[squid-users] R: [squid-users] IE6 SP1 Bug NTLM
It is a Ms problem!!! Try searchin this patch into Microsoft's knowledge base: q331906. Hope it helps you! Bye, Francesco
Re: [squid-users] Can I create an ACL to looks for URLS and if found, inserts into the urls -ie safe=strict
On Tue, 28 Oct 2003, Max Stam wrote: Can I somehow create an ACL to looks for URLS and if found, inserts into the urls something like safe=strict I know you can use a redirector but that makes every url go through it and I would think this would slow squid down. to rewrite URLs you need to use a redirector helper. If you do not want to send all URLs to the redirector then there is redirector_access to limit what requests is sent to redirectors. Regards Henrik
Re: [squid-users] Does rep_mime_type ACL works within delay_access option
On Tue, 28 Oct 2003, Dmitry N. Hramtsov wrote: So my question is: does rep_mime_type ACL works with delay_access option? No. delay_access is evaluated very early in the request forwarding process, long before the reply is seen. P.S. Does maxconn ACL works within delay_access option? I think it should, but I have not verified this combination. Regards Henrik
Re: [squid-users] dansguardian and squidguard
On Tue, 28 Oct 2003, Fritz Mesedilla wrote: What I really need is a squid authentication program that I can use WITH MS windows active directory. Our mother company is using windows for authentication but I want to use linux for our sub company. The LDAP helpers shipped with Squid works fine for MSAD and comes with some documentation including MSAD examples.. Regards Henrik
RE: [squid-users] dansguardian and squidguard
I'll check that out. Thanks Henrik. Cheers, fritz www.mesedilla.com --- + Basta Ikaw Lord -Original Message- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 28, 2003 3:50 PM To: Fritz Mesedilla Cc: Squid Mailing List (E-mail) Subject: Re: [squid-users] dansguardian and squidguard On Tue, 28 Oct 2003, Fritz Mesedilla wrote: What I really need is a squid authentication program that I can use WITH MS windows active directory. Our mother company is using windows for authentication but I want to use linux for our sub company. The LDAP helpers shipped with Squid works fine for MSAD and comes with some documentation including MSAD examples.. Regards Henrik -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender immediately by e-mail and delete this e-mail from your system. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Overture Media, Inc. Direct Line: (632) 635-4785 Trunkline: (632) 631-8971 Local 146 Fax: (632) 637-2206 Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave., Quezon City 1100
[squid-users] Password popupbox + squid_ldap_auth
I have a squidbox (Squid 3.0) with squid_ldap_auth against NDS. And it works just fine. But i dont want to write my username and password every time i start Internet Explorer (Ver 6.0), is there anyway to catch the username from IE6? /Mats Nilsson -- Meddelandet har kontrollerats mot virus samt skadligt innehåll av MailScanner och förmodas vara säkert.
Re: [squid-users] time based Instant Message blocking
It's better to ask the list than just one person - you get more replies that way. Additionally, anyone who has the same question in the future benefits from having the answer already in the archives. Yes, sir. Well, I downloaded squid 2.5 stable 4 and built it. Unfortunately I cannot run that on IPCop 1.3 because squid 2.5 uses glibc 2.3 that is not supported in IPCop. Strange - we're running RedHat 7.3 (which has glibc 2.2.5) and had no problems building Squid. You're building Squid from source, right? Yes, I am building it from source. I'm building it on RH8.0 because IPCop doesn't have a compiler. After building it, when I check the symbols in the squid executable using nm, I get: $nm squid | grep GLIBC_2.3 U __ctype_b_loc@@GLIBC_2.3 U __ctype_tolower_loc@@GLIBC_2.3 U __ctype_toupper_loc@@GLIBC_2.3 Are you running Squid as a transparent proxy? No. All the clients have their browsers/messengers configured to use the proxy. I'm using an IPCop box as my proxy firewall. It's a P3 box with 20 GB hard disk. I only have iptables squid running on this system. The Internet speed is noticeably slow (so slow in fact that I could not even download stuff from my external ftp server) I've used this setup of IPCop (firewall proxy) before and never had problems. I used to control web access mainly through the firewall (iptables) earlier. This time, I blocked all port 80 accesses at the firewall so that the users would be forced to go via squid but the speed is significantly slow. Regards, Manu
