On ons, 2008-10-15 at 03:01 -0400, [EMAIL PROTECTED] wrote:
I need to handle the HTTPS request(443) in squid transparent proxy.
Ouch. You are aware that this is not possible without acting as a
man-in-the-middle, sending invalid certificates to the browsers? And
that the users no longer will be
On ons, 2008-10-15 at 00:31 -0700, Man'z wrote:
I'm already install squid for windows, and want to block some IP address to
access the internet even
browser setting for proxy is defined or not defined.
Squid can only control access while the browser is configured to use the
proxy.
For
On ons, 2008-10-15 at 23:25 +1300, Amos Jeffries wrote:
Sigh. Can anyone tell me why I can't get my head to remember that?
Because you normally work in forward proxy environment, not so much with
reverse proxy setups?
Regards
Henrik
signature.asc
Description: This is a digitally signed
On ons, 2008-10-15 at 16:16 +1300, Amos Jeffries wrote:
If anyone identifies your public IP they can point a domain DNS at your
IP and have it accelerated. Or even configure port 80 as their proxy IP
and browse through it. A firewall or NAT layer cannot prevent this
happening.
Only if
On ons, 2008-10-15 at 10:23 -0400, [EMAIL PROTECTED] wrote:
My configuration is...
http_port 0.0.0.0:3128 transparent
https_port 0.0.0.0:3129 transparent
cert=/usr/local/squid-test/CA/servercert.pem
key=/usr/local/squid-test/CA/serverkey.pem
Iptable rules are:
iptables -t nat -A
On sön, 2008-10-12 at 12:37 +0200, Yonatan Broza wrote:
I see that NTLM challenge token reuse options have been removed from
squid.conf and are no longer supported.
Correct.
What was the motivation for this change?
Mainly because it only possible if security is restricted to
NTLMv1/LANMAN
mån 2008-10-13 klockan 13:31 +0100 skrev
[EMAIL PROTECTED]:
-f ((sAMAccountName=%s)(memberOf=CN=InternetUsers,OU=Groups,OU=ND House
(slh / wel),OU=UK,DC=cs-plc,DC=salvesen,DC=com))
squid_ldap_auth: WARNING, LDAP search error 'Bad search filter'
This is most likely from the () in your OU. ()
On tis, 2008-10-14 at 09:04 -0700, Tom Williams wrote:
Is authentication required to access the server? If so then the server
need to return Cache-Control: public on the content which is
non-private and should be cached.
Keep in mind that such content will be accessible directly from the
On tis, 2008-10-14 at 14:10 +0530, Paras Fadte wrote:
Also , should the squid server with the below configuration be made
not to cache anything fetched from the parent caches by specifying
proxy-only option ?
proxy-only means that nothing fetched from that peer will be cached
locally in this
On mån, 2008-10-13 at 08:49 -0700, Tom Williams wrote:
So, I setup my first Squid 3.0STABLE9 proxy in HTTP accelerator mode
over the weekend. Squid 3 is running on the same machine as the web
server and here are my HTTP acceleration related config options:
http_port 80 accel vhost
On mån, 2008-10-13 at 00:01 +0200, [EMAIL PROTECTED] wrote:
Probably the culpit is --with-large-files (and
--with-large-cache-files). These should only be used on 32-bit
platforms, not platforms where I/O is natively 64-bits..
you get it, this seems the problem but I am not really sure to
, Paras Fadte [EMAIL PROTECTED] wrote:
Thanks Henrik.
On Sat, Oct 11, 2008 at 1:39 AM, Henrik Nordstrom
[EMAIL PROTECTED] wrote:
On fre, 2008-10-10 at 16:40 +0530, Paras Fadte wrote:
How do I setup CARP in squid ? Whats a typical setup like ?
Squid only support CARP parents
On lör, 2008-10-11 at 17:30 +0700, sonjaya wrote:
where i get gnu web interface for edit squid.conf and see access.log
etc beside webmin also working in chroot mode web server.
Not sure you will find any better alternative.
Regards
Henrik
signature.asc
Description: This is a digitally
On lör, 2008-10-11 at 18:30 +0200, [EMAIL PROTECTED] wrote:
Hello all,
When I compile squid 2.6.21 on Solaris 8, I do not get any problem.
Everything is running fine but when I try to compile last release 2.7.4
compilation ends with this error message ..
