Re: [squid-users] SO_FAIL
Quoting Henrik Nordstrom [EMAIL PROTECTED]: On Wed, 7 Jul 2004, Sunil Mohan Ranta wrote: i am getting SO_FAIL messages in store.log and no cache is being created on my system the size of of cache_dir is constant at 17MB Any error messages in cache.log? REgards Henrik Strangely enough I have been having the same problem (no corresponding error in cache.log BTW), so I backed up my squid.conf, deleted all the entries in my cache dir and used the default squid.conf, modifying only the following: http_port 80 http_port 3128 http_port 8080 cache_dir ufs /share/cache 100 16 256 http_access allow all cache_effective_user squid cache_effective_group squid And the problem dissapeared! I haven't gone so far as to track down what part of my old config was causing the problem, but at least now I know it was something in the config (and not a problem with how squid was compiled or a directory permissions problem). I'll post an update when I have traced the cause. Regards, Rob Hadfield
[squid-users] How I fixed it... Re: [squid-users] SO_FAIL
Quoting [EMAIL PROTECTED]: Quoting Henrik Nordstrom [EMAIL PROTECTED]: On Wed, 7 Jul 2004, Sunil Mohan Ranta wrote: i am getting SO_FAIL messages in store.log and no cache is being created on my system the size of of cache_dir is constant at 17MB Any error messages in cache.log? REgards Henrik Strangely enough I have been having the same problem (no corresponding error in cache.log BTW), so I backed up my squid.conf, deleted all the entries in my cache dir and used the default squid.conf, modifying only the following: http_port 80 http_port 3128 http_port 8080 cache_dir ufs /share/cache 100 16 256 http_access allow all cache_effective_user squid cache_effective_group squid And the problem dissapeared! I haven't gone so far as to track down what part of my old config was causing the problem, but at least now I know it was something in the config (and not a problem with how squid was compiled or a directory permissions problem). I'll post an update when I have traced the cause. Regards, Rob Hadfield Ok, I replicated the problem by: * Changing: cache_replacement_policy heap LFUDA * Stopped Squid * Deleted the contents of my cache_dir * Started Squid (cache dir rebuilt itself) * store.log started logging the following for everything: ... SO_FAIL -1 ... * Stopped Squid * Deleted the contents of my cache_dir * Changed: cache_replacement_policy lru * Started Squid (cache dir rebuilt itself) * store.log started logging the following swapouts: ... SWAPOUT 00 ... ... SWAPOUT 00 0001 ... etc ... Now this may be due to my misunderstanding of how cache_replacement_policy heap LFUDA is supposed to work, but the comments in the config say this about it: # The heap LFUDA policy keeps popular objects in cache regardless of # their size and thus optimizes byte hit rate at the expense of # hit rate since one large, popular object will prevent many # smaller, slightly less popular objects from being cached. So is it my misunderstanding, or is it a bug? Regards, Rob Hadfield
[squid-users] Re: DNS
EM Internal DNS' refers to whether SQUID uses an external process EM for performing DNS lookups or not. MK Adding to it, internel DNS means, squid uses its own MK lookup functionality for Domain names, [...] Not quite. URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/web-squid-dns-client-options.html
[squid-users] blocking file extension
Hello I want to block some file download from squid server. reading the earlier thread i have created one file with extension like. block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block but some time i try to sign in or sign off, it gives me access deny error, Can any one tell me is there any thing worng in the above parameter Devendra
[squid-users] crahs of squid stable 2.5 stable 5