Re: [squid-users] Does rep_mime_type ACL works within delay_access option
Hello Henrik, Thank you for a quick and informative answer. I cannot say for sure, but, theoretically, it is possible to recalculate ACL matches when reply comes. So squid may reassign delay pool for request. Am I right? Best regards, Dmitry N. Hramtsov On Tue, 28 Oct 2003, Henrik Nordstrom wrote: On Tue, 28 Oct 2003, Dmitry N. Hramtsov wrote: So my question is: does rep_mime_type ACL works with delay_access option? No. delay_access is evaluated very early in the request forwarding process, long before the reply is seen. P.S. Does maxconn ACL works within delay_access option? I think it should, but I have not verified this combination. Regards Henrik
Re: [squid-users] Does rep_mime_type ACL works within delay_access option
On Tue, 2003-10-28 at 21:35, Dmitry N. Hramtsov wrote: Hello Henrik, Thank you for a quick and informative answer. I cannot say for sure, but, theoretically, it is possible to recalculate ACL matches when reply comes. So squid may reassign delay pool for request. Am I right? Not in the current codebase, no. Hypothetically, you could alter squid to do this. Rob -- GPG key available at: http://members.aardvark.net.au/lifeless/keys.txt. signature.asc Description: This is a digitally signed message part
[squid-users] streamload.com
Hi all, Anybody know how I can block all streamload.com. servers?? Regards. Fernando Ampugnani EDS Argentina - Software, Storage Network Global Operation Solution Delivery Tel: 5411 4704 3428 Mail: [EMAIL PROTECTED]
RE: [squid-users] time based Instant Message blocking
Well, I downloaded squid 2.5 stable 4 and built it. Unfortunately I cannot run that on IPCop 1.3 because squid 2.5 uses glibc 2.3 that is not supported in IPCop. Strange - we're running RedHat 7.3 (which has glibc 2.2.5) and had no problems building Squid. You're building Squid from source, right? Yes, I am building it from source. I'm building it on RH8.0 because IPCop doesn't have a compiler. RedHat 8.0 uses glibc 2.3, so when you compile Squid on it, Squid gets linked with glibc 2.3. Do you have access to a Linux box that has an older version of glibc? If so, try building Squid on that. Are you running Squid as a transparent proxy? No. I'm using an IPCop box as my proxy firewall. It's a P3 box with 20 GB hard disk. I only have iptables squid running on this system. How much RAM is in the machine? How fast is the disk (rotational speed and data rate)? Those are the two areas where Squid can really bog down a system. The Internet speed is noticeably slow (so slow in fact that I could not even download stuff from my external ftp server) Looking at your past emails, I see that you are using UFS for the cache_dir type. That is only recommended for a few concurrent users; anything beyond that should be using one of the async I/O modes (aufs or diskd - aufs being preferred on Linux). Support for aufs must be compiled into Squid - see 'configure --help' for details. You might also want to remote the cache_store_log setting - store.log is generally only used for debugging, and the logging it creates puts extra load on your disk. Adam
RE: [squid-users] Password popupbox + squid_ldap_auth
I have a squidbox (Squid 3.0) with squid_ldap_auth against NDS. And it works just fine. But i dont want to write my username and password every time i start Internet Explorer (Ver 6.0), is there anyway to catch the username from IE6? - Have IE remember your password or - Purchase Novell's SecureLogin product SecureLogin provides a Single Sign On service that can learn an application's sign on process and stores passwords (encrypted) in NDS/eDirectory. Adam
Re: [squid-users] Does rep_mime_type ACL works within delay_access option
