged to trunk, and backported to v6 so don't hold your breath,
but it should be just a
.
regards
On 28/08/2023 22:46, Francesco Chemolli wrote:
Hi David,
you should use
itchart_=PASS
The trailing underscore signals Squid that this is a custom header.
On Mon, Aug 28, 2023 at 3:54 PM David Touzeau
wrote:
Hi
Since 6.2 ( aka migrating from 5.8 )
Squid claim about
advice: If this is a custom annotation, rename it to add a trailing
underscore: itchart_
current master transaction: master278
Did the helper instead of "itchart=PASS" must send
"itchart_=PASS"
or
"itchart_PASS"
?
--
David Touzeau - Artica Tech
l
disable all "deny" rules.
I'm wrong ?
On 24/04/2023 11:22, Amos Jeffries wrote:
On 24/04/2023 11:33 am, David Touzeau wrote:
We have a "problem" with ACLs, and I don't know how to address this
situation in Squid 5.8
Let me explain:
We have an Active Directory group na
We have a "problem" with ACLs, and I don't know how to address this
situation in Squid 5.8
Let me explain:
We have an Active Directory group named limited_users that is only
allowed to surf on a very limited list of websites.
These users are therefore forbidden to surf on all sites not listed
Thanks Amos for this clarification,
We also have the same needs and indeed, we face with the same approach.
It is possible that the structure of Squid could not, in some cases,
recovering this type of information.
Although the concept of a proxy is neither more nor less than a big
browser
Thanks Amos for this clarification,
We also have the same needs and indeed, we face with the same approach.
It is possible that the structure of Squid could not, in some cases,
recovering this type of information.
Although the concept of a proxy is neither more nor less than a big
browser
/uisproxy-rop@***.***.CORP
3 11/16/2022 11:30:50 host/uisproxy-rop@***.***.CORP
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team
over a LOT of things. All of which are outside of Squid's domain.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team, level
proxy-190.articatech.int
Via: 1.1 789aaa51-a1eb-eb48-639b-70877aed (squid)
Connection: close
Le 12/10/2022 à 20:00, Alex Rousskov a écrit :
On 10/12/22 12:45, David Touzeau wrote:
Hi
We using squid 5.7 after adding ssl-bump we have sometimes several
502 error with extended error ERR_READ_ERROR|W
Hi
We using squid 5.7 after adding ssl-bump we have sometimes several 502
error with extended error ERR_READ_ERROR|WITH_SERVER
1665589818.831 11 192.168.1.13 NONE_NONE/502 192616 OPTIONS
https://www2.deepl.com/jsonrpc?method=LMT_split_text - HIER_NONE/-:-
text/html
Hi
We have some experience on cluster configuration.
https://wiki.articatech.com/en/proxy-service/hacluster
As using Kubernetes for Squid and for 40K users is a very "risky adventure".
Squid requires a very high disk performance (I/O) which means both a
good hard disk drive and a decent
Hi Eric.
We had the same restrictions with the fast or slow ACLs.
Have you thought about creating a squid helper that calculates your needs?
So maybe you can get around this by using the acl "note" acl note xxx
xxx which turns your helper results (slow) into "fast".
Le 05/09/2022 à 14:56,
Server: Apache/2.4.6 (CentOS) PHP/7.1.26
Set-Cookie: tickets[InDesign]=1ae95903t3jY2HDSgfvoEsfpsibbkf9mlNZ4eDjA;
expires=Wed, 31-Aug-2022 10:52:05 GMT; Max-Age=86400; path=/webserver;
HttpOnly
X-Powered-By: PHP/7.1.26
Content-Length: 266
Connection: keep-alive
Again thank you for you time.
David
On
:31, David Ferreira wrote:
> > Hi Amos,
> >
> > Thank you for the reply,
> >
> > here's my squid.conf, by default our client's(localnet) do not have
> > internet access and only match windows services acl's unless they are in
> > authorizednet
6.0+3010+383bc947.1.x86_64.rpm.html
Rocky 9 :
https://almalinux.pkgs.org/9/almalinux-appstream-x86_64/squid-5.2-1.el9_0.1.x86_64.rpm.html
Thank you!
