Re: [squid-users] Re: Problem with unparseable HTTP header field
* Henrik Nordstrom [EMAIL PROTECTED]: I just hope this won't open up for any of the malicious shit the change in 2.5.STABLE8 was designed to prevent in the first place.. It is a very thin balance between what can be considered harmless crap and what may be odd result due to malicious intent. So, will (if all is well) the patch go into new versions? -- Ralf Hildebrandt (i.A. des IT-Zentrum) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
[squid-users] Proxy Antivirus
anyone outhere could advice me what antivirus would you recomend to me to used in my squid server Thanks Patrick
Re: [squid-users] Proxy Antivirus
TrendMicro InterScan Virus wall is a good option But a paid option :) --- Patrick Gomez [EMAIL PROTECTED] wrote: anyone outhere could advice me what antivirus would you recomend to me to used in my squid server Thanks Patrick __ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail
Re: [squid-users] Proxy Antivirus
Babs wrote: Babs, I'm looking for freeware antivirus. well, thanks a lot for advise Patrick TrendMicro InterScan Virus wall is a good option But a paid option :) --- Patrick Gomez [EMAIL PROTECTED] wrote: anyone outhere could advice me what antivirus would you recomend to me to used in my squid server Thanks Patrick __ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail
Re: [squid-users] squid-2.5.STABLE8 compilation error
On Sat, 19 Feb 2005 15:20:37 +0100, Elsen Marc [EMAIL PROTECTED] wrote: Hello everyone, I have a RedHat AS 3.0 box which I want to install squid on. So I downloaded squid-2.5.STABLE8 and unpacked it. I used these options as my configure options: ./configure --enable-xmalloc-statistics --enable-delay-pools --enable-useragent-log --enable-referer-log --enable-snmp --enable-arp-acl --enable-ssl --enable-linux-netfilter --enable-x-accelerator-vary ... - Does it work (as a test) when --enable-ssl is not used ? works like a charm withouth --enable-ssl - Do you have openssl installed on your system. Yes, openssl-0.9.7a-22.1 is installed -- = Sincerely, Yousef Raffah Join FSF as an Associate Member at: URL:http://member.fsf.org/join?referrer=3036 a href=http://www.spreadfirefox.com/?q=affiliatesamp;id=468amp;t=1;Get Firefox!/a
Re: [squid-users] squid-2.5.STABLE8 compilation error
Hi, At 01:39 a.m. 21/02/2005, you wrote: On Sat, 19 Feb 2005 15:20:37 +0100, Elsen Marc [EMAIL PROTECTED] wrote: Hello everyone, I have a RedHat AS 3.0 box which I want to install squid on. So I downloaded squid-2.5.STABLE8 and unpacked it. I used these options as my configure options: ./configure --enable-xmalloc-statistics --enable-delay-pools --enable-useragent-log --enable-referer-log --enable-snmp --enable-arp-acl --enable-ssl --enable-linux-netfilter --enable-x-accelerator-vary ... - Does it work (as a test) when --enable-ssl is not used ? works like a charm withouth --enable-ssl - Do you have openssl installed on your system. Yes, openssl-0.9.7a-22.1 is installed What about openssl-devel ? reuben
[squid-users] two simple questions
Hi, Just 2 quickies... 1) Does squid cache objects locally fetched from a SIBLING parent?, and 2) Whilst I know squid is not a RTSP / MMS / add your fav streaming protocol here, what is the standing on HTTP streaming? Things like NetAPP proxies have a feature where a stream is fetched only once, and then distributed from the cache to the clients accessing the specific stream. Can something similar be possible on squid (obviously, limited to HTTP streaming only). I'm mostly interested in somehow getting shoutcast streams to be fetched only once and distributed from the cache to clients. Thus, I actually only have one connection from the proxy to the stream, and can have say 40 from the proxy to the clients I hope this makes sense... -- Chris.
