Re: [squid-users] Deny media
How do we do content filtering with Squid?? Should we use some other software in conjunction with it?? Is a free software available for Unix?? try dansguardian
Re: [squid-users] Httpd Accelerator
On 26.04 21:01, Jon wrote: I've been using Squid for a couple of months as a server accelerator and it was great. But recently our site traffic has increased. Now I'm having issues where Squid would exit and restart back up during heavy load. At most it could serve out ~84 Mbps before it crashes. My server has 4 GB of RAM; I tweaked the kernel for message queues, shared memory, increased nmbclusters and file descriptors. Is there other settings I can tune to increase its performance? I know my description is a little vague but I'll be happy to submit my setting if anyone is interested. Maybe it has reached the limit and I need to add another squid? What is your cache_mem setting and maximum_object_size_in_memory? what memory replacement policy do you use? Do you use disk cache? If so, what disk layout do you use, what storage system and what is your maximum_object size and disk replacement policy? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe.
Re: [squid-users] Why the NCSA authentication of Squid 2.5 server doesn't work?
can you able to run as, # /usr/local/squid-2.59/libexec/ncsa_auth /usr/local/squid-2.59/etc/passwd username passwd OK #ls -l /usr/local/squid-2.59/libexec/ncsa_auth -rwxr-xr-x 1 root root46205 Apr 27 10:07 /usr/local/squid-2.59/libexec/ncsa_auth What is your cache_effective_user and cache_effective_group configuration in squid.conf file.? 2005/04/27 11:05:32| WARNING: Cannot run '/usr/local/squid-2.59/libexec/ncsa_auth' process. Have you started squid with root user / squid user? == Best Regards, Squid Runner Team squidrunner_dev at yahoo dot com SquidRunner - An Automatic Squid Builder Web: http://freshmeat.net/projects/squidrunner/ Support: runnersupport at gmail dot com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [squid-users] Transparent Proxy No Caching
Hi robert, Ur acl's tells that ur network ip are of 10.0.0.0 and 10.0.30.0 network i m running squid 2.5 stable , i also had same problem , when u use squid in transparent mode u hav to reroute the requests from 80 to 8080 or 3128 what soever port u r running squid , when i define my network ips in squid.conf it was not caching i removed my network ips from acl's and allowed all , than it started working quite fine showing me lots of TCP_HIT. U can try this , it is quite better .and u can change ips netime without making ne changes on client side. Coz in transparent proxy u don hav to specify the proxy settings in ur browser u just hav to specify the gateway in the clients TCP/Ip properties. For nething in transparent proxy u can ask . Regards Dev On 4/26/05, Robert Vangel [EMAIL PROTECTED] wrote: acl QUERY urlpath_regex no_cache deny query acl blacklist dstdomain -i /etc/squid/blacklist acl all src 0.0.0.0/0.0.0.0 acl office src 10.0.0.0/255.255.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl purge method PURGE acl CONNECT method CONNECT acl methods method all acl office0 src 10.0.0.0/255.255.255.0 ... acl office30 src 10.0.30.0/255.255.255.0 http_access deny blacklist http_access allow localhost http_access deny purge http_access allow office http_access deny all http_reply_access allow office http_reply_access deny all # 40GB XFS partition cache_dir aufs /var/spool/squid 3 16 256 dev singh wrote: Hi Robert, can u plz post the acl parameter . regards dev
[squid-users] peering
Hello, I'm using the latest Squid 3 Beta (squid-3.0-PRE3-20050427) as a reverse proxy. I have one server which does heavy image-calculations (it renders maps, 2-3 seconds for each image). Now I added a second server and I would like to use the cache_peer option so that each web accelerator checks first, if the requested image is already rendered on the other cache. Unfortunatly I was not able to get this working. I tried to change the always_direct option, but if I delete this option, the cache is not working any more. My configuration looks like this: http_port 213.133.a.c:80 accel defaultsite=127.0.0.1 cache_peer 127.0.0.1 parent 80 0 no-query originserver no-digest name=mydomain cache_peer 213.133.a.b sibling 80 3130 cache_peer 213.133.a.c sibling 80 3130 acl my_domains dstdomain www.domain.de cache_peer_access mydomain allow my_domains http_access allow my_domains always_direct allow all Does someone know, how to get this working? Or is the combination of a reverse proxy and the use of other caches in a hierarchy not possible? Greetings from germany, Hermann Behrens -- Hermann-Marcus Behrens / citybeat.de E-Mail: [EMAIL PROTECTED] Web: www.citybeat.de Telefon: 0421 - 16 80 80 - 0 Fax: 0421 - 16 80 80 -80 Adresse: Zum Huchtinger Bahnhof 13 / 28259 Bremen
Re: [squid-users] Transparent Proxy No Caching
I will give that a shot. I will have to wait until tomorrow though before I know if it works or not because of the time now (18:10) and noone left there (I am having to do everything remotely). dev singh said: Hi robert, Ur acl's tells that ur network ip are of 10.0.0.0 and 10.0.30.0 network i m running squid 2.5 stable , i also had same problem , when u use squid in transparent mode u hav to reroute the requests from 80 to 8080 or 3128 what soever port u r running squid , when i define my network ips in squid.conf it was not caching i removed my network ips from acl's and allowed all , than it started working quite fine showing me lots of TCP_HIT. U can try this , it is quite better .and u can change ips netime without making ne changes on client side. Coz in transparent proxy u don hav to specify the proxy settings in ur browser u just hav to specify the gateway in the clients TCP/Ip properties. For nething in transparent proxy u can ask . Regards Dev