On Mon, 29 Aug 2022 at 13:36, Amos Jeffries wrote:
> On 29/08/22 22:17, David Ferreira wrote:
> > hi,
> >
> > First time us
ilure: Connection was aborted (55)
"
Thanks in advance,
David
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
http://lists.squid-cache.org/listinfo/squid-users
--
Technical Support
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*
P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
___
Hi Eliezer
if you want to do transparent mode without having to put squid squidboix
in front of your fortinet.
If you want to do transparent mode while your fortinet aggregates
several VLANs, the WCCP mode is necessary
So you can control everything through your fortigate
By the way,
CCP server available.
Le 23/06/2022 à 18:33, ngtech1...@gmail.com a écrit :
Hey David,
Just trying to understand something:
Aren’t Fortinet something that should replace squid?
I assumed that it should do a much better job then Squid in many aeras.
What a Fortinet(I have one…) is not coverin
testing to be done.
Le 23/06/2022 à 14:44, Alex Rousskov a écrit :
On 6/21/22 07:43, David Touzeau wrote:
We trying to using WCCP with Fortigate without success Squid version
5.5 always claim "Ignoring WCCPv2 message: truncated record"
What can be the cause ?
The most likely caus
Hi
We trying to using WCCP with Fortigate without success Squid version
5.5 always claim "Ignoring WCCPv2 message: truncated record"
What can be the cause ?
We have added a service ID 80 on fortigate
config system wccp
edit "80"
set router-id 10.10.50.1
set
al Support
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*
P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
___
squid-users mailing list
squid-users@list
Hi
added exterr="%err_code|%err_detail" in logging and result return some
request with ERR_PROTOCOL_UNKNOWN|exception=18686e4e
1646498399.887 46 176.12.1.2 NONE_NONE/000 0 CONNECT 62.67.238.138:443 -
HIER_NONE/-:- exterr="ERR_PROTOCOL_UNKNOWN|exception=18686e4e"
What does
o place the user=xxx switch for the next processing.
It almost looks like the "ident" method
http://www.squid-cache.org/Misc/ident.html
Without having to install a piece of software and a listening port on
all the computers in the network
Le 14/02/2022 à 19:50, Eliezer Croitoru a écr
to find a way directly in the HTTP protocol.
This is the reason why a fake could be a solution.
But I think I'm trying to catch a chimera and we'll have to redesign the
network architecture.
regards
Le 12/02/2022 à 06:27, Eliezer Croitoru a écrit :
Hey David,
The general name of this concept
P database and will be rejected.
I don't need to argue about the security value of this method. It saves
us from setting up a gas factory to make a kind of HotSpot
Le 11/02/2022 à 05:55, Dieter Bloms a écrit :
Hello David,
for me it looks like you want to use kerberos authentication.
Wit
P database.
This is to avoid any connection to an Active Directory
Maybe this is impossible
Le 10/02/2022 à 05:03, Amos Jeffries a écrit :
On 10/02/22 01:43, David Touzeau wrote:
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support
new protocols
ntlm_* helpers are specific to NTLM auth
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support new
protocols or go further produce a new negotiate_kerberos_auth_fake
Who should start the challenge?
regards___
squid-users mailing list
squid-users@lists.squid-cache.org
You are the best,
We will launch a benchmark to see the diff
Le 07/02/2022 à 16:14, Eliezer Croitoru a écrit :
Hey David,
Since the handle_stdout runs in it’s own thread it’s sole purpose is
to send results to stdout.
If I will run the next code in a simple software without the 0.5 sleep
?
Le 06/02/2022 à 11:46, Eliezer Croitoru a écrit :
Hey David,
Not a fully completed helper but it seems to works pretty nice and
might be better then what exist already:
https://gist.githubusercontent.com/elico/03938e3a796c53f7c925872bade78195/raw/21ff1bbc0cf3d91719db27d9d027652e8bd3de4e
00:27 2:54 python
/lib/squid3/external_acl_first
squid 105858 91.8 0.6 367228 49728 ? SNl 00:27 2:52 python
/lib/squid3/external_acl_first
I did not find where it should be...