hello all, I just upgrade my squid box (atually the test) from 2.5stabl1 to 2.5 stable 5, and then the squid is crashing almost on every request. I'm running it on a solaris 2.8 box and here is what I have on the cache log: 2004/08/18 12:57:09| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend OPEN: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend OPEN: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend OPEN: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend OPEN: (11) Resource temporarily unavailable . . . . 2004/08/18 12:57:18| storeDiskdSend UNLINK: (11) Resource temporarily unavailable 2004/08/18 12:57:18| ctx: exit level 0 2004/08/18 12:57:18| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable 2004/08/18 12:57:18| storeDiskdSend OPEN: (11) Resource temporarily unavailable 2004/08/18 12:57:18| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable . . . 2004/08/18 12:57:18| assertion failed: diskd/store_io_diskd.c:494: ++send_errors 100 [2004/08/18 12:57:18, 1] utils/ntlm_auth.c:manage_squid_request(1095) fgets() failed! dying. errno=0 (Error 0) [2004/08/18 12:57:18, 1] utils/ntlm_auth.c:manage_squid_request(1095) fgets() failed! dying. errno=0 (Error 0) [2004/08/18 12:57:18, 1] utils/ntlm_auth.c:manage_squid_request(1095) fgets() failed! dying. errno=0 (Error 0) . . . [2004/08/18 12:57:18, 1] utils/ntlm_auth.c:manage_squid_request(1095) fgets() failed! dying. errno=0 (Error 0) 2004/08/18 12:57:21| Starting Squid Cache version 2.5.STABLE5 for sparc-sun-solaris2.8... 2004/08/18 12:57:21| Process ID 27501 2004/08/18 12:57:21| With 1024 file descriptors available 2004/08/18 12:57:21| Performing DNS Tests... 2004/08/18 12:57:21| Successful DNS name lookup tests... 2004/08/18 12:57:21| DNS Socket created at 0.0.0.0, port 55804, FD 5 2004/08/18 12:57:21| Adding nameserver 10.137.142.150 from /etc/resolv.conf 2004/08/18 12:57:21| Adding nameserver 10.137.142.139 from /etc/resolv.conf 2004/08/18 12:57:21| Adding nameserver 10.137.141.11 from /etc/resolv.conf 2004/08/18 12:57:21| helperStatefulOpenServers: Starting 5 'ntlm_auth' processes 2004/08/18 12:57:22| helperOpenServers: Starting 5 'ntlm_auth' processes 2004/08/18 12:57:23| helperOpenServers: Starting 5 'wbinfo_group.pl' processes 2004/08/18 12:57:25| Unlinkd pipe opened on FD 25 2004/08/18 12:57:25| Swap maxSize 2048000 KB, estimated 157538 objects 2004/08/18 12:57:25| Target number of buckets: 7876 2004/08/18 12:57:25| Using 8192 Store buckets 2004/08/18 12:57:25| Max Mem size: 8192 KB 2004/08/18 12:57:25| Max Swap size: 2048000 KB 2004/08/18 12:57:25| Store logging disabled 2004/08/18 12:57:25| Rebuilding storage in /cache (DIRTY) 2004/08/18 12:57:25| Using Least Load store dir selection 2004/08/18 12:57:25| Set Current Directory to /usr/local/squid/var 2004/08/18 12:57:25| Loaded Icons. 2004/08/18 12:57:25| Accepting HTTP connections at 0.0.0.0, port 8080, FD 26. 2004/08/18 12:57:25| Accepting ICP messages at 0.0.0.0, port 3130, FD 28. 2004/08/18 12:57:25| Accepting SNMP messages on port 3401, FD 29. 2004/08/18 12:57:25| WCCP Disabled. 2004/08/18 12:57:25| Ready to serve requests. 2004/08/18 12:57:26| Configuring Parent uxprox01.prod.par.ca-indosuez.com/2001/7 2004/08/18 12:57:26| Configuring Parent penelope.prod.par.ca-indosuez.com/8080/7 2004/08/18 12:57:26| Store rebuilding is 9.1% complete 2004/08/18 12:57:32| Done reading /cache swaplog (44973 entries) 2004/08/18 12:57:32| Finished rebuilding storage from disk. 2004/08/18 12:57:32| 44957 Entries scanned 2004/08/18 12:57:32| 0 Invalid entries. 2004/08/18 12:57:32| 0 With invalid flags. 2004/08/18 12:57:32| 44956 Objects loaded. 2004/08/18 12:57:32| 0 Objects expired. 2004/08/18 12:57:32| 1 Objects cancelled. 2004/08/18 12:57:32| 0 Duplicate URLs purged. 2004/08/18 12:57:32| 0 Swapfile clashes avoided. 2004/08/18 12:57:32| Took 7.1 seconds (6371.8 objects/sec). 2004/08/18 12:57:32| Beginning Validation Procedure 2004/08/18 12:57:32| Completed Validation Procedure 2004/08/18 12:57:32| Validated 44956 Entries 2004/08/18 12:57:32| store_swap_size = 395604k 2004/08/18 12:57:33| storeLateRelease: released 0 objects a . (point) indicated the same group of messages repeting a lot of time. Any clue ? (since it was working niceley with 2.5S1) thanks, Arno ** DISCLAIMER - E-MAIL --- The information contained in this E-Mail is intended for the named recipient(s). It may contain certain privileged and confidential information, or information which is
RE: [squid-users] crahs of squid stable 2.5 stable 5
hello all, I just upgrade my squid box (atually the test) from 2.5stabl1 to 2.5 stable 5, and then the squid is crashing almost on every request. I'm running it on a solaris 2.8 box and here is what I have on the cache log: 2004/08/18 12:57:09| storeDiskdSend: msgsnd: (11) Resource temporarily unavailable 2004/08/18 12:57:09| storeDiskdSend OPEN: (11) Resource temporarily unavailable - Check the SQUID FAQ on 'diskd' ; you may need (extra) tuning concerning kernel parameters related to shared memory usage. M.