Re: [squid-users] squid-2.5.STABLE8 compilation error
On Sat, 19 Feb 2005 16:47:36 +0100 (CET), Henrik Nordstrom [EMAIL PROTECTED] wrote: On Sat, 19 Feb 2005, Yousef Raffah wrote: I have a RedHat AS 3.0 box which I want to install squid on. So I downloaded squid-2.5.STABLE8 and unpacked it. I used these options as my configure options: ./configure --enable-xmalloc-statistics --enable-delay-pools --enable-useragent-log --enable-referer-log --enable-snmp --enable-arp-acl --enable-ssl --enable-linux-netfilter --enable-x-accelerator-vary Are you positively sure you want all those --enable options? Several of them are not suited for production use, and most never needed in an normal Internet proxy. Rule of thumb is to never include an --enable option unless you know what this option does and are positively sure you must use it. OK thanks a lot for the hints :) In file included from ../../src/squid.h:384, from ufs/store_dir_ufs.c:36: ../../src/ssl_support.h:46: syntax error before '*' token If you want to compile with Squid --enable-ssl (only needed to run Squid as an SSL accelerating reverse proxy in front of your own web servers) you need the following packages installed on RedHat: Yes, this is the main reason I want squid for ;) openssl-devel openssl-0.9.7a-22.1 openssl-devel-0.9.7a-22.1 krb5-devel krb5-devel-1.2.7-19 pkgconfig pkgconfig-0.14.0-5 I have these packages installed. plus the normal development tools.. I'm sorry but which packages exactly? How can I know the required development packages here? -- = Sincerely, Yousef Raffah Join FSF as an Associate Member at: URL:http://member.fsf.org/join?referrer=3036 a href=http://www.spreadfirefox.com/?q=affiliatesamp;id=468amp;t=1;Get Firefox!/a
Re: [squid-users] ACLs in a text file
[EMAIL PROTECTED] said: If I place my ACL definitions in a text file, and add URLs to the file during working hours, is it sufficient to just save the file for the new URLs to be allowed, or is it necessary to do something like rotating logs or restarting Squid? sbin/squid -k reconfigure Joost
Re: [squid-users] squid-2.5.STABLE8 compilation error
On Sun, 20 Feb 2005, Yousef Raffah wrote: Yes, this is the main reason I want squid for ;) openssl-devel openssl-0.9.7a-22.1 openssl-devel-0.9.7a-22.1 krb5-devel krb5-devel-1.2.7-19 pkgconfig pkgconfig-0.14.0-5 I have these packages installed. Are you positively sure you had these installed when you ran configure the first time? The error indicates configure could not find the openssl headers from openssl-devel. Try make distclean or start from a new source tree. I'm sorry but which packages exactly? How can I know the required development packages here? You already have these. Regards Henrik
RE: [squid-users] Proxy Antivirus
clamav is a free option from http://www.clamav.net and the look at the 3rd party software for squid redirectors. I suggest you do your homework well in advance and test thoroughly; I have had so many issues with squid+av that I have given up. Most of the issues you will see are with streaming media not being handled correctly by the AV, you are going to end up making a lot of mime exceptions and you will find that some websites incorrectly label streaming media as well. So far I have been unable to deploy any type of free AV, if anyone was successful I would appreciate some feedback and maybe some config files. From: Patrick Gomez [EMAIL PROTECTED] To: Squid-Users (E-mail) squid-users@squid-cache.org Subject: [squid-users] Proxy Antivirus Date: Sun, 20 Feb 2005 18:11:31 +0800 anyone outhere could advice me what antivirus would you recomend to me to used in my squid server Thanks Patrick _ Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
Re: [squid-users] Can't set AR with Squid's configure?
On Thu, 17 Feb 2005, Steve Snyder wrote: Configure does respect my setting of CC=mycompiler, but seems resistant to letting me specify the value of AR. How can I persuade configure to use the specified library manager? It needs to be an absolute path. env AR=/path/to/xiar ./configure ... Or alternatively do it at build time, in which case it can be anywhere in your path. make AR=xiar install Regards Henrik
Re: [squid-users] Re: Problem with unparseable HTTP header field
On Sun, 20 Feb 2005, Ralf Hildebrandt wrote: * Henrik Nordstrom [EMAIL PROTECTED]: I just hope this won't open up for any of the malicious shit the change in 2.5.STABLE8 was designed to prevent in the first place.. It is a very thin balance between what can be considered harmless crap and what may be odd result due to malicious intent. So, will (if all is well) the patch go into new versions? It already is in 2.5.STABLE9-RC1... http://www.squid-cache.org/Versions/v2/2.5/bugs/ Regards Henrik
Re: [squid-users] proxy woes continued
On Sat, 19 Feb 2005, richard wrote: I'm not seeing log entries from shorewall, or squid/access.log, but I'm getting connection refused from firefox on the remote machine, unfortunately its running winxp. not my machine ! Is Squid running? Any errors in cache.log? Does cache.log show that Squid is listenint to the port numbers you expect it to? Is the browser configured to use the same ports? http_port 127.0.0.1:3128 Are you sure about this? This makes Squid listen on the loopback interface only, not available to network clients.. Ah.. you are using a setup like client - dansguardian - squid, and what is failing is the connecion client - dansguardian. Is dansguardian running and listening on the ports and interfaces you expect? Regards Henrik
Re: [squid-users] Mandrake's squid crashes spectacularly...