[squid-users] Squid, read denied ip's from a text file , authentication + rules
Hello everyone, thank you for the fast help :) , it did work out , and now it works, but I wonder is it possible (don't know how) to make squid read the ip's of my denied clients from a file (text file) , sorta like it does when it reads the banned extensions from a file... this possible? currently my acl shops src xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy is very long got 15 ip's... if reading from a file is not possible how can you do that one acl takes up many lines like acl shops src xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy zzz.zzz.zzz.zzz . . . I use authentication (basic),... I would like to know, is it possible (and is there a example) , to do the following : user logs in with username internet password internet, and is able to browse , but no porn, some extensions are banned user logs in with username master password topsecret, and is able to browse , no restricitons... Sincerely Robert B - Original Message - From: Chris Robertson [EMAIL PROTECTED] To: 'Robert Becskei' [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Wednesday, April 20, 2005 21:34 Subject: RE: [squid-users] Squid, redirect user by ip from 06 to 18:00 to you are not allowed to surf page -Original Message- From: Robert Becskei [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 20, 2005 9:19 AM To: Subject: [squid-users] Squid, redirect user by ip from 06 to 18:00 to you are not allowed to surf page Hello everyone, I've been running squid for a while, and did a few redirection via squidguard, and also some really simple authentication etc... but this one I don't know how to accomplish : I would like to redirect a certain group of ip addresses (192.168.1.40-192.168.1.80) from 6:00 till 18:00 to a banned.html webpage, so they will only be able to surf the internet after workhours 18:00 till 06:00 . is this possible? a hint if I may beg ? :) Sincerely Robert Becskei acl workers src 192.168.1.40-192.168.1.80/32 acl workTime time M-F 06:00-18:00 http_access deny workers workTime deny_info http://my.web.server/banned.html workers workTime Placing these acls in the correct position in the squid.conf is an exercise left to the reader. An alternative is to save the banned.html page to Squid's error directory and change the deny_info line appropriately. These acls have not been tested in a production environment, and are provided without warranty expressed or implied, yadda yadda yadda. Chris
[squid-users] squid auth issues
Hello, Apart from NCSA what are the other forms of authentication that are available vis-a-vis squid.One that will not have that crypto issue. Thanks Varun
RE: [squid-users] Httpd Accelerator
-Original Message- From: Matus UHLAR - fantomas [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 27, 2005 2:57 AM To: Squid Users Subject: Re: [squid-users] Httpd Accelerator On 26.04 21:01, Jon wrote: I've been using Squid for a couple of months as a server accelerator and it was great. But recently our site traffic has increased. Now I'm having issues where Squid would exit and restart back up during heavy load. At most it could serve out ~84 Mbps before it crashes. My server has 4 GB of RAM; I tweaked the kernel for message queues, shared memory, increased nmbclusters and file descriptors. Is there other settings I can tune to increase its performance? I know my description is a little vague but I'll be happy to submit my setting if anyone is interested. Maybe it has reached the limit and I need to add another squid? What is your cache_mem setting and maximum_object_size_in_memory? what memory replacement policy do you use? Do you use disk cache? If so, what disk layout do you use, what storage system and what is your maximum_object size and disk replacement policy? cache_mem 512 MB maximum_object_size_in_memory 1024 KB maximum_object_size 2048 KB cache_replacement_policy heap GDSF memory_replacement_policy heap GDSF I use diskd with 3 cache directories on a RAID 0 Thanks, Jon
Re: [squid-users] Httpd Accelerator
On Tue, 26 Apr 2005, Jon wrote: I've been using Squid for a couple of months as a server accelerator and it was great. But recently our site traffic has increased. Now I'm having issues where Squid would exit and restart back up during heavy load. Anything in cache.log explaining why it exited? Regards Henrik
Re: [squid-users] Squid, read denied ip's from a text file , authentication + rules
On Wed, 27 Apr 2005, Robert Becskei wrote: Hello everyone, thank you for the fast help :) , it did work out , and now it works, but I wonder is it possible (don't know how) to make squid read the ip's of my denied clients from a file (text file) , sorta like it does when it reads the banned extensions from a file... this possible? currently my acl shops src xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy is very long got 15 ip's... if reading from a file is not possible how can you do that one acl takes up many lines like acl shops src xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy zzz.zzz.zzz.zzz acl shops src /path/to/file/with/ips.txt Regards Henrik
[squid-users] outlook, eudora mails failed to connect
sir, After i've configured my squid proxy, the only problem that i've encountered was when our client trying to open up their mails in outlook/eudora, the error message that would open up was The host 'mail.domain.ph' could not be found. Please verify that you have entered the server name correctly. Account: 'mail.domain.ph', Server: 'mail.domain.ph', Protocol: POP3, Port: 110, Secure(SSL): No, Socket Error: 11001, Error Number: 0x800CCC0D. Is there anything mistake or i forget to configure up to avoid this problem on our mail. Thanks, Adam