DO you get the same error if you run
On fre, 2008-10-10 at 14:55 +0200, Dalibor Dukic wrote:
I didn't get this bypass interception? I have another SQUID box in this
setup in same wccp web-cache group but with disabled ip forwarding. What
exactly I'm loosing?
If you have ip forwarding enabled then you can use iptables rules to
On lör, 2008-10-11 at 00:30 +1300, Amos Jeffries wrote:
In case Squid cannot do windows update caching by its self, I'm also
looking at integrating Update Accelerator
(http://update-accelerator.advproxy.net/) script with standard squid
2.6 and wondered if anyone else had any experience of
On fre, 2008-10-10 at 16:40 +0530, Paras Fadte wrote:
How do I setup CARP in squid ? Whats a typical setup like ?
Squid only support CARP parents, that is a Squid parenting with a CARP
like array of Squid servers.
Intra-array CARP routing is not supported (where members of a CARP array
direct
On tor, 2008-10-09 at 07:28 +0700, ░▒▓ ɹɐzǝupɐɥʞ ɐzɹıɯ ▓▒░ wrote:
forgot something
is that works for 1 webserver IP or multi server behind it ?
Depends on how you configure it. There is one cache_peer per server.
The example is for 2 servers with multiple domains on each.
Regards
Henrik
On tor, 2008-10-09 at 10:09 +0200, Gregory Machin wrote:
Hi
what cause this
Most likely a broken dyndns client configured to use the proxy, combined
with the same port being used both for forward proxy and transparent
interception.
2008/10/05 05:27:47| WARNING: Forwarding loop detected for:
File a bug report.
Regards
Henrik
On tor, 2008-10-09 at 18:36 +0200, Ivo Pedro Sandoval wrote:
Hi,
We have a strange problem with overlap in logs files. We have a squid 3
with NTLM authentication. The problems is that sometime we detect that a
mistake in the username of logs files. USER1
On fre, 2008-10-10 at 00:19 +0200, Dalibor Dukic wrote:
I have transparent SQUID proxy with L2/L3 switch redirecting HTTP
traffic to proxy through GRE tunnel. Yesterday, I've noticed that SQUID
box is sending strange packets (TCP RST) to destination web server in
order to terminate
On ons, 2008-10-08 at 14:39 +1300, Amos Jeffries wrote:
How about a global 'skip' timer like that used to silence NAT errors?
if(last_cleanup squid_curtime - 3600) {
last_cleanup = squid_curtime;
storeDirWriteCleanLogs();
}
That way it doesn't need a new signal, but still gets run
On tis, 2008-10-07 at 18:22 -0300, Leonardo Rodrigues Magalhães wrote:
with SNMP i can already grab the 'Total Accounted' value but i
would like the real allocated memory by squid, which seems to be the
'Total in use' value.
I do not think these are exposed in the MIB yet..
On ons, 2008-10-08 at 09:55 +0700, ░▒▓ ɹɐzǝupɐɥʞ ɐzɹıɯ ▓▒░ wrote:
it's works
i use http://wiki.squid-cache.org/SquidFaq/ReverseProxy
acl our_sites dstdomain your.main.website
http_access allow our_sites
cache_peer_access myAccel allow our_sites
cache_peer_access myAccel deny all
question
On ons, 2008-10-08 at 15:20 -0400, Chris Woodfield wrote:
Does squid properly grok the date format of an Expires: header where
the time zone is specified numerically (i.e. -0400) instead of by
letter code (i.e. EDT)?
It grogs neither of the two. HTTP only allows for GMT dates.
Quote from
On mån, 2008-10-06 at 21:09 -0700, Linda W wrote:
With no processes attaching to squid -- no activity -- no open
network connections -- only squid listening for connections --
why is squid walking up doing a busy-wait so often?
It's the most active process -- even when it is supposedly doing
On tis, 2008-10-07 at 18:24 +1300, Amos Jeffries wrote:
NP: Some helpers though have a max concurrency of 1.
Most actually. Supporting a concurrency level other than 0 (default)
requires a change in the helper.
Regards
Henrik
signature.asc
Description: This is a digitally signed message part
On tis, 2008-10-07 at 19:12 +0800, howard chen wrote:
E.g. for a dynamic page,
http://www.example.com/product.php?id=123
Normally this page is not cached by Squid as it contains some user
information such as login name.