Le 06/02/2022 à 11:46, Eliezer Croitoru a écrit :
Hey David,
Not a fully completed helper
Elizer,
Thanks for all this advice and indeed your arguments are valid between
opening a socket, sending data, receiving data and closing the socket
unlike direct access to a regex or a memory entry even if the
calculation has already been done.
But what surprises me the most is that we
Hi Elizer
You are right in a way but when squid loads multiple helpers, each
helper will use its own cache.
Using a shared "base" allows helpers to avoid having to compute a query
already found by another helper who already has the answer.
Concerning PHP what we find strange is that with our
Is adapted_http_access supporting url_rewrite_program ? It seems only
supports ecap/icap
Le 31/01/2022 à 03:52, Amos Jeffries a écrit :
On 31/01/22 13:20, David Touzeau wrote:
But it makes 2 connections to the squid for just stopping queries.
It seems not really optimized.
The joys
Hi
I have built my own squid url_rewrite_program
protocol requires answering with
# OK status=301|302 url=
Or
# OK rewrite-url="http://blablaba;
In my case, especially for trackers/ads i would like to say to browsers:
"Go away !" without need them to redirect.
Sure i can use these methods
Hi
We used Squid 5.2 and we see that security_file_certgen consume I/O
Is there any way to put the ssldb in memory without need to mount a tmpfs ?
regards
___
squid-users mailing list
squid-users@lists.squid-cache.org
Hi
Working like a charm !!!
Many thanks!!
Le 26/11/2021 à 17:43, Alex Rousskov a écrit :
On 11/25/21 4:46 PM, David Touzeau wrote:
We need to add %note added from external helper using a deny_info and
specific squid error page.
tried with %o or %m without success
Is there a token to build
Hi,
We need to add %note added from external helper using a deny_info and
specific squid error page.
tried with %o or %m without success
Is there a token to build an error page with an external acl helper output ?
Regards___
squid-users mailing
Hi
According to your documentation,
cache dir rock : objects larger than 32,000 bytes cannot be cached
if aufs cannot be implemented in SMP configuration how can we handle
larger files in cache ?
Le 23/11/2021 à 11:01, David Touzeau a écrit :
Ok thanks, we will investigate in this way
Le 22
Hi community,
tlu.dl.delivery.mp.microsoft.com is from the app store and it encounters
an issue with high bandwidth usage.
We think that it was caused because Squid filtering the HTTP Range
header from the HTTP requests.
This caused the app store download everything in an endless loop
We
Ok thanks, we will investigate in this way
Le 22/11/2021 à 19:33, Alex Rousskov a écrit :
On 11/22/21 12:48 PM, David Touzeau wrote:
Here our SMP configuration:
workers 2
cache_dir rock /home/squid/cache/rock 0 min-size=0 max-size=131072
slot-size=32000
if ${process_number} = 1
256
min-size=131072 max-size=3221225472
endif
if ${process_number} = 2
memory_cache_mode always
cpu_affinity_map process_numbers=${process_number} cores=2
endif
where is the false settings ?
Missing cache_dir ?
Le 22/11/2021 à 18:18, Alex Rousskov a écrit :
On 11/22/21 11:55 AM, David Touzeau
Hi, community
What does mean this error :
2021/11/21 17:23:06 kid1| assertion failed: Controller.cc:930:
"!transients || e.hasTransients()"
current master transaction: master69
We are unable to start the service it always crashes.
How can we can fix it ( purge cache , reboot )...
Hi,
For us it is Squid v4.17
Le 16/11/2021 à 17:40, Graminsta a écrit :
Hey folks ;)
What is the most stable squid version for production on Ubuntu 18 or 20?
Marcelo
___
squid-users mailing list
squid-users@lists.squid-cache.org
Any tips,
Is someone using Fake NTLM with modern browsers ?