On Sat, 19 Feb 2005, Paul Seaman wrote: I have had two boxes (nearly identically configured) with the same updated Mandrake 10.1 squid packages crash today with the following message in cache.log: assertion failed: MemBuf.c:188: mb-buf mb-max_capacity mb-capacity The Mandrake package that was installed was squid-2.5.STABLE6-2.3.101mdk. I do remember seeing this with some broken patch. Exact details long forgotten. Try upgrading to 2.5.STABLE8 + DNS patch. Note: To get the problem fixed in the Mandrake package please use the proper Mandrake support channels. Regards Henrik
Re: [squid-users] two simple questions
On Sun, 20 Feb 2005, Chris Knipe wrote: 1) Does squid cache objects locally fetched from a SIBLING parent?, and Yes, unless you tell it not to. 2) Whilst I know squid is not a RTSP / MMS / add your fav streaming protocol here, what is the standing on HTTP streaming? It gets passed via the proxy, but not cached, nor is there any stream splitting, and no plans at all on even caring to try to implement stream splitting of HTTP streaming. Things like NetAPP proxies have a feature where a stream is fetched only once, and then distributed from the cache to the clients accessing the specific stream. This is relatively easy to do if you have proxies for the native streaming protocols. It is not at all easy for HTTP streaming and I seriously doubt NetAPP does this on HTTP streaming. Can something similar be possible on squid (obviously, limited to HTTP streaming only). I'm mostly interested in somehow getting shoutcast streams to be fetched only once and distributed from the cache to clients. Thus, I actually only have one connection from the proxy to the stream, and can have say 40 from the proxy to the clients I hope this makes sense... For this you should be using a shoutcast proxy with support for stream splitting. Regards Henrik
Re: [squid-users] doubt regarding delay_access
On Mon, 14 Feb 2005, Dinil Divakaran wrote: delay_access 2 allow allowed_hosts delay_access 1 allow localhost delay_access 1 allow all delay_access is sorted per pool, always starting with pool 1, then pool 2 etc... so the above configuration is equivalent to delay_access 1 allow localhost delay_access 1 allow all delay_access 2 allow allowed_hosts so with the above configuration all requests will go into pool 1. Regards Henrik
Re: [squid-users] squid auth. using basic and ntlm at the same time
On Thu, 27 Jan 2005, Xavier Callejas wrote: I want that IE don't ask for a passwd, and msn messeger can work. Hard to do, given the fact that both clients are seriously broken in their authentication support. You have to select one as you can only work around one of the clients at a time. If you have a Microsoft support contract I would suggest using this to request Microsoft to improve the quality of the authentication support in MSIE and MSN Messenger, to allow both programs to be used proper with a proxy requiring authenitcation. Regards Henrik
Re: [squid-users] Load balancing query
On Fri, 28 Jan 2005, Carinus Carelse wrote: I have two external networks connected and I have one proxy server that is servicing about 500 users. I would like the squid box to do some load balancing across the two external link so that the http traffic does not just go through the one link. Is this possible and how do i go about setting this up. This is best done by route load balancing in your OS. But you can use tcp_outgoing_address to make Squid select which link to use for certain kinds of request. Regards Henrik
Re: [squid-users] squid.conf file
On Tue, 1 Feb 2005, ansari imtiyaz ahmed khadim husain wrote: Hi all... Can anybody tell me what is the meaning of the TAG:delay_initial_bucket_level in layman's terminology. Have you read the Squid FAQ chapter on delay pools? It sets the initial level of the pool on the clients first request since Squid started. If your pool is 16 KB and delay_initial_bucket_level is 50 (default) then the pool will at start be filled with 8 KB. Regards Henrik