RE: [squid-users] crahs of squid stable 2.5 stable 5
Harg I'm stupid, of curse. I was sure I did it on the test server too. Okay okay, it's only setup on the production squid. Thanks Marc, sorry for this stupid question !! Regards, Arno Crédit Agricole Indosuez (Suisse) SA Chemin de Bérée 46-48, ch-1010 Lausanne 10 Tél. +41 21 651.5215 - Fax +41 21 651.5251 http://www.ca-indosuez.ch ** DISCLAIMER - E-MAIL --- The information contained in this E-Mail is intended for the named recipient(s). It may contain certain privileged and confidential information, or information which is otherwise protected from disclosure. If you are not the intended recipient, you must not copy,distribute or take any action in reliance on this information **
Re: [squid-users] blocking file extension
block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004
Re: [squid-users] CPU AGAIN
Hello, I have never used squidguard but I heard some thing about db files ? it sounded like if you use squidguard you can use regular files or db files and using regular files causes performance issues with Squidguard. I could be way off it is 5:45am here :( Michael. On Tue, 17 Aug 2004 18:17:50 -0600 [EMAIL PROTECTED] wrote: Sorry about this mail I forgot to tell you that I have squidguard too and when squidguard is working my cpu goes up And although I kill squid,squidguard`s processes are still running. Sorry thanks Hi everybody I change my squid -2.5 STABLE6 to slackware 10 I installed it but I used the same squid.conf my cpu is very slow . I used the same machine I just change the operanting system. Does anyone have any idea? Thanks -- Michael Gale Network Administrator Utilitran Corporation
[squid-users] Re: WELCOME to squid-users@squid-cache.org
Hello out there thanks for such a good proxe server but i need one thing to be done can i limit the bandwith for large files for different ip's but leave a full bandwith for the same ip's for small files such as html thenks a lot
Re: [squid-users] blocking file extension
Hello, Like when i sign off from yahoo or hotmail It gives me access deny error. Devendra At 02:41 PM 18/08/2004, Muthukumar wrote: block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004
Re: [squid-users] CPU AGAIN
How many squidGuard process are you running. --- Michael Gale [EMAIL PROTECTED] wrote: Hello, I have never used squidguard but I heard some thing about db files ? it sounded like if you use squidguard you can use regular files or db files and using regular files causes performance issues with Squidguard. I could be way off it is 5:45am here :( Michael. On Tue, 17 Aug 2004 18:17:50 -0600 [EMAIL PROTECTED] wrote: Sorry about this mail I forgot to tell you that I have squidguard too and when squidguard is working my cpu goes up And although I kill squid,squidguard`s processes are still running. Sorry thanks Hi everybody I change my squid -2.5 STABLE6 to slackware 10 I installed it but I used the same squid.conf my cpu is very slow . I used the same machine I just change the operanting system. Does anyone have any idea? Thanks -- Michael Gale Network Administrator Utilitran Corporation = Regards, Mohsin Khan CCNA ( Cisco Certified Network Associate 2.0 ) http://pk.aaghaz.net Happy is the one who can smile __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail
[squid-users] RE : [squid-users] blocking file extension
Hi, Something seems to be wrong in your RE For example: \.mp3\?.*$ will match url/file.mp3?sometext but not url/file.mp3 is \.dll\?.*$ in the block.txt file?? Kevin -Message d'origine- De : devendra [mailto:[EMAIL PROTECTED] Envoyé : mercredi 18 août 2004 14:19 À : Muthukumar; [EMAIL PROTECTED] Objet : Re: [squid-users] blocking file extension Hello, Like when i sign off from yahoo or hotmail It gives me access deny error. Devendra At 02:41 PM 18/08/2004, Muthukumar wrote: block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004