Le 11/11/2021 à 13:16, David Touzeau a écrit :
Thanks Amos it will help understand something
I think modern browser sending NTLMv2 as the ntlm_fake_auth
understanding only NTLMv1 ( perhaps )
Using curl with --proxy-ntlm option
as currently stable .
Also the Squid 4 working very well on Debian 10
Le 11/11/2021 à 20:58, Flashdown a écrit :
Hi David,
well I am curious, where did you set the max filedescriptors? Only in
the OS configuration? If so, you also need to define it in the
squid.conf as well ->
h
Hi
Just for information and i hope it will help.
We have installed Squid 5.1 and Squid 5.2 in production mode.
It seems that after several days, the Squid become very unstable.
We mention that when switching to 4.x we did not encounter these errors
with the same configuration, same users, same
/11/21 14:12, David Touzeau wrote:
Hi,
i would like to use ntlm_fake_auth but it seems Squid refuse to
switch to authenticated user and return a 407 to the browser and
squid never accept credentials.
What i missing ?
Configuration seems simple:
auth_param ntlm program /lib/squid3
Hi,
i would like to use ntlm_fake_auth but it seems Squid refuse to switch
to authenticated user and return a 407 to the browser and squid never
accept credentials.
What i missing ?
Configuration seems simple:
auth_param ntlm program /lib/squid3/ntlm_fake_auth -v
auth_param ntlm children 20
the request.
Le 02/11/2021 à 16:17, Alex Rousskov a écrit :
On 11/2/21 10:40 AM, David Touzeau wrote:
2021/11/01 16:50:48.787 kid1| 93,3| Http::Tunneler::handleReadyRead(conn9812727
local=127.0.0.1:23408 remote=127.0.0.1:2320 FIRSTUP_PARENT)
2021/11/01 16:50:48.787 kid1| 74,5| parse: status
Hi,
Take time to enable the debug log an parsing the 10GB of logs
Here the piece of code:
2021/11/01 16:50:48.786 kid1| 33,5| AsyncCall.cc(30) AsyncCall: The
AsyncCall Server::clientWriteDone constructed, this=0x55849cb132b0
[call252226641]
2021/11/01 16:50:48.786 kid1| 5,5| Write.cc(37)
Hello Community,
We use child Squid proxies that connect to boxes that act as parents.
In version 4.x this configuration does not pose any problem.
In version 5.2, since, we have a lot of errors like :
01h 47mn kid1| TCP connection to 10.32.0.18/3150 failed
01h 47mn kid1| TCP connection to
Hi
Just to mention, we discover high memory usage too without ICAP and SSL bump
after several days, need to restart the service.
Le 08/10/2021 à 10:56, Steve Hill a écrit :
I'm seeing high memory usage on Squid 5.1. Caching is disabled, so
I'd expect memory usage to be fairly low (and it was
Thanks amos !!
I think auth_schemes can be a workaround.
I will try it !
Le 21/09/2021 à 02:49, Amos Jeffries a écrit :
On 21/09/21 11:49 am, David Touzeau wrote:
When edge, chrome and IE try to establish a session, Squid claim
2021/09/21 01:17:27 kid1| ERROR: Negotiate Authentication
It up, i'll document it and make and howto of it.
Greetz,
Louis
Van: squid-users [mailto:squid-users-boun...@lists.squid-cache.org]
Namens David Touzeau
Verzonden: dinsdag 21 september 2021 1:49
Aan: squid-users@lists.squid-cache.org
Hi all
i have setup Kerberos authentication with Windows 2019 domain using
Squid 5.1 ( The Squid version did not fix the issue - Tested 4.x and 5.x)
In some cases, some computers are not joined to the domain and ween need
to allow authenticate on Squid
To allow this, Basic Authentication is
Thanks, i will try in this way
Le 16/09/2021 à 21:03, Alex Rousskov a écrit :
On 9/16/21 2:52 PM, David Touzeau wrote:
It is true that it would be possible to use an external_acl in the
http_reply_access.