Re: [squid-users] Incorrect logging of any ICQ connection
On Wed, 2 Feb 2005, sasha wrote: Hi, dear squid-cache developers! In my LAN some of users use icq and of course through squid. I don't leave them chance to go other way. I need to get statistics per user for ALL traffic transferred through the cache. That works fine, but squid does NOT log these connections as it logs other connections, made by the CONNECT method. It does log CONNECT connections, but only when the connection is closed. In addition access.log only ever shows the amount of data received, never the amount of data sent. This applies to all uses of the proxy, not only CONNECT. Say I want to go to httpS://www.nic.ru/whois/ and want to get an info for sasha.ru domain. EVERY connection to this service is logged. When I ask squid to CONNECT to a https server by a browser and get a reply, is the CONNECT session concerned closed? It depends. Many https servers closes the connection quickly, but not all. I mean does squid close the connection to the https server or keeps that one alive waiting for next client's (browser's) request? Squid has no say about this. It is all up to the browser and https server how long they keep the connection open. To Squid there is just random unstructured data flying in both directions between the browser and the server. The end of connection (when I closed app., that is icq) is expressed by this entry: 1107254299.091 915654 10.7.0.18 TCP_MISS/000 18353 CONNECT 205.188.7.220:443 sasha FIRST_UP_PARENT/10.0.0.78 - Where 18353(BYTES!!!) say to me that I (sasha) transferred both sides such amount of data. It says that sasha received 18353 on this connection. Is says nothing about how much data sasha sent to the requested server. Regards Henrik
Re: [squid-users] Accessing MySQL database for list of allowed sites
On Thu, 3 Feb 2005, Glynn Robinson wrote: I'm currently setting up a new Squid proxy server to replace an existing one. The current proxy utilises an ACL which connects to a MySQL database and extracts a number of allowed URLs from a table. The problem is, I'm having trouble replicating this behaviour in the new proxy. The current squid.conf file has a number of references to MySQL - including information regarding the name of the database, the user and password etc but when I include these statements in the new squid.conf file I receive a number of errors. Obviously, I need to add MySQL support but I am unsure as to how to do this. I've seen posts regarding a package called mysql_auth but I'm assuming it won't allow me to pull URLs from a database to add into an ACL. Your old Squid is patched with the unofficial mysql_acl patch which was available for Squid-2.4 and Squid-2.2. If you know a little programming then replicating pretty much the same functionality using the external_acl interface of Squid-2.5 and later is not too hard, but to my knowledge noone has done this yet. Regards Henrik
Re: [squid-users] HTML inserting or replacing text
On Sun, 6 Feb 2005, bc wrote: I've tried searching around for some squid addon which would be usable for censouring a predefined words in pages flowing trough the proxy. This is not something squid does. See the privacy or adblocking proxies. Regards Henrik
Re: [squid-users] doubt regarding delay_access
delay_access 2 allow allowed_hosts delay_access 1 allow localhost delay_access 1 allow all delay_access is sorted per pool, always starting with pool 1, then pool 2 etc... so the above configuration is equivalent to delay_access 1 allow localhost delay_access 1 allow all delay_access 2 allow allowed_hosts so with the above configuration all requests will go into pool 1. Thanks Henrik. This solved the confusion. Perhaps this explanation should be added to the squid.conf file to make it clearer. One more doubt - how does squid manage the downloading rate from any web server to the squid; is it just by introducing a delay in the application level while receiving data ?
