Re: [squid-users] squid and iptables

2018-10-13 Thread morteza omidian 
 Cat I Keep Connection marks when I use Tproxy??!
Is "acl aclname clientside_mark mark[/mask]" directive only works on squid4 and 
up??Can i use it in squid3?Is only way to installing squid4 download the source 
code??
Tank You


On Saturday, October 13, 2018, 10:03:33 AM GMT+3:30, Amos Jeffries 
 wrote:  
 
 On 13/10/18 6:08 PM, morteza omidian wrote:
> tanx again.
> Ok, if I want to know connmark of packets and connection in squid and
> then select them with an ACL inside of squid  and then again mark them
> with "tcp_outgoing_mark", is that possible??
> 

Yes.

> In this page  i
> don't see what you said!
> The ACL that be configured only match with clients source ip addresses
> or domain and ..., not connmark!

That is a directive for marking inbound / client connections from the
Squid end - after they have been received.

To fetch an existing mark placed by iptables is an "acl" line. ACL types
are all documented in here:
 

Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
  ___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid Cache Server

2018-10-13 Thread Amos Jeffries 
On 12/10/18 7:55 AM, Mujtaba   Hassan Madani wrote:
> Hi Amos,
> 
>     I have change my domain name to proxy instead of that long one per
> your advice i was wondering where to get information about my current
> caching files and it's size ? i login to
> http://proxy:3128/squid-internal-mgr/info for that but with no success
> attached is web respond. please advise 
> 

The proxy hostname "proxy:3128" does need to resolve in DNS to access it
this way. That is what the browser is complaining about.

Alternatively you maybe can use the Linux/BSD command line tool on the
proxy machine itself:
   squidclient mgr:info

(but given this seems to be a NAS situation it may not be installed there).


Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] squid and iptables

2018-10-13 Thread Amos Jeffries 
On 13/10/18 6:08 PM, morteza omidian wrote:
> tanx again.
> Ok, if I want to know connmark of packets and connection in squid and
> then select them with an ACL inside of squid  and then again mark them
> with "tcp_outgoing_mark", is that possible??
> 

Yes.

> In this page  i
> don't see what you said!
> The ACL that be configured only match with clients source ip addresses
> or domain and ..., not connmark!

That is a directive for marking inbound / client connections from the
Squid end - after they have been received.

To fetch an existing mark placed by iptables is an "acl" line. ACL types
are all documented in here:
 

Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users