[squid-users] Corrupted image-Files when uploading Files
SQUID 3.0 daily created release from May Our user told me uploading files works, but sometimes (often) the files get corrupted. They are editors and upload files to our internet provider, who hosts our web content. This problem occurs using 2 different apps for uploading to 2 different locations. Is this bug or a feature :=) ? How can I help ? Mit freundlichen Grüßen Roman Krakovic Zeitungsgruppe Thüringen Systemtechnik / Informatik / Netzwerke Gottstedter Landstraße 6 99092 Erfurt Germany +49-(0)361 - 227 - 5506 +49-(0)172 - 36 17 927 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
Re: [squid-users] RE : [squid-users] blocking file extension
Hi, No i havent block dll file in the block.txt some times RE work and some time it dont work, are the RE are correct or not Devendra At 04:01 PM 18/08/2004, Kevin D wrote: Content-Transfer-Encoding: 8bit Hi, Something seems to be wrong in your RE For example: \.mp3\?.*$ will match url/file.mp3?sometext but not url/file.mp3 is \.dll\?.*$ in the block.txt file?? Kevin -Message d'origine- De : devendra [mailto:[EMAIL PROTECTED] Envoyé : mercredi 18 août 2004 14:19 À : Muthukumar; [EMAIL PROTECTED] Objet : Re: [squid-users] blocking file extension Hello, Like when i sign off from yahoo or hotmail It gives me access deny error. Devendra At 02:41 PM 18/08/2004, Muthukumar wrote: block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004
RE: [squid-users] Corrupted image-Files when uploading Files
SQUID 3.0 daily created release from May SQUID 3.0 does not exist... Our user told me uploading files works, but sometimes (often) the files get corrupted. They are editors and upload files to our internet provider, who hosts our web content. This problem occurs using 2 different apps for uploading to 2 different locations. Is this bug or a feature :=) ? Advising to use the latest STABLE release , intended for production use : http://www.squid-cache.org/Versions/v2/2.5/ M.
[squid-users] RE : [squid-users] RE : [squid-users] blocking file extension
I they that they are not... The ? is protected the it MUST be in the end of the url So \.mp3(\?.*)?$ should work (url end with .mp3(0 or 1 ? (if one allow anything after))) * php sample for test ^^ ? $site=pom.net/file.mp3; echo preg_match(/\.mp3(\?.*)?$/i,$site); $site=pom.net/file.mp3?; echo preg_match(/\.mp3(\?.*)?$/i,$site); $site=pom.net/file.mp3?azerty; echo preg_match(/\.mp3(\?.*)?$/i,$site); $site=pom.net/file.mp3azerty; echo preg_match(/\.mp3(\?.*)?$/i,$site); ? Kevin -Message d'origine- De : devendra [mailto:[EMAIL PROTECTED] Envoyé : mercredi 18 août 2004 15:51 À : Kevin D; [EMAIL PROTECTED] Objet : Re: [squid-users] RE : [squid-users] blocking file extension Hi, No i havent block dll file in the block.txt some times RE work and some time it dont work, are the RE are correct or not Devendra At 04:01 PM 18/08/2004, Kevin D wrote: Content-Transfer-Encoding: 8bit Hi, Something seems to be wrong in your RE For example: \.mp3\?.*$ will match url/file.mp3?sometext but not url/file.mp3 is \.dll\?.*$ in the block.txt file?? Kevin -Message d'origine- De : devendra [mailto:[EMAIL PROTECTED] Envoyé : mercredi 18 août 2004 14:19 À : Muthukumar; [EMAIL PROTECTED] Objet : Re: [squid-users] blocking file extension Hello, Like when i sign off from yahoo or hotmail It gives me access deny error. Devendra At 02:41 PM 18/08/2004, Muthukumar wrote: block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004
