Sunday, November 1, 2020 2:41 AM
To: squid-users@lists.squid-cache.org
Cc: 'roee klinger'
Subject: RE: [squid-users] Best practice for adding or removing ACLs
dynamically ?
Hey Roee,
I am trying to understand what part of squid.conf you want to be able to change
without a reconfigure/reload?
If you
On 1/11/20 12:27 pm, roee klinger wrote:
Thanks Amos!
I updated "auth_param basic credentialsttl" according to your advice and
it is working great.
I am still having issues with the "tcp_outgoing_address 192.168.8.12
acl_for_user3002" part, you mentioned:
> For ACLs with values that are
l.com
-Original Message-
From: squid-users On Behalf Of roee
klinger
Sent: Saturday, October 31, 2020 2:35 AM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Best practice for adding or removing ACLs dynamically ?
Hey,
I have Squid configured to send users to different outgoi
Thanks Amos!
I updated "auth_param basic credentialsttl" according to your advice and it
is working great.
I am still having issues with the "tcp_outgoing_address 192.168.8.12
acl_for_user3002" part, you mentioned:
> For ACLs with values that are expected to change often it is best to use
> an
On 31/10/20 1:34 pm, roee klinger wrote:
Hey,
I have Squid configured to send users to different outgoing interface like so:
..
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/htpassword
acl acl_for_user3002 proxy_auth user2
tcp_outgoing_address 192.168.8.12
Hey,
I have Squid configured to send users to different outgoing interface like so:
..
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/htpassword
acl acl_for_user3002 proxy_auth user2
tcp_outgoing_address 192.168.8.12 acl_for_user3002
http_port 3002 name=3002
http_access
Hi list.
We would like to know whats the best practice when we have more than 3000 rules
on our squid. Right now squid takes more than 15 minutes to start or restart,
we think that's because we have a lot of rules.
The question is:
If we change all that rules to a text file, squid will start
HOla :) consultoria!!
We did have the same problem, from 15 mins we reduce up to 30 seconds,
Squid 3.0 and 3.1 has a feature, that they stop all traffic until the hole set
of ACL are processed, there is not much to dup than acl
optimization/reducction in a single-box scenario.
LD
Le mardi
it depends on the machine...
to make sure that the 3000 rules loading is the problem you can run the
squid server on a verbose mode to see how long it takes to load the rules.
from what i have seen the stop process depends less on the amount of
rules but on the amount of connections used on
On 10/12/10 08:02, jeff donovan wrote:
okay made a few changes to the conf file to bring up to 3.1 terminology. things
are still bogging down.
I just erased and reset the cache squid -z and my internet speeds are back
to normal.
ill run for 24 hours and see how things go. This jam up has
On 10/12/10 02:37, BASDarchive wrote:
On Dec 7, 2010, at 10:35 PM, Amos Jeffries wrote:
On Tue, 7 Dec 2010 19:35:08 -0500, BASDarchive
basdarch...@beth.k12.pa.us
wrote:
On Dec 7, 2010, at 5:13 PM, Amos Jeffries wrote:
On 08/12/10 05:32, donovan jeffrey j wrote:
greetings
i recently
greetings
i recently updated my transparent proxy to sq 3.1.9, which also uses squidguard
for url filters.
this have been bogging down. browser always says ,.. waiting for google,...
or waiting for www.abc.com
I could have a dns issue or I could have a cache swap issue or a squidguard
issue.
On 08/12/10 05:32, donovan jeffrey j wrote:
greetings
i recently updated my transparent proxy to sq 3.1.9, which also uses squidguard
for url filters.
First best practice is to use the right terminology.
Your log traces says Accepting intercepted HTTP connections at
10.0.2.3:3128 So they
On Dec 7, 2010, at 5:13 PM, Amos Jeffries wrote:
On 08/12/10 05:32, donovan jeffrey j wrote:
greetings
i recently updated my transparent proxy to sq 3.1.9, which also uses
squidguard for url filters.
First best practice is to use the right terminology.
sorry i forgot we changed that ;)
On Dec 7, 2010, at 5:13 PM, Amos Jeffries wrote:
Your log traces says Accepting intercepted HTTP connections at
10.0.2.3:3128 So they are NAT interception connections.
question on terminology; which one do I use for 3.1
http_port 10.0.2.2:3128 transparent
or
http_port 10.0.2.2:3128
On Tue, 7 Dec 2010 19:35:08 -0500, BASDarchive
basdarch...@beth.k12.pa.us
wrote:
On Dec 7, 2010, at 5:13 PM, Amos Jeffries wrote:
On 08/12/10 05:32, donovan jeffrey j wrote:
greetings
i recently updated my transparent proxy to sq 3.1.9, which also uses
squidguard for url filters.
First
Hello
I'm using squid in a 200 user environment, processing approximately 50GB of
traffic per day.
Setup:
ESXi host, VM with 2 vCPUs assigned, 2gb ram, 40GB hdd space (stored on a SANS,
speed shouldn’t be an issue)
I was wondering what the general opinion was for cache-related settings were
On 10.08.10 11:17, Tony Mallin wrote:
I'm using squid in a 200 user environment, processing approximately 50GB
of traffic per day.
Setup:
ESXi host, VM with 2 vCPUs assigned, 2gb ram, 40GB hdd space (stored on a
SANS, speed shouldn’t be an issue)
The cache should reside on local disk,
Thats the problem, redhat is at squid-2.5.STABLE6-3:7.i386 for their latest
supported version.
Thanks
Henrik Nordstrom [EMAIL PROTECTED] 2/5/2007 3:59 PM
mån 2007-02-05 klockan 09:58 -0500 skrev Timothy Bushart:
For remote websites that require AD Authentication, what is the
recommended
tis 2007-02-06 klockan 11:42 -0500 skrev Timothy Bushart:
Thats the problem, redhat is at squid-2.5.STABLE6-3:7.i386 for their latest
supported version.
Then proxying of NTLM authentication won't work.. some things you have
to accept when running a 2.5 year old version no longer supported by
For remote websites that require AD Authentication, what is the
recommended configuration? We just exclude the domain in internet
explorer proxy exclusion section. Is there a global way to detect this
and exclude from going to through squid if a remote website requires a
MS Login?
Thanks
mån 2007-02-05 klockan 09:58 -0500 skrev Timothy Bushart:
For remote websites that require AD Authentication, what is the
recommended configuration? We just exclude the domain in internet
explorer proxy exclusion section. Is there a global way to detect this
and exclude from going to through
22 matches
Mail list logo