However, is it possible to enable caching, if UA = Googlebot or
On tis, 2008-10-07 at 23:02 +0800, howard chen wrote:
On Tue, Oct 7, 2008 at 8:11 PM, Henrik Nordstrom
[EMAIL PROTECTED] wrote:
Best done by the origin server using the Vary header and Cache-Control:
max-age..
It can't, since it will confuse my squid to cache the page for normal
user
On tis, 2008-10-07 at 08:19 -0700, Andrew Struiksma wrote:
OK, but I'm still not 100% when the helper is actually called. Is the
helper only used when a user is prompted for a password or is there an
authentication process that takes place for each request?
The helper is called each time
On tis, 2008-10-07 at 14:31 +0200, Dietmar Braun wrote:
Thursday, October 2, 2008, 12:44:01 PM, you wrote:
Bug 2447:
http://www.squid-cache.org/bugs/show_bug.cgi?id=2447
Not really sure it's the same bug, but perhaps related.
Please get a stack trace of your crash and file a new bug
On tis, 2008-10-07 at 09:45 -0500, Johnson, S wrote:
Does anyone know of a good HowTo on running WCCP and Squid together?
(Specifically running WCCP on the linux box itself and not a Cisco
router.)
Normally you don't run WCCP in such setups. Instead use LVS + ldirectord
if you need to have the
On tis, 2008-10-07 at 12:46 -0300, Rafael Gomes wrote:
So, it is very risky.
User may get a old page after a crash and journal recovery.
It's worse. The user may get a corruoted page with content mixed from
various old files after a system crash an journal recovery.
With the default
On tis, 2008-10-07 at 11:49 -0500, Dave Dykstra wrote:
Ah, I never would have guessed that I needed to try 10 times before
negative_ttl would take effect for a dead host. That wouldn't be
bad at all.
You don't. Squid does that for you automatically.
time I still saw the request get sent
On tis, 2008-10-07 at 15:25 -0400, Chris Woodfield wrote:
We've been noticing lately that the logrotation process is taking
longer and longer as our caches fill up - currently, with ~18 million
on-disk objects, we've seen it take as long as 12 seconds, during
which time squid is not
On sön, 2008-10-05 at 09:04 +0200, Sommariva Graziano wrote:
Is it possible to monitor Delay Pools with MRTG?
There is no SNMP MIB definition for the delay pools counters.
BUt in theory it's possible to collect the data using cachemgr and feed
it into mrtg or rrdtool.. but it's probably about
On sön, 2008-10-05 at 16:38 +0200, Itzcak Pechtalt wrote:
When Squid reach several millions of objects per cache dir, it start
to be very CPU consumer, becuae every insertion and deletion of object
takes long time.
Mine don't.
On my Squid 80-100GB had the CPU consumption effect.
That's a
On mån, 2008-10-06 at 08:49 +0200, Francois Cami wrote:
I would not run an ext3 filesystem with data=writeback . noatime and
nodiratime provide a welcome boost by eliminating unneeded writes,
however writeback is not {powerfailure, system crash}-safe. If you
value your time (especially the
On mån, 2008-10-06 at 10:59 +0200, NGUYEN DANG LUAN, Eric wrote:
I've tried almost all options for cache_peer but it doesn't seem to work. Is
it a squid's bug?
Did you try login=PASS using squid-2.7?
Regards
Henrik
signature.asc
Description: This is a digitally signed message part
On mån, 2008-10-06 at 11:08 +0200, Matus UHLAR - fantomas wrote:
On 05.10.08 12:31, Rafael Gomes wrote:
I have two Scsi discs. I can set a unique cache_dir and make a Raid 0,
so i will improve the write or I can set two cache_dir one per disc.
What is better?
Are There any
On mån, 2008-10-06 at 19:07 +0200, Itzcak Pechtalt wrote:
On Mon, Oct 6, 2008 at 1:05 PM, Henrik Nordstrom
[EMAIL PROTECTED] wrote:
But it is important you keep the number of objects per cache_dir well
below 2^24. Preferably not more than 2^23.
Is there any way to limit number
# fragment anchors is not valid within HTTP. These are used by the
user-agent only to select the starting point in the retreived page, not
by servers or proxies, and must be stripped off before the URL is sent
in HTTP.