Re: [squid-users] RE : [squid-users] blocking file extension
Hello, for example i am trying to access this url http://samba.org/~jerry/RPMS/samba/ i am getting access denied. As i told that i have applied restriction on some file downloading, like block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid.conf configuration is like acl block urlpath_regex -i /etc/squid/block.txt http_access deny block Devendra At 04:50 PM 18/08/2004, devendra wrote: Content-Transfer-Encoding: 8bit Hi, No i havent block dll file in the block.txt some times RE work and some time it dont work, are the RE are correct or not Devendra At 04:01 PM 18/08/2004, Kevin D wrote: Content-Transfer-Encoding: 8bit Hi, Something seems to be wrong in your RE For example: \.mp3\?.*$ will match url/file.mp3?sometext but not url/file.mp3 is \.dll\?.*$ in the block.txt file?? Kevin -Message d'origine- De : devendra [mailto:[EMAIL PROTECTED] Envoyé : mercredi 18 août 2004 14:19 À : Muthukumar; [EMAIL PROTECTED] Objet : Re: [squid-users] blocking file extension Hello, Like when i sign off from yahoo or hotmail It gives me access deny error. Devendra At 02:41 PM 18/08/2004, Muthukumar wrote: block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004
Re: [squid-users] RE : [squid-users] blocking file extension
On Wed, 18 Aug 2004, devendra wrote: Hi, No i havent block dll file in the block.txt some times RE work and some time it dont work, are the RE are correct or not You need to go back to the basics. (1) What does Squid record in the access.log when you get a failure to log on or off? (2) Was the failure caused by evaluation of the regular expression or was the error status returned by HotMail or Yahoo!? (3) What is in the logon or logoff JavaScript that would trigger Squid to return an error status? (4) Does the error only occur when you are redirected to a specific HotMail or Yahoo! server? You may need to turn on the capability in Squid to record the parameters passed in the request. The trigger event may be in a session control value that is being passed in a parameter. It would not be unusual for an encrypted value to contain one of the strings in your block text. Merton Campbell Crockett Devendra At 04:01 PM 18/08/2004, Kevin D wrote: Content-Transfer-Encoding: 8bit Hi, Something seems to be wrong in your RE For example: \.mp3\?.*$ will match url/file.mp3?sometext but not url/file.mp3 is \.dll\?.*$ in the block.txt file?? Kevin -Message d'origine- De : devendra [mailto:[EMAIL PROTECTED] Envoy : mercredi 18 aot 2004 14:19 : Muthukumar; [EMAIL PROTECTED] Objet : Re: [squid-users] blocking file extension Hello, Like when i sign off from yahoo or hotmail It gives me access deny error. Devendra At 02:41 PM 18/08/2004, Muthukumar wrote: block.txt -- \.cab\?.*$ \.rm\?.*$ \.mp\?.*$ \.mpg\?.*$ \.mpeg\?.*$ \.mp3\?.*$ \.wmv\?.*$ \.wma\?.*$ \.mov\?.*$ \.avi\?.*$ -- squid conf acl block urlpath_regex -i /etc/squid/block.txt http_access deny block It will block the list of files with the extensions in block.txt to ALL. but some time i try to sign in or sign off, it gives me access deny error, what you are specifying as sign in and sign off ?? Regards Muthu --- === It is a Virus Free Mail === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.740 / Virus Database: 494 - Release Date: 8/16/2004 -- BEGIN: vcard VERSION:3.0 FN: Merton Campbell Crockett ORG:General Dynamics Advanced Information Systems; Intelligence and Exploitation Systems N: Crockett;Merton;Campbell EMAIL;TYPE=internet:[EMAIL PROTECTED] TEL;TYPE=work,voice,msg,pref: +1(805)497-5045 TEL;TYPE=work,fax: +1(805)497-5050 TEL;TYPE=cell,voice,msg:+1(805)377-6762 END:vcard
Re: [squid-users] Re: DNS