On Tue, 28 Oct 2003, Dmitry N. Hramtsov wrote: I cannot say for sure, but, theoretically, it is possible to recalculate ACL matches when reply comes. So squid may reassign delay pool for request. Am I right? Everything is possible in theory. If you are planning on digging into the Squid source I would recommend looking at the Squid-3 development version. Many things have been improved internally and this kind of modification should be a lot easier there than earlier Squid releases. Regards Henrik
Re: [squid-users] time based Instant Message blocking
On Tue, 28 Oct 2003, Manu C S wrote: Yes, I am building it from source. I'm building it on RH8.0 because IPCop doesn't have a compiler. After building it, when I check the symbols in the squid executable using nm, I get: $nm squid | grep GLIBC_2.3 U __ctype_b_loc@@GLIBC_2.3 U __ctype_tolower_loc@@GLIBC_2.3 U __ctype_toupper_loc@@GLIBC_2.3 Hmm.. my RH8.0 boxes is glibc 2.2 based, and gives the requirement for GLIBC_2.0 on most binaries.. are you sure the station you are building on is a RedHat 8.0? The above looks like it is a RedHat 9 system.. Please note that when building binaries on one system for running on another you need to be VERY careful with the version of glibc and compilers used on the system used for building the binaries. It will never work if the system used for building the binaries uses newer libraries or compilers than the target system is used/designed for. For details on what kind of system is required for building applications for ICop please see your ICop documentation for the version of ICop you are using. This is not a Squid question. Regards Henrik
[squid-users] differents acl using different ports
Hello, I want to use squid to filter what my users do. To do that I use acl but there's something I miss anderstand... I an two sort of users, administrators and simple user. The first can go on some sites, others on other web sites. I have create two files in witch I record the web sites where the groups can go. In squid.conf I've put those lines but it doesn't work. acl IGA port 3127 acl IGA_ass dstdomain /usr/local/squid/etc/sites_assurances http_access allow IGA_ass http_access deny IGA http_access deny all acl IGA_T port 3128 acl IGA_info dstdomain /usr/local/squid/etc/sites_informatiques http_access allow IGA_info http_access deny IGA_T http_access deny all The first group can go on insurance company website, the second on computers website. In their browser I have changed the port for the proxy. By that way I suppose I can affect an acl to each group. Maybe there's an different way to do that. Thank you for your help. Sincèrement Franklin LECOINTRE
[squid-users] differents acl using different ports
Hello, I want to use squid to filter what my users do. To do that I use acl but there's something I miss anderstand... I an two sort of users, administrators and simple user. The first can go on some sites, others on other web sites. I have create two files in witch I record the web sites where the groups can go. In squid.conf I've put those lines but it doesn't work. acl IGA port 3127 acl IGA_ass dstdomain /usr/local/squid/etc/sites_assurances http_access allow IGA_ass http_access deny IGA http_access deny all acl IGA_T port 3128 acl IGA_info dstdomain /usr/local/squid/etc/sites_informatiques http_access allow IGA_info http_access deny IGA_T http_access deny all The first group can go on insurance company website, the second on computers website. In their browser I have changed the port for the proxy. By that way I suppose I can affect an acl to each group. Maybe there's an different way to do that. Thank you for your help. Sincèrement Franklin LECOINTRE Sincèrement Franklin LECOINTRE Ce message est protege par les regles relatives au secret des correspondances ; il peut en outre contenir des informations a caractere confidentiel ou protegees par differentes regles et notamment le secret des affaires ; il est etabli a destination exclusive de son destinataire. Toute divulgation, utilisation, diffusion ou reproduction (totale ou partielle) de ce message, ou des informations qu'il contient, doit etre prealablement autorisee. Tout message electronique est susceptible d'alteration et son integrite ne peut etre assuree. IGA-PEGASE decline toute responsabilite au titre de ce message s'il a ete modifie ou falsifie. Si vous n'etes pas destinataire de ce message, merci de le detruire immediatement et d'avertir l'expediteur de l'erreur de distribution et de la destruction du message.