Re: [squid-users] squid_ldap_group with novell ldap
On Sat, 12 Feb 2005, Adrian Malaguti wrote: They are using squid_ldap_auth and squid_ldap_group modules. It seems to be a problem with group membership attributes, the valiu for member attribute returned by both ldap servers are different. When querying to openldap it returns: # g_http_internet, poderjudicial, gub, uy dn: cn=g_http_internet, dc=poderjudicial,dc=gub,dc=uy objectClass: groupOfNames objectClass: top member: cn=csomma This is not a correct member of a groupOfNames.. the member should be the full DN of the member user, not just the CN. But when querying to eDir LDAP it returns: # g_http_internet, poderjudicial dn: cn=g_http_internet,o=poderjudicial objectClass: groupOfNames objectClass: Top member: cn=csomma,ou=divTec,ou=dgsa,ou=scj,o=poderjudicial Looks good. This is the current configuration with openldap (which works fine), but doesn't work with eDir LDAP. #external_acl_type ldap_group_helper %LOGIN /usr/local/squid/libexec/squid_ldap_group -d -b dc=poderjudicial,dc=gub,dc=uy -B dc=poderjudicial,dc=gub,dc=uy - h localhost -f ((objectclass=groupOfNames)(cn=%a)(member=cn=%u)) You need to use the -F flag to tell squid_ldap_group how to find the user from the login name. Same as teh -f flag to squid_ldap_auth. Note that the -f flag needs to be changed somewhat by removing any DN components from the member attribute match (memeber=%u instead of member=cn=%u). For clarity I would recomment using %g instead of %a. Especially considering you are already using %u for the user.. (initial version of squid_ldap_group used %a/%v, current versions uses %g/%u but also supports the older codes..) Regards Henrik
Re: [squid-users] Controlling access using MySQL
On Sat, 19 Feb 2005, Colin O'Keeffe wrote: I new to squid, very new! All i can do is compile it Now heres the story. I have my users in a MySQL db that RADIUS uses to authenticate them. The user, in there IP Configuration has a gateway in of the router. Now when they make a request the request is routed to Squid. (alot of people do this ?) MY question is, can i use the MySQL db with users info in it to act as an ACL so i can turn on / off peoples access through the proxy (if there being naughty) ? Would SQUID be able to know which IP the request is coming from if its going through a router? If you can devise a method whereby you can look up the username from the IP address then you can plug this into Squid via the external_acl directive. If you configure the clients to use the proxy you can also configure Squid to require authentication, asking the user to provide his login+password and have Squid verify this either directly to MySQL or via RADIUS. This is done via the auth_param basic program directive. As there is no standard on how accounts are stored in MySQL databases there is no standard helper available, but writing an authentication helper to Squid is not hard. All the helper need to do is to read username passwords pairs as input and echo back OK/ERR indicating if the login was valid or not. Similar for the external_acl helpers. These just reads the data specified as input (in your case the client IP) and echos back if this is OK and optionally which username to associate the request with. Regards Henrik
Re: [squid-users] squid-2.5.STABLE8 compilation error
On Sun, 20 Feb 2005 14:24:58 +0100 (CET), Henrik Nordstrom [EMAIL PROTECTED] wrote: On Sun, 20 Feb 2005, Yousef Raffah wrote: Yes, this is the main reason I want squid for ;) openssl-devel openssl-0.9.7a-22.1 openssl-devel-0.9.7a-22.1 krb5-devel krb5-devel-1.2.7-19 pkgconfig pkgconfig-0.14.0-5 I have these packages installed. Are you positively sure you had these installed when you ran configure the first time? The error indicates configure could not find the openssl headers from openssl-devel. Try make distclean or start from a new source tree. I just tried it now after installing the missing development packages and got this different error ./configure --enable-ssl snip /usr/bin/ld: cannot find -lz collect2: ld returned 1 exit status make[3]: *** [squid] Error 1 make[3]: Leaving directory `/root/squid-2.5.STABLE8/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/root/squid-2.5.STABLE8/src' make[1]: *** [all] Error 2 make[1]: Leaving directory `/root/squid-2.5.STABLE8/src' make: *** [all-recursive] Error 1 /snip -- = Sincerely, Yousef Raffah Join FSF as an Associate Member at: URL:http://member.fsf.org/join?referrer=3036 a href=http://www.spreadfirefox.com/?q=affiliatesamp;id=468amp;t=1;Get Firefox!/a
Re: [squid-users] blocking internet application files?