On Tue, 17 Aug 2004, Jonathan de Boyne Pollard wrote: Not quite. URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/web-squid-dns-client-options.html Looks good, except that DNS replies larger than 512 bytes does not need to fail. If there is useable information in the first 512 bytes Squid uses this which is usually sufficient. Regards Henrik
Re: [squid-users] How I fixed it... Re: [squid-users] SO_FAIL
Now this may be due to my misunderstanding of how cache_replacement_policy heap LFUDA is supposed to work, but the comments in the config say this about it: # The heap LFUDA policy keeps popular objects in cache regardless of # their size and thus optimizes byte hit rate at the expense of # hit rate since one large, popular object will prevent many # smaller, slightly less popular objects from being cached. So is it my misunderstanding, or is it a bug? LFUDA is supposed to work yes, but your Squid needs to be build with support for the heap policies (compile time option). Any output from squid -k parse? Regards Henrik
Re: [squid-users] Re: WELCOME to squid-users@squid-cache.org
On Wed, 18 Aug 2004 [EMAIL PROTECTED] wrote: can i limit the bandwith for large files for different ip's but leave a full bandwith for the same ip's for small files such as html This is the main purpose of the bucket size in delay pools, to give users credit for idle time to allow full speed access to small objects only limiting bandwidth if the user is continously sucking up the bandwidth. Regards Henrik
[squid-users] referer_regex and empty referer
I have a squid 2.5 cluster which is serving static images. I would like to prevent servers from outside my domain from including these images in their IMG tags. That part was fairly easy: acl images url_regex -i (gif|jpg)$ acl example_referer referer_regex -i ^http://[^/]+\.example\.com http_access deny images !example_referer However, I would like people to be able to load the images directly - that is, I'd like the servers to allow requests that don't have a Referer: header. I tried this acl: acl no_referer referer_regex ^$ but it doesn't seem to match requests without a Referer. Does anyone know a way to do this? -- Kevin Murphy [EMAIL PROTECTED] If you had a neck and I had hands, I would squeeze your brain, which is your body, right out the top of your head, which does not exist! - Carl
Re: [squid-users] referer_regex and empty referer
On Wed, 18 Aug 2004, Kevin Murphy wrote: However, I would like people to be able to load the images directly - that is, I'd like the servers to allow requests that don't have a Referer: header. I tried this acl: acl no_referer referer_regex ^$ but it doesn't seem to match requests without a Referer. Correct. Does anyone know a way to do this? The following should wotk acl has_referer referer_regex . then use !has_referer in http_access. Regards Henrik
[squid-users] forward http traffic for one site
How can I forward http/squid traffic for one site or domain? I have looked on the FAQ on squid-cache.org, googled and looked in Squid the Definitive Guide. Jim
Re: [squid-users] can not access sites due to acl when using ntlm auth
I read chapter 10 and also looked in Squid the Definitive Guide and I can not find any thing in those references that would make me want to change my acls.Would it make sends that I need this many acls depending upon my needs correct? Jim Brouse Internet Administrator Information Technology Department Pascua Yaqui Tribe of Arizona Phone: 520-879-5813 E-mail: [EMAIL PROTECTED] Henrik NordstromTo: Jim_Brouse/[EMAIL PROTECTED] [EMAIL PROTECTED] cc: he.org Subject: Re: [squid-users] can not access sites due to acl when using ntlm auth 08/18/2004 11:23 AM On Wed, 18 Aug 2004 Jim_Brouse/[EMAIL PROTECTED] wrote: egrep -v '^$|^#' /etc/squid/squid.conf |grep http_access http_access allow manager localhost http_access deny manager http_access allow KIOSK.dstdomain http_access allow KIOSK http_access deny KIOSK http_access allow MYAIRMAIL http_access allow PAGING http_access deny PAGING http_access deny BLOCK.NOT.YAHOO http_access allow YAHOOMESSENGER http_access deny YAHOOMESSENGER http_access deny BLOCK.NOT.AOL http_access allow AOL http_access deny AOL http_access deny lab.src lab.dstdomain http_access allow lab.src http_access deny lab.src http_access allow LOG-ONLY-HOSTS http_access deny NO.NONBLOCK NONBLOCK http_access allow NONBLOCK http_access allow NONPORN http_access deny BLOCK http_access deny MIMEBLOCK http_access deny RESTRICTED-BROWSER http_access deny RESTRICTED-DOM http_access allow manager ADMIN-HOSTS http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost http_access deny all I think you need to clean this up somewhat to get it under control. Spend some time reading the introduction in Squid FAQ chapter 10 Access Controls. And please keep discusion on the mailinglist thanks. Regards Henrik
Re: [squid-users] (Squid+WCCP+Cisco 6509) Transparent Proxying problem (solved!)-
Hi Henrik: Thanks for your response. That was the first thing I tried, actually, and when I couldn't get it to work I enabled both ip_wccp AND ip_gre, as per this how-to (which I realize is a bit dated): http://www.sublime.com.au/squid-wccp/ But based on your suggestion, I tried again with a new kernel (one without GRE compiled in) and only the ip_wccp module loaded. It worked like a champ! As an FYI, I've included a tcpdump of what the packet output looks like now, in the hope that Google will chronicle it and save someone else from asking the same question ;-) Thanks for your help, Henrik. ---Maxx On Tue, 2004-08-17 at 18:04, Henrik Nordstrom wrote: On Wed, 17 Aug 2004, Maxx Christopher Lobo wrote: compiling the ip_wccp module, setting up the gre tunnel and so forth posed no problems. What GRE tunnel? if you use the ip_wccp module the normal GRE support MUST NOT be enabled in the kernel, and the Cisco side of things should be automatic. * tcpdump on squid-box 14:11:13.887253 IP wccp-router squid-box: gre-proto-0x883e 14:11:13.887253 00:00:ff:2f:4e:03 45:00:00:48:15:50, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 7edd .E..0~. 0x0010: 4000 1f06 a61e ac10 0011 42da 47d1 d683 @.B.G... 0x0020: 0050 f34f 8331 7002 60f4 9e09 .P.O.1p.`... 0x0030: 0101 0402 0204 05b4 .. 14:11:13.887338 IP wccp-router squid-box: gre-proto-0x883e 14:11:13.887338 00:00:ff:2f:4e:02 45:00:00:48:15:51, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 7edd .E..0~. 0x0010: 4000 1d06 a81e ac10 0011 42da 47d1 d683 @.B.G... 0x0020: 0050 f34f 8331 7002 60f4 9e09 .P.O.1p.`... 0x0030: 0101 0402 0204 05b4 .. 14:11:13.887422 IP wccp-router squid-box: gre-proto-0x883e 14:11:13.887422 00:00:ff:2f:4e:01 45:00:00:48:15:52, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 7edd .E..0~. 0x0010: 4000 1b06 aa1e ac10 0011 42da 47d1 d683 @.B.G... 0x0020: 0050 f34f 8331 7002 60f4 9e09 .P.O.1p.`... 0x0030: 0101 0402 0204 05b4 .. 14:11:13.887504 IP wccp-router squid-box: gre-proto-0x883e 14:11:13.887504 00:00:ff:2f:4e:00 45:00:00:48:15:53, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 7edd .E..0~. 0x0010: 4000 1906 ac1e ac10 0011 42da 47d1 d683 @.B.G... 0x0020: 0050 f34f 8331 7002 60f4 9e09 .P.O.1p.`... 0x0030: 0101 0402 0204 05b4 .. 14:35:11.105950 IP wccp-router squid-box: gre-proto-0x883e 14:35:11.105950 00:00:ff:2f:59:bf 45:00:00:48:09:94, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 b104 .E..0.. 0x0010: 4000 1706 2456 ac10 0011 40e9 a163 ed41 @[EMAIL PROTECTED] 0x0020: 0050 37fc a251 7002 60f4 cbdd .P7..Qp.