Example:
Requests for both
http://www.example.com/test.html#a
and
On lör, 2008-10-04 at 21:29 +0800, Roy M. wrote:
Hello,
Consider I have two domains, e.g. example.com and example.net
What I want is to extract a portion from the URL, and dynamic set the
backed servers...
E.g.
http://apple.1.example.net = http://apple.example.com
On tor, 2008-10-02 at 15:36 +0200, Hendrik Pahl wrote:
Hi Amos,
... It may be a fixed bug.
Can you provide a link or something so that i can inform myself about
that bug?
It's not a known bug, and current releases are not known to exibit this
problem.
Regards
Henrik
signature.asc
On fre, 2008-10-03 at 10:17 +0200, NGUYEN DANG LUAN, Eric wrote:
I'm using squid as a cache server working with webwasher (proxy +
authentication + webpage filter). Here's the context :
User's computerSquid Webwasher---Internet
On fre, 2008-10-03 at 14:31 +, Juan Miguel Corral wrote:
But when I have upgraded those
servers to hardy (samba 3.0.28a) and lenny (3.2.3), then
squid auth has stopped working, without any other config change.
Squid version I am using are 2.6.STABLE16 and 2.7.STABLE3.
I am using the
By default Squid tries to use a parent 10 times before declaring it
dead.
Each time Squid retries a request it falls back on the next possible
path for forwarding the request. What that is depends on your
configuration. In normal forwarding without never_direct there usually
never is more than at
On tis, 2008-09-30 at 20:15 -0700, Stand H wrote:
Hi,
Suppose that I have 100GB cache size. Roughly, how much hit rate or
byte rate can I improve if I increase the size to 500GB? Is larger
cache better than smaller cache, say 500GB vs 1TB? Suppose I have
enough RAM.
When the cache has
On ons, 2008-10-01 at 15:42 +1000, Mark Nottingham wrote:
I.e., the max-age cache-control directive takes precedence over Expires.
I've tested Squid and a number of other caches with Co-Advisor, and if
Expires indicates the response is fresh, but CC: max-age says it's
stale, it will treat
On tor, 2008-10-02 at 15:57 +1300, Amos Jeffries wrote:
Hi,
we have latest Squid 3 STABLE9 running... this night we saw it dying:
2008/09/30 23:33:27| idnsGrokReply: Malformed DNS response
FATAL: Received Segment Violation...dying.
2008/09/30 23:33:31| storeDirWriteCleanLogs:
On tor, 2008-10-02 at 10:57 +0200, Christian Tzolov wrote:
I am scared by the I believe part :).
1. Can we relay on Squid to always update its cached content if the
response is newer (e.g. response has new Expires date and no other
validators)?
Yes.
2. Squid does not change/optimize
On tis, 2008-09-30 at 00:09 -0300, Rafael Gomes wrote:
Is it true that there are problems with Cache_dir more than 10GB?
No. The limit is 2^24 objects per cache_dir. (around 200GB or so)
But at about 9-10GB you need to adjust the L1 value for the cache
structure to be most efficient. But it
On mån, 2008-09-29 at 23:11 -0700, mSajjad wrote:
how to pass pop3 in squid 2.5
Squid is not a firewall. Squid is an HTTP proxy.
POP3 is not HTTP.
Regards
Henrik
signature.asc
Description: This is a digitally signed message part
On fre, 2008-09-26 at 10:33 +0700, ░▒▓ ɹɐzǝupɐɥʞ ɐzɹıɯ ▓▒░ wrote:
While trying to retrieve the URL: http://riset.gpi-g.com/
The following error was encountered:
* Connection to 202.169.51.119 Failed
The system returned:
(111) Connection refused
Which means networking issues,
The generic DB auth helper shipped with Squid (squid_db_auth) should
work fine, and is both documented and maintained.
helpers/basic_auth/DB/
On fre, 2008-09-19 at 19:19 +0200, Simone wrote:
Hi,
could somebody explain me how can I set up a PostgreSQL based
authentication for squid?
I
On fre, 2008-09-19 at 13:04 -0700, Andrew Struiksma wrote:
We have a company intranet server running Apache2 on Debian 4.
Currently it is only available on our LAN. We would like to make it
available outside our LAN. However, we want users to have to
authenticate against our Active Directory
the *_header_access directives can only change the external view of the
headers sent by Squid, not how Squid parses received headers.