[squid-users] NTLM Authentication Problem
I'm having a problem getting NTLM authentication working between Squid 2.5STABLE4 and Samba 3.0.0 running on Linux 2.4.18. I've read the archives, faq, how-to, walk-thru, etc, and believe I have everthing correctly configured. I'm using the helper that is part of Samba 3.0, not the Squid helper. Basic authentication works fine with the helper, but I cannot get ntlmssp working. I set group read,execute access to the winbind pipe directory and full read,write,execute on the pipe itself. drwxr-x---2 root squid 72 Oct 27 21:21 winbindd_privileged/ srwxrwxrwx1 root root0 Oct 27 21:21 pipe= I have samba configured with ads but am not using it. I joined the domain with rpc and am using security=domain in smb.conf. The wbinfo commands work fine: #wbinfo -t checking the trust secret via RPC calls succeeded #wbinfo -a TSTDOM\\testuser%testpass plaintext password authentication succeeded challenge/response password authentication succeeded I can also authenticate successfully with the helper from the command line: #ntlm_auth --username testuser --password testpass NT_STATUS_OK: Success (0x0) However, when I try to use ntlm authentication from a browser I get this in cache.log: [2003/10/28 10:43:41, 10] utils/ntlm_auth.c:manage_squid_request(1061) Got 'YR' from squid (length: 2). [2003/10/28 10:43:41, 10] utils/ntlm_auth.c:manage_squid_ntlmssp_request(312) got NTLMSSP packet: [2003/10/28 10:43:41, 10] utils/ntlm_auth.c:manage_squid_ntlmssp_request(322) NTLMSSP challenge The browser gets the Squid Cache Access Denied error page. This happens with both IE 6.0 SP1 and Mozilla 1.5. Squid configured with: Squid Cache: Version 2.5.STABLE4 configure options: --enable-async-io --enable-storeio=ufs,aufs --enable-auth=ntlm,basic --enable-removal-policies --enable-cache-digests --enable-kill-parent-hack --disable-ident-lookups authentication in squid.conf configured as: auth_param ntlm program /usr/local/samba/bin/ntlm_auth -d 10 --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes # auth_param basic program /usr/local/samba/bin/ntlm_auth -d 10 --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic realm Highmark Proxy Server auth_param basic credentialsttl 2 hours acl internet proxy_auth REQUIRED http_access allow internet http_access deny all samba configured with: --with-winbind --with-winbind-auth-challenge --with-libsmbclient --with-ads --with-krb5=/usr/local smb.conf configuration: [global] workgroup = TSTDOM netbios name = squidtest server string = squidtest security = domain encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd load printers = yes log file = /usr/local/samba/var/log.%m max log size = 50 password server = pwdserver socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no domain master = no preferred master = no wins support = no idmap uid = 1-65000 idmap gid = 1-65000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/sh winbind use default domain = yes
[squid-users] Running Squid in transparency mode
I am looking for information on how to configure Squid to run in transparency mode. The section in the Squid documentation about transparency is incomplete. If anyone can provide information on how to configure Squid to work this way, I would appreciate it. I would like to insert a Squid cache server between the internet and my internal network so all clients automatically go through the cache. Thanks, Michael Buck [EMAIL PROTECTED]
[squid-users] winbind_privileged folder is missing!
Hi there, I am using Samba 3.0.0 source code, Squid-2.5Stable3 source code and Redhat 9.0. I want to get a seamless login, so that NT users don't have to login to the squid again if they are valid internet users. I wrote about this about week ago. Now I tried to reinstall Linux, Squid and Samba with all the given advices. Now I have got the problem that the folder /var/cache/samba/winbind_privileged is missing so that winbind won't start. What did I wrong? How can I get this folder with the pipe file? Hope that someone can help me. Thanx in advance. Tommy
[squid-users] ICAP plans for SQUID?