Do you think that adding it in this position I would be able to use
squid's resolution
that adding it in this position I would be able to use
squid's resolution results ?
Le 16/09/2021 à 19:43, Alex Rousskov a écrit :
On 9/16/21 1:30 PM, David Touzeau wrote:
I'm turning to create a DNS resolution dev and I'm giving up looking
retreive this information through Squid.
Please note
Amos,
Thank you for your response and kindness,
I'm turning to create a DNS resolution dev and I'm giving up looking
retreive this information through Squid.
Le 16/09/2021 à 19:13, Amos Jeffries a écrit :
On 17/09/21 2:42 am, David Touzeau wrote:
Thanks Amos for quick answer.
Can you take
:
On 16/09/21 10:09 pm, David Touzeau wrote:
Hi comunity, Squid fans
I would like to use an external acl process for Geoip processing
i have tried to setup squid to send the remote peer address using %code but it always reply with a "-"
external_acl_type MyGeopip ttl=3600 negativ
Hi comunity, Squid fans
I would like to use an external acl process for Geoip processing
i have tried to setup squid to send the remote peer address using %code but it always reply with a "-"
external_acl_type MyGeopip ttl=3600 negative_ttl=3600 children-startup=2
children-idle=2
0922
Tel (Intl) : +44 1305 898033
https://www.lubefinder.com
*From:* squid-users on
behalf of David Touzeau
*Sent:* Wednesday, September 15, 2021 11:40:04 AM
*To:* squid-users@lists.squid-cache.org
*Subject:* [squid
On Debian 10 64bits with squid 5.1 we have thousand warning as this:
2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not
permitted
2021/09/15 08:00:18 kid2| WARNING: no_suid: setuid(0): (1) Operation not
permitted
2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1)
Basically syslogd can do what you want : send via TCP, HTTP, UDP
So the deal is to use
logformat my_metrics [statsd] %icap::tt %
Hi
Is there a way to configure Squid to output the logs to statsd rather
than a file?
Today I have this:
+logformat my_metrics %icap::tt %However I
y much for your help.
Regards,
David Mills
Senior DevOps Engineer
E: david.mi...@acusensus.com
M: +61 411 513 404
W: acusensus.com
On Sun, 18 Jul 2021 at 16:45, Amos Jeffries wrote:
> On 16/07/21 4:38 pm, David Mills wrote:
> > Hi Amos,
> >
> > sorry for the big
Hi Amos,
You said
> The traffic from Squid to the AArnet server is apparently using IPv6. Is
> that routing setup properly too?
>
The output of "ip address" shows both IPv4 and IPv6. What led you to make
the above conclusion?
Regards,
David Mills
Senior DevOps Eng
Hi Amos,
Thanks for the info.
Yes, "mirror.aarnet.edu.au" is in the whitelist. IPv6 could be an issue as
I believe AWS ELBs may not support.
We'll try the logging you suggest and perhaps an upgrade to 4.0 if we have
no joy with 3.5.
Regards,
David Mills
Senior DevOps Engineer
E
tions -fstack-protector-strong
> --param=ssp-buffer-size=4 -grecord-gcc-switches-m64 -mtune=generic
> -fpie' 'LDFLAGS=-Wl,-z,relro -pie -Wl,-z,relro -Wl,-z,now' 'CXXFLAGS=-O2
> -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions
> -fstack-protector-strong --param=ssp-buffer-size=4
[Connecting to HTTP proxy (
> http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128)]
>
appears often and hang for a while.
I've tried upping the squid logging and allowing all, but they didn't offer
any additional information about the issue.
Any advice would be grea
ml
Many users says there is no impact on helpers and performance as it is
just a warning...
Did you confirm it ?