To override bad things sent by client or server you need to use
refresh_pattern overrides. In your case both the ignore-reload and
ignore-private overrides.
Be
tis 2008-09-02 klockan 11:28 +1000 skrev Mark Nottingham:
Random thought: when an origin is doing one of these, is / can it be
noted in cache.log somehow? Would be useful, at least for accelerator
setups...
Log when an URI goes from Vary to non-Vary during normal requests should
be fairly
On mån, 2008-09-01 at 08:38 +0800, Adrian Chadd wrote:
2008/8/31 Henrik Nordstrom [EMAIL PROTECTED]:
[snip]
I've tried to summarise this in a wiki article:
http://wiki.squid-cache.org/KnowledgeBase/VaryNotCaching
Could you please take a peek and tell me if I've covered everything
On lör, 2008-08-30 at 10:01 +0800, Jeff Peng wrote:
We also use LVS + Squid setup.
But what I want to know is, if we have only two squid for reverse proxy,
can we setup only heartbeat for HA? (I mean don't use LVS).
Yes. Just configure heartbeat with a virtual IP (or two if you want both
On lör, 2008-08-30 at 15:36 +0800, Adrian Chadd wrote:
* Subsequent requests w/ or w/out Accept-Encoding: set will always
return the non-compressed object
There is two possible reasons to this, both involving broken web servers
a) Some web servers forget to add Vary on the non-compressed
On tor, 2008-08-28 at 16:16 -0800, Chris Robertson wrote:
Consider me interested. I've had a bit of experience with heartbeat and
Zen (that was a fun learning project) and am looking to turn my visible
pool of servers into a single front end. What causes you to qualify
your statement
On fre, 2008-08-29 at 14:08 +0100, Simon Waters wrote:
I don't care if Squid does a refresh query for an 8MB object, indeed I'm
happy
for it to check freshness every time such an object is fetched if needed to
comply with HTTP RFCs, I was just concerned that Squid is fetching the whole
On fre, 2008-08-29 at 06:22 -0700, John Doe wrote:
Hi,
I was just wondering what happens when I use source-hashing balancing and the
target server is down...
Will squid fallback to round-robin?
It then acts pretty much as if the cache_peer line of the failed peer
isn't there, until it
On fre, 2008-08-29 at 15:55 +0100, Joe Tiedeman wrote:
I'm currently trying to write an internal web application to manage our
proxies (specifically our reverse proxy) and have hit a bit of a
stumbling block. It appears that the objects and vm_objects listing from
the cache manager only
On fre, 2008-08-29 at 16:07 +0100, Joe Tiedeman wrote:
Having relooked at cache_object://localhost/objects, it appears that
there are quite a few objects listed as NOT_IN_MEMORY, I assume that
these are cached on disk, but they don't include the URL and method
which the IN_MEMORY objects do,
On tor, 2008-08-28 at 10:57 +0800, Jeff Peng wrote:
The kind of setup I would use for this is heartbeat managing a
ldirectord instance which distributes the load on the proxies.
Hello Henrik,
Can we make heartbeat between two squid hosts then?
Yes. Two hosts, both running heartbeat
On tor, 2008-08-28 at 03:51 -0700, John Doe wrote:
Anyway, since it does not work with apache either; I guess it is ab's
problem...
Very likely. HEAD responses is a bit different from any other form of
HTTP response, and requires special care in keep-alive..
Regards
Henrik
signature.asc
On ons, 2008-08-27 at 17:07 -0800, Chris Robertson wrote:
I suppose getting the COSS cache_dir store type cleaned up, or removed
would be another suggestion. I recall seeing COSS support in Squid 3
hit the list a couple of times. Associated with that would be the
min-size option to
On tor, 2008-08-28 at 15:30 +0530, Saurabh Agarwal wrote:
I know that Squid supports SNMP but also read that SQUID MIB has not
evolved much over years.
A SNMP MIB shouldn't evolve very much..
Are there any plans to upgrade the SQUID MIB set in coming releases?
Things do get added to the
On tor, 2008-08-28 at 09:49 -0700, [EMAIL PROTECTED] wrote:
I'm aware of how to socksify Squid using tsocks, etc., but that won't
work for me as I'd like Squid to use multiple SOCKS parents in a
round-robin configuration.