Hi !! I have been reading about ICAP and Squid, but was not able to find anything about its actual implementation, not even in the Squid 3.0 pages ... Is there any plans about developing ICAP functionality within SQUID? Regards, Carlos Zottmann. _ Voce quer um iGMail protegido contra vírus e spams? Clique aqui: http://www.igmailseguro.ig.com.br Ofertas imperdíveis! Link: http://www.americanas.com.br/ig/
[squid-users] Problems with webmail
Hi, I´m having problems with my squid when I attempt to open my emails in a webmail. Does anybody had the same experience? Or can help with some hints? :-) Thanks! Regards, Walter
Re: [squid-users] differents acl using different ports
On Tue, 28 Oct 2003, franklin lecointre wrote: acl IGA port 3127 acl IGA_ass dstdomain /usr/local/squid/etc/sites_assurances http_access allow IGA_ass http_access deny IGA http_access deny all acl IGA_T port 3128 acl IGA_info dstdomain /usr/local/squid/etc/sites_informatiques http_access allow IGA_info http_access deny IGA_T http_access deny all I think you want acl IGA myport 3127 acl IGA_ass dstdomain /usr/local/squid/etc/sites_assurances http_access allow IGA IGA_ass http_access deny IGA [and similar block of rules for IGA_T] http_access deny all To match the proxy port where the request was accepted you need to use the myport acl. The port acl matches the port of the requested URL. http_access is a sequencial list of rules. The first rule where all acl elements are true will tell if the request is allowed or denied. http_access allow IGA IGA_ass thus only allows access if the request was received on port 3127 and the requested domain name is listed in sites_assurances. http_access allow IGA http_access allow IGA_ass on the other hand allows access if the request was received on port 3127 OR the requested domain name is listed in sites_assurances, with no connection between the two ACL elements. Regards Henrik
[squid-users] Re: Can't Kill Squid Process
Almost certainly bad hardware or a broken OS kernel version. Start by running suitable hardware tests such as memtest86. Regards Henrik On Tue, 28 Oct 2003, WA Support wrote: Hello, I have a Redhat Linux 7.1 system running kernel 2.4.18-26.7 under ext2 type file system. I am running Version 3.0-PRE3-20030924 with '--enable-async-io' '--enable-basic-auth-helpers=NCSA' switches set at compile. I also have squidGuard-1.2.0 setup as a redirector. It runs fine for about a week normally, but then starts corrupting memory and gets to a point where I can't even kill the squid process. That is, '/etc/rc.d/init.d/squid stop' and 'kill -s 9' on the squid pid do not kill the process. I have to reboot my system to kill squid, but when I reboot, I always have to run e2fsck to fix corrputed inodes and data blocks. Does anyone know what might be going on here? Thanks, Murrah Boswell
Re: [squid-users] Running Squid in transparency mode
The Squid Users Guide is incomplete. Particularly chapter 9 entitled Transparent Caching. See: http://squid-docs.sourceforge.net/latest/html/book1.html The most important sections , Filtering Traffic, Kernel Redirection, and Squid Settings are not done. See: Filtering Traffic http://squid-docs.sourceforge.net/latest/html/x2595.html Kernel Redirection http://squid-docs.sourceforge.net/latest/html/x2609.html Squid Settings http://squid-docs.sourceforge.net/latest/html/x2612.html Is the information that should be contained in these sections available? -MBUCK Henrik Nordstrom [EMAIL PROTECTED] 10/28/03 01:21PM yOn Tue, 28 Oct 2003, Michael Buck wrote: I am looking for information on how to configure Squid to run in transparency mode. The section in the Squid documentation about transparency is incomplete. What part is incomplete? Please be a little more specific what you are looking for but did not find in how to configure Squid for interception caching. Regards Henrik
Re: [squid-users] Running Squid in transparency mode
The Squid Users Guide is a unfinished work and obviously is incomplete. But you also have the Squid FAQ where a whole chapter is devoted to interception caching, and numerous other documents on the Internet (some linked from the FAQ). Regards Henrik On Tue, 28 Oct 2003, Michael Buck wrote: The Squid Users Guide is incomplete. Particularly chapter 9 entitled Transparent Caching. See: http://squid-docs.sourceforge.net/latest/html/book1.html The most important sections , Filtering Traffic, Kernel Redirection, and Squid Settings are not done. See: Filtering Traffic http://squid-docs.sourceforge.net/latest/html/x2595.html Kernel Redirection http://squid-docs.sourceforge.net/latest/html/x2609.html Squid Settings http://squid-docs.sourceforge.net/latest/html/x2612.html Is the information that should be contained in these sections available? -MBUCK Henrik Nordstrom [EMAIL PROTECTED] 10/28/03 01:21PM yOn Tue, 28 Oct 2003, Michael Buck wrote: I am looking for information on how to configure Squid to run in transparency mode. The section in the Squid documentation about transparency is incomplete. What part is incomplete? Please be a little more specific what you are looking for but did not find in how to configure Squid for interception caching. Regards Henrik