`... 0x0030: 0101 0402 0204 05b4 .. 14:35:11.106033 IP wccp-router squid-box: gre-proto-0x883e 14:35:11.106033 00:00:ff:2f:59:be 45:00:00:48:09:95, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 b104 .E..0.. 0x0010: 4000 1506 2656 ac10 0011 40e9 a163 ed41 @...[EMAIL PROTECTED] 0x0020: 0050 37fc a251 7002 60f4 cbdd .P7..Qp.`... 0x0030: 0101 0402 0204 05b4 .. 14:35:11.106187 IP wccp-router squid-box: gre-proto-0x883e 14:35:11.106187 00:00:ff:2f:59:bd 45:00:00:48:09:96, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 b104 .E..0.. 0x0010: 4000 1306 2856 ac10 0011 40e9 a163 ed41 @...([EMAIL PROTECTED] 0x0020: 0050 37fc a251 7002 60f4 cbdd .P7..Qp.`... 0x0030: 0101 0402 0204 05b4 .. 14:35:11.106272 IP wccp-router squid-box: gre-proto-0x883e 14:35:11.106272 00:00:ff:2f:59:bc 45:00:00:48:09:97, ethertype Unknown (0xac10), length 72: 0x: 0001 ac10 0012 883e 4500 0030 b104 .E..0.. 0x0010: 4000 1106 2a56 ac10 0011 40e9 a163 ed41 @[EMAIL PROTECTED] 0x0020: 0050 37fc a251 7002 60f4 cbdd .P7..Qp.`... 0x0030: 0101 0402 0204 05b4 ..
Re: [squid-users] How I fixed it... Re: [squid-users] SO_FAIL
Quoting Henrik Nordstrom [EMAIL PROTECTED]: Now this may be due to my misunderstanding of how cache_replacement_policy heap LFUDA is supposed to work, but the comments in the config say this about it: # The heap LFUDA policy keeps popular objects in cache regardless of # their size and thus optimizes byte hit rate at the expense of # hit rate since one large, popular object will prevent many # smaller, slightly less popular objects from being cached. So is it my misunderstanding, or is it a bug? LFUDA is supposed to work yes, but your Squid needs to be build with support for the heap policies (compile time option). Any output from squid -k parse? Regards Henrik Ahh ok, my mistake - I did not configure-compile with --enable-heap-replacement or --enable-removal-policies=list of policies No output from squid -k parse. Regards, Rob Hadfield
[squid-users] log analysers
Hi, I rotate my squid logs daily. Do we have any log analysers which will tell which site is accessed by whom? I want something like a list of users along with the sites accessed by them daily. AFAIK, calamaris does not do such a thing. With warm regards, -Payal
Re: [squid-users] log analysers
On Thu, 19 Aug 2004, Payal Rathod wrote: Hi, I rotate my squid logs daily. Do we have any log analysers which will tell which site is accessed by whom? I want something like a list of users along with the sites accessed by them daily. AFAIK, calamaris does not do such a thing. I think that Squeezer2 has an option to provide a report about the web sites accessed by user. The output is a HTML document. The principal drawback is the width of the tables that it generates are too wide for most browsers. Merton Campbell Crockett -- BEGIN: vcard VERSION:3.0 FN: Merton Campbell Crockett ORG:General Dynamics Advanced Information Systems; Intelligence and Exploitation Systems N: Crockett;Merton;Campbell EMAIL;TYPE=internet:[EMAIL PROTECTED] TEL;TYPE=work,voice,msg,pref: +1(805)497-5045 TEL;TYPE=work,fax: +1(805)497-5050 TEL;TYPE=cell,voice,msg:+1(805)377-6762 END:vcard
RE: [squid-users] log analysers
Try SARG.. http://sarg.sourceforge.net/sarg.php It should do exactly what you want. Jay -Original Message- From: Payal Rathod [mailto:[EMAIL PROTECTED] Sent: Thursday, 19 August 2004 12:36 PM To: Squid ML Subject: [squid-users] log analysers Hi, I rotate my squid logs daily. Do we have any log analysers which will tell which site is accessed by whom? I want something like a list of users along with the sites accessed by them daily. AFAIK, calamaris does not do such a thing. With warm regards, -Payal