Is this possible? If so, how? If not, can the ability for Squid to
The more interesting stream is the stream between Squid and the web
server, not the tream between browser and Squid..
ons 2008-08-27 klockan 09:06 +0100 skrev Pedro Mansito Pérez:
Thank you, Steve Bertrand, for your help.
El 26/08/2008, a las 20:59, Henrik Nordstrom escribió:
On tis
On tor, 2008-08-21 at 12:22 +0200, Matus UHLAR - fantomas wrote:
You can configure the client to abuse squid by using CONNECT request to FTPS
ports, but the only thing you achieve is controlling on squid's side where
(IP:port) the clients may connect to...
And since you need to support the
On tor, 2008-08-21 at 09:41 +, John =) wrote:
Further to my request yesterday... I would prefer to be able to just generate
the md5 hash manually, rather than writing code to use storeKeyPublic() in
src/store_key_md5.c. However, I must not be interpreting that function
correctly as my
On fre, 2008-08-22 at 17:43 +0200, Andre wrote:
Hi.
For the https_port it is possible to set a cipher option to control
the chosen ciphers. I know this should be
a : separated list, but I'm not able to find any hints the naming
convention or valid ciphers to use.
It's OpenSSL stuff..
man
On mån, 2008-08-25 at 12:49 +0800, Jeff Pang wrote:
If I use it in reverse proxy, the parent is a realserver, then I can't
use background-ping and weighted-round-robin, is it?
Since realserver doesn't accept ICP queries. Thanks.
You can still use ICP on the UDP ECHO port to measure network
On mån, 2008-08-25 at 01:22 -0700, Ramon Moreno wrote:
2008/08/22 19:43:09| TCP connection to 10.1.1.2 (10.1.1.2:80) failed
2008/08/22 19:43:09| Detected DEAD Parent: 10.1.1.2
Is squid actually requesting an image, or is it just trying to make a
socket connection to the port?
This message
On ons, 2008-08-27 at 08:54 -0700, John Doe wrote:
Are HEAD requests incompatible with keep-alive...?
No. HEAD requests keep-alive just fine.
My bet is that the benchmark tool you use can't handle HEAD responses.
Regards
Henrik
signature.asc
Description: This is a digitally signed message
On ons, 2008-08-27 at 16:30 -0300, Marcos Dutra wrote:
Anybody make any cluster of squid for high availability?
I'd like create this with 2 servers and without cache_peer because I
need to use the 2 server in same time with ntlm auth.
I think use in the solution heartbeat, the problem is how
On tis, 2008-08-26 at 10:22 +0100, Pedro Mansito Pérez wrote:
Hello Henrik,
I have never used wireshark or tshark, so excuse my ignorance.
You need to use the wireshark gui to access the TCP stream analysis
function.
You can run the gui on another host (including Windows) by first making
a
On tor, 2008-08-21 at 07:24 -0700, nairb rotsak wrote:
Just to clarify, to use wbinfo_group.pl, I need to:
1. Add Domain Local group to Active Directory called Internet-Allowed (name
not important)
Yes, unless you already have a suidable group.
2. Add 'external_acl_type ADS %LOGIN
also added to binary download section.
Forwarded Message
From: Steven M. Christensen [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: Henrik Nordstrom [EMAIL PROTECTED]
Subject: Re: Please update Squid package
Date: Wed, 20 Aug 2008 18:44:19 -0400
Henrik -
2.7.STABLE4 is now
?
Greetings,
Jan
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 19, 2008 11:52 PM
To: Van Camp Jan
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] binary install for SOLARIS
mån 2008-08-18 klockan 14:55 +0200 skrev Van Camp Jan
On ons, 2008-08-20 at 15:15 +0100, Pedro Mansito Pérez wrote:
It fails on: 2.6 STABLE14, 2.7 STABLE4 and 3.0 STABLE7 (with and
without the Accept-Encoding hack).
You don't need the Accept-Encoding hack with Suqid-2.7.
What you should do now is to fire up wireshark on the proxy server and
On ons, 2008-08-20 at 14:00 +0800, Adrian Chadd wrote:
Run the latest Squid-3.0 ; PRE5 is old and buggy.
Shout at the debian distribution for shipping such an old version.
Nor only old buggy, also not a stable release for production use only
a pre-release for early adopter testing.