RE: [squid-users] Problems with webmail
If you're not using WCCP, stop reading now. WCCP is my only experience of the problem you describe. If you're using WCCP to divert packets to your cache, notice that they are sent from the router via GRE encapsulation. Certain webmail sites use very large cookies, such that HTTP requests exceed the size of a single packet. Adding 24 bytes GRE header on top of that should cause the packet to fragment, but it appears certain versions of IOS may not handle this properly. The practical upshot (in my case) is that only the last packet of the request is received by my squid server - which makes the whole request invalid to squid. You might consider logging a support call with Cisco since this is nothing to do with squid per se. The problem seems to lie in the way IOS handles fragmentation due to GRE encapsulation from WCCP. Cheers, Clive -Original Message- From: Walter Priesnitz Filho [mailto:[EMAIL PROTECTED] Sent: Wednesday, 29 October 2003 11:10 AM To: Henrik Nordstrom Cc: [EMAIL PROTECTED] Subject: Re: [squid-users] Problems with webmail Hi, My request receives an answer from the server, but just a header. The emails still loading and nothing. Sorry, but my english is not good. Could you understand my problem? :-) Regards, Walter At 18:26 28/10/2003, Henrik Nordstrom wrote: On Tue, 28 Oct 2003, Walter Priesnitz Filho wrote: Hi, I´m having problems with my squid when I attempt to open my emails in a webmail. Does anybody had the same experience? Or can help with some hints? :-) What happens? webmail is nothing special in the view of the proxy, just HTTP traffic as any other browsing. Regards Henrik
[squid-users] block ICQ
hi, all Recently, I found many users use ICQ through proxy server(Squid2.5.STABLE2). such as www.icq.com:80 I set one ACL to block it, like following: acl QQ dstdom_regex -i www.icq.com But it seem not to take effect. Any suggestion? ** Li Wei ^-^ HAVE A GOOD DAY ^-^ JFTT E-mail: [EMAIL PROTECTED] **
RE: [squid-users] block ICQ
Greetings! I don't think icw connects to www.icq.com but to aother subdomain such as sub.icq.com so probably the best way to block it is to block the domain itself icq.com. HTH Cheers, fritz www.mesedilla.com --- + Basta Ikaw Lord -Original Message- From: Li Wei [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 29, 2003 9:09 AM To: Squid Forum Subject: [squid-users] block ICQ hi, all Recently, I found many users use ICQ through proxy server(Squid2.5.STABLE2). such as www.icq.com:80 I set one ACL to block it, like following: acl QQ dstdom_regex -i www.icq.com But it seem not to take effect. Any suggestion? ** Li Wei ^-^ HAVE A GOOD DAY ^-^ JFTT E-mail: [EMAIL PROTECTED] ** -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender immediately by e-mail and delete this e-mail from your system. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Overture Media, Inc. Direct Line: (632) 635-4785 Trunkline: (632) 631-8971 Local 146 Fax: (632) 637-2206 Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave., Quezon City 1100
RE: [squid-users] Re: Can't Kill Squid Process
Please try this: kill -9 `cat /var/run/squid.pid` killall squidGuard Regards, Fadjar Tandabawana On Tue, 28 Oct 2003, WA Support wrote: Hello, I have a Redhat Linux 7.1 system running kernel 2.4.18-26.7 under ext2 type file system. I am running Version 3.0-PRE3-20030924 with '--enable-async-io' '--enable-basic-auth-helpers=NCSA' switches set at compile. I also have squidGuard-1.2.0 setup as a redirector. It runs fine for about a week normally, but then starts corrupting memory and gets to a point where I can't even kill the squid process. That is, '/etc/rc.d/init.d/squid stop' and 'kill -s 9' on the squid pid do not kill the process. I have to reboot my system to kill squid, but when I reboot, I always have to run e2fsck to fix corrputed inodes and data blocks. Does anyone know what might be going on here? Thanks, Murrah Boswell