hi ok thx but wht if i want to give access only for browsing, msn and yahoo messenger? waiting fot your reply. bye Thankyou best regards, Shiraz Gul Khan (03002061179) Onezero Inc. _ It's fast, it's easy and it's free. Get MSN Messenger today! http://www.msn.co.uk/messenger
Re: [squid-users] doubt regarding delay_access
On Sun, 20 Feb 2005, Dinil Divakaran wrote: One more doubt - how does squid manage the downloading rate from any web server to the squid; is it just by introducing a delay in the application level while receiving data ? When the delay pool is empty Squid simply stops reading data from the server until the pool has been refilled by the refill rate. Regards Henrik
Re: [squid-users] doubt regarding delay_access
On Sun, 20 Feb 2005, Dinil Divakaran wrote: This solved the confusion. Perhaps this explanation should be added to the squid.conf file to make it clearer. Please file a bug report on it, preferably with a suggestion on wording (optimally as a patch to cf.data.pre) Regards Henrik
[squid-users] retrieving data from cache
Hi, my squid was ran ages ago, so I suppose to find a file in my cache dir what was removed from the web already. How can I find out if this file is sored, and how can I find out where it is stored. Actally, I know my cache_dir :)), I saw in the log this file was once stored, but anyways I don't know the actual file name where it was stored. Is there any way to find out? Note that this content was erased from the web for at least 6 months, so starting the squid will surely erase this. Thanks for your help in advance. -- Üdvözlettel: Ifj. Péntek Imre E-mail: [EMAIL PROTECTED]
Re: [squid-users] Can't see usernames in logs after enabling NTLM
Chris Robertson wrote: -Original Message- From: Oliver Hookins [mailto:[EMAIL PROTECTED] Sent: Thursday, February 10, 2005 1:15 PM To: Henrik Nordstrom Cc: squid-users@squid-cache.org; Chris Robertson Subject: Re: [squid-users] Can't see usernames in logs after enabling NTLM Henrik Nordstrom wrote: After that we have someone who IS in the LDAP group, is in the SURFING IP range and is access a site that is also not in allowedsites. The connection is denied and the username is not logged. Here the browser did not agree on logging in to the proxy and hence the request is denied as you require authentication (even if faked verification). This could be a problem. So any program that chooses not to authenticate, or for some reason cannot authenticate (for example, it's not built-in) will be denied access? If we reversed the rules like this: http_access allow SURFING http_access allow allowedsites mynetwork http_access allow AuthGroup mynetwork http_access deny all that would force authentication for non-SURFING non-allowedsites requests, right? I'm just thinking of server programs that download stuff but don't authenticate (in which case we would put them in the SURFING acl). Regards, Oliver That would allow unauthenticated surfing for computers in the SURFING IP range and for any computers on mynetwork accessing allowedsites. Once someone not in the SURFING IP range (but in mynetwork) tries to access a site that is not on the allowedsites list, authentication will be requested, and the AuthGroup will be checked. Dependant on the outcome of *that* test, either the request will be allowed or denied. In short, I think you've nailed it. Sorry to drag this issue out so long but it still isn't working 100%. I've got some more access.log examples of what is happening now. I understand that when a client is requested authentication, there are a couple of TCP_DENIED entries in the logs and that it is normal. However we are getting a couple of TCP_DENIED messages without the user credentials, then further TCP_DENIED messages with the user credentials. I have double- and triple-checked and this user is definitely in the authorised group. If I do a manual check with the squid_ldap_group on the command line, I get an OK. 1108612447.271459 192.168.0.61 TCP_REFRESH_HIT/200 905 GET http://www.microsoft.com/h/en-us/r/for_developers.gif - DIRECT/207.46.144.188 image/gif 1108612447.379482 192.168.0.61 TCP_REFRESH_HIT/200 1036 GET http://www.microsoft.com/h/en-us/r/company_info.gif - DIRECT/207.46.144.188 image/gif 1108612447.622478 192.168.0.61 TCP_MISS/200 628 GET http://c.microsoft.com/trans_pixel.asp? - DIRECT/207.46.197.85 image/gif 1108612447.711490 192.168.0.61 TCP_MISS/200 438 GET http://c1.microsoft.com/c.gif? - DIRECT/207.68.177.126 image/gif 1108612510.253 0 192.168.0.61 TCP_DENIED/407 1684 GET http://www.ninemsn.com.au/ - NONE/- text/html 1108612510.260 0 192.168.0.61 TCP_DENIED/407 1770 GET http://www.ninemsn.com.au/ - NONE/- text/html 1108612510.356 95 192.168.0.61 