Le 28/02/2021 à 01:58, Alex Rousskov a écrit :
On 2/27/21 7:22 PM, David Touzeau wrote:
Hi, regulary i have this error :
2021/02/28 01:18:43 kid1| helperOpenSe
Hi, regulary i have this error :
2021/02/28 01:18:43 kid1| helperOpenServers: Starting 5/32
'security_file_certgen' processes
2021/02/28 01:18:43 kid1| WARNING: no_suid: setuid(0): (1) Operation not
permitted
i have set the setuid permission
chown root:squid security_file_certgen
chmod
/squid.pid'
'--with-swapdir=/var/cache/squid' 'build_alias=x86_64-linux-gnu'
Le 14/01/2021 à 05:43, Amos Jeffries a écrit :
On 14/01/21 3:17 am, David Touzeau wrote:
Hi
This error is generated every 15 minutes when using any authenticator
helper (ntlm, kerberos...)
Is there a way to investigate
Hi
This error is generated every 15 minutes when using any authenticator
helper (ntlm, kerberos...)
Is there a way to investigate on this issue ?
kidxx| WARNING: no_suid: setuid(0): (1) Operation not permitted
Sometimes, after rebooting the system, issue is fixed for an
undetermined
Yes this an hton of the IP address (ip2long) , remove the .addr and
switch to long2ip
Le 04/01/2021 à 14:56, ngtech1...@gmail.com a écrit :
Thanks David,
I don’t understand something:
1490677018.addr
Are these integers representing of ip addresses?
Eliezer
Eliezer Croitoru
Tech
Hi Eliezer:
http://articatech.net/tmpf/categories/banking.gz
http://articatech.net/tmpf/categories/cleaning.gz
Le 04/01/2021 à 10:27, ngtech1...@gmail.com a écrit :
Hey David.
Indeed it should be done with the local websites however, These sites
are pretty static.
Would it be OK
Hi Eiezer,
I can help you by giving a list but
Just by using "main domains":
* Banking/transcations : 27 646 websites.
* AV sofwtare and updates sites (fw, routers...) : 133 295 websites
I can give it to you the lists , they are incomplete and it should
decrease squid performance by
Thanks Amos
You means using "login=PASS" in peer settings and in Proxy parent B and
C use the "basic_fake_auth" helper to "simulate" the requested auth ?
Le 17/11/2020 à 11:43, Amos Jeffries a écrit :
On 17/11/20 9:27 pm, David Touzeau wrote:
Hi,
W
Hi,
We a first Squid using Kerberos + Active Directory authentication.
This first squid is used to limit access using ACls and Active Directory
groups.
This first squid using parents as peer in order to access to internet in
this way:
| > SQUID B
When having several *_access http_access,reply_access...
In a stressed environment, it is difficult to hunt an issue or a wrong rule.
The debug mode is impossible because the proxy in production mode write too
many logs..
But if we can identify the rule and add pointer to the log, it is
Thank Amos. Ironically I just found that out with testing and then a
search pointing me here:
https://wiki.squid-cache.org/Features/HTTPS
Sadly, I should have thought of that. Been a long day I guess.
Thanks again!
--David
On 7/22/20 8:58 PM, Amos Jeffries wrote:
On 23/07/20 3:27 pm
the
docs) is /not/ being compared against. I'm just posting this here as an
FYI...no solution has been found. :(
--David
On 7/22/20 7:22 PM, David A. Gershman wrote:
Hello,
I have the following in my config file:
acl user_allowed url_regex ^https://example\.com/
but surfing to that
on Debian 10 and am unable to determine which RE library Debian
compiled Squid3 against (I've got a Tweet out to them to see if they can
point me in the right direction).
Ultimately, I would like to get Squid to use PCREs.
Ideas?
Thanks!
--David
Hello,
The mailing list site
http://www.squid-cache.org/Support/mailing-lists.html
states a search engine is available at
http://www.squid-cache.org/cgi-bin/swish-query.cgi
However, going here results in a 404 not found. Is there another search
engine?
--David
Thanks for the answer details
How to be a sponsor ? ( cost ) of such feature
Could you think it can be planned for 5.x ?
I think it should be a "future" "standard" in the same way of DNS over SSL
Le 19/05/2020 à 16:46, Alex Rousskov a écrit :
On 18/05/20 10:15 am, David T
1 - 100 of 985 matches
Mail list logo