Regards
On ons, 2008-08-20 at 09:49 -0700, John Doe wrote:
Ok, thx.
I first thought squid had buffers (waiting queues) for helpers because of the
up to 1 pending requests queued and queue overload messages.
What do they mean?
It has buffers. The buffer is as large as there is children. So if you
On ons, 2008-08-20 at 23:04 +1200, Amos Jeffries wrote:
The config lines you use only 'no_cache', 'cache_access_log' have
changed. To just 'cache' and 'access_log'.
The old names is still understood however..
Regards
Henrik
signature.asc
Description: This is a digitally signed message part
On ons, 2008-08-20 at 16:28 +0300, Wennie V. Lagmay wrote:
Dear all,
Using squid-2.5 and 2.6 forwarding all request to another proxy is simple:
How do I configure Squid forward all requests to another proxy?
First, you need to give Squid a parent cache. Second, you need to tell Squid
it
On ons, 2008-08-20 at 08:39 -0700, nairb rotsak wrote:
The 2nd one is what I pretty much used to get this far...
I just don't know how to tie it all together.. and I have looked at the
wbinfo_group.pl.. but not sure if I need to go that far??
far?
wbinfo_group.pl is the easiest way to get
On ons, 2008-08-20 at 16:24 +, John =) wrote:
Hi, this probably seems like a trivial question, but I have not been able to
find any help in the mail archive.
How is the hash value used to index the object in the cache generated please?
My intentions are to be able to manually
tis 2008-08-19 klockan 22:41 +0800 skrev Jeff Pang:
does squid-3.0 have src hash option for keeping persistent session
when there're more than one backend server?
It has since 2008-07-17. (3.0.STABLE8)
Regards
Henrik
tis 2008-08-19 klockan 10:42 -0400 skrev Steve Snyder:
Is there a current guesstimate as to when an IPv6-capable version of
Squid will be released?
A guess is around the October timeframe..
Regards
Henrik
mån 2008-08-18 klockan 11:06 +0100 skrev Joe Tiedeman:
I want to try and achieve this setup so that content is returned to clients
as fast as possible, but also trying to make sure that my infrastructure is
queried for it every time someone tries to access it, even if it's just for
logging
sön 2008-08-17 klockan 20:41 -0700 skrev chudy:
one thing i've seeing Warnings about failed to unpack meta data that i've
never seen in aufs.
Did you wipe your cache when changing the file size api?
32-bit and 64-bit caches may be incompatible..
Regards
Henrik
sön 2008-08-17 klockan 21:35 +0100 skrev Joe Tiedeman:
I am currently used squid as a caching reverse proxy. I would like to
know if it's possible to have the web server return the appropriate
caching headers to squid and have squid rewrite/replace the headers to
make the client not cache
On sön, 2008-08-10 at 20:25 -0700, Rob Williams wrote:
HTCP, Cache Digest, whatever), do I need all requests to my array /
mesh to come to a 'master' squid acting as a router/load balancer? Or
do I put a load balancer in front of the array and distribute http
requests randomly to the squids
On tor, 2008-07-31 at 01:08 +0800, Adrian Chadd wrote:
it shouldn't be hard to write up some code to authenticate basic users
off a cleartext password file.
After all, the basic auth password is transmitted in cleartext; you
just need to base 64 decode things..
And Squid already decodes it
Any tool that works for Apache htdigest is fine for Squid digest_pw_auth
as well.
Regards
Henrik
On ons, 2008-07-30 at 16:55 -0500, Luis Enrique wrote:
somebody knows some tool, cgi, phpscript that allows to change passwds for
this authentication method
On ons, 2008-07-30 at 11:29 +0200, Ralf Hildebrandt wrote:
with /etc/squid/wlan-proxyauth.digest containing:
user:password
Can I, in a simple fashion, switch to auth_param basic with the same
(or easily modified) /etc/squid/wlan-proxyauth.digest file?
The following simple shell script
On ons, 2008-07-30 at 11:57 -0300, Matias Chris wrote:
We are affected by this problem, IWSS is telling:
2008/07/30 11:05:35 GMT-03:00 18297:19575 WARNING: X-TE trailers
not found, ICAP client does NOT support trickling for this type of
transaction
When trying to download a large file. Is
701 - 800 of 11697 matches
Mail list logo