TCP_DENIED/403 1379 GET http://www.ninemsn.com.au/ epa\aderooy NONE/- text/html 1108612527.261 4 192.168.0.61 TCP_IMS_HIT/304 221 GET http://www.acrlimited.com.au/ - NONE/- text/html 1108612527.306 23 192.168.0.61 TCP_IMS_HIT/304 225 GET http://www.acrlimited.com.au/images/header-top-pic.jpg - NONE/- image/jpeg 1108612527.332 25 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/header-top-r.gif - NONE/- image/gif 1108612527.351 18 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/header-bottom-slogan.gif - NONE/- image/gif 1108612527.418 67 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/header-bottom-r.gif - NONE/- image/gif 1108612527.458 17 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/home-on.gif - NONE/- image/gif 1108612527.477 0 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/rates-off.gif - NONE/- image/gif 1108612527.506 28 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/privacy-off.gif - NONE/- image/gif 1108612527.530 24 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/contact-off.gif - NONE/- image/gif 1108612527.548 17 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/blank.gif - NONE/- image/gif 1108612527.565 16 192.168.0.61 TCP_IMS_HIT/304 223 GET http://www.acrlimited.com.au/images/rates.jpg - NONE/- image/jpeg 1108612527.599 34 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/acr_bar-home.gif - NONE/- image/gif 1108612527.631 31 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/w.gif - NONE/- image/gif 1108612527.654 22 192.168.0.61 TCP_IMS_HIT/304 222 GET http://www.acrlimited.com.au/images/footer_home-top.gif - NONE/- image/gif 1108612527.683 28 192.168.0.61 TCP_IMS_HIT/304
RE: [squid-users] Invalid Response
Is this in the daily autogenerated version of STABLE8? Mike Jacobi -Original Message- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: Saturday, February 19, 2005 6:27 PM To: Henrik Nordstrom Cc: Chris Robertson; =?X-UNKNOWN?Q?'Johan_Hen=E6s'?=; Jacobi Michael CRPH; Squid Users Subject: RE: [squid-users] Invalid Response On Sat, 19 Feb 2005, Henrik Nordstrom wrote: You all might find the thread at http://www.mail-archive.com/squid-users@squid-cache.org/msg24333.html more usefull. Specifically the directive given at http://www.mail-archive.com/squid-users@squid-cache.org/msg24383.html. Check the squid.conf.default, as I'm sure usage of that directive (ignore_header_whitespace for the impatient) is outlined there. ignore_header_whitespace is named relaxed_header_parser these days. And in addition it won't help for this specific case, and also defaults to it's softest on mode.. Update: With the patch proposed in bug #1242 Squid again ignores this quite broken HTTP response with a warning in cache.log. Regards Henrik
[squid-users] When I declare delay_parameters 2 100/100
Hello, When I declare /delay_parameters 2 100/100 //. / FATAL: Bungled squid.conf line 2880: delay_parameters 2 100/100 Squid Cache (Version 2.5.STABLE6): Terminated abnormally. CPU Usage: 0.010 seconds = 0.000 user + 0.010 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 227 Aborted How to solve the problem. Thanks and Regards, Eakapot
RE: [squid-users] Invalid Response
On Sun, 20 Feb 2005, Jacobi Michael CRPH wrote: Is this in the daily autogenerated version of STABLE8? Yes, it is in 2.5.STABLE9-RC1 and later. Regards Henrik
Re: [squid-users] When I declare delay_parameters 2 100/100
On Mon, 21 Feb 2005, eakpot wrote: When I declare /delay_parameters 2 100/100 //. / FATAL: Bungled squid.conf line 2880: delay_parameters 2 100/100 1. Is your Squid built with support for delay pools? (default not) 2. Have you configured the delay_class for pool # 2? Regards Henrik
Re: [squid-users] squid-2.5.STABLE8 compilation error
On Sun, 20 Feb 2005 17:21:02 +0100 (CET), Henrik Nordstrom [EMAIL PROTECTED] wrote: On Sun, 20 Feb 2005, Yousef Raffah wrote: I just tried it now after installing the missing development packages and got this different error ./configure --enable-ssl snip /usr/bin/ld: cannot find -lz You are now missing zlib-devel. Thanks a lot Henrik, it is has compiled successfully now :) -- = Sincerely, Yousef Raffah Join FSF as an Associate Member at: URL:http://member.fsf.org/join?referrer=3036 a href=http://www.spreadfirefox.com/?q=affiliatesamp;id=468amp;t=1;Get Firefox!/a
Re: [squid-users] retrieving data from cache
2005. februr 21. 04.10 dtummal Henrik Nordstrom ezt rta: If you have the store.log from when the file was stored then the file number can be found there. okay, I've got the store log. I suppose this number is needed: 1A784FA9731651749D1A8C28C8C338C3 but I don't know how to decode it... Can you gelp me? -- dvzlettel: Ifj. Pntek Imre E-mail: [EMAIL PROTECTED]