[squid-users] squid failed. The error was: init_cache_dir
Hi All, Im running FC3 and have squid built into this distro. Anyway, when trying to start it in the service manager, i get this message. squid failed. The error was: init_cache_dir /var/spool/squid... Starting squid: [FAILED] Im not sure what im meant to do, in /var/spool/squid the permissions are 777 Please advise. Thanks Ben
[squid-users] owa access
hi list, i know, there are many writings about outlook web access and how to configure it with transparent proxy. but i still have problems :-( I configured my proxy like this: http_port 80 httpd_accel_host internalmailserver httpd_accel_port 80 httpd_accel_single_host on httpd_accel_with_proxy on httpd_accel_uses_host_header off I can connect from outside and get my basic authentication from my internalmailserver. But then i will be forwarded direct to my internalmailserver And never via my published proxy name. In fact, connection to internalmailserver is denied. Please can you also give me a hint how to change my config to use SSL? (how to create a ssl certificate) Thanks, Andrew
Re: [squid-users] squid failed. The error was: init_cache_dir
Try to check /var/log/messages - Original Message - From: Ben [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Monday, July 25, 2005 3:46 AM Subject: [squid-users] squid failed. The error was: init_cache_dir Hi All, Im running FC3 and have squid built into this distro. Anyway, when trying to start it in the service manager, i get this message. squid failed. The error was: init_cache_dir /var/spool/squid... Starting squid: [FAILED] Im not sure what im meant to do, in /var/spool/squid the permissions are 777 Please advise. Thanks Ben
RE: [squid-users] squid failed. The error was: init_cache_dir
Hi There On the command line, type in : squid -z Then Do a: chown squid:squid /var/spool/squid/ -Rf And try to start again. -Original Message- From: doni [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 10:44 AM To: Ben; squid-users@squid-cache.org Subject: Re: [squid-users] squid failed. The error was: init_cache_dir Try to check /var/log/messages - Original Message - From: Ben [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Monday, July 25, 2005 3:46 AM Subject: [squid-users] squid failed. The error was: init_cache_dir Hi All, Im running FC3 and have squid built into this distro. Anyway, when trying to start it in the service manager, i get this message. squid failed. The error was: init_cache_dir /var/spool/squid... Starting squid: [FAILED] Im not sure what im meant to do, in /var/spool/squid the permissions are 777 Please advise. Thanks Ben
[squid-users] webmin module
Hi all! Does anyone know if there is an updated version of squid webmin module that support the offline_mode tag? Thanks a lot...
RE: [squid-users] squid failed. The error was: init_cache_dir
sorry, no help On Mon, 2005-07-25 at 10:53 +0200, Gert Brits wrote: Hi There On the command line, type in : squid -z Then Do a: chown squid:squid /var/spool/squid/ -Rf And try to start again. -Original Message- From: doni [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 10:44 AM To: Ben; squid-users@squid-cache.org Subject: Re: [squid-users] squid failed. The error was: init_cache_dir Try to check /var/log/messages - Original Message - From: Ben [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Monday, July 25, 2005 3:46 AM Subject: [squid-users] squid failed. The error was: init_cache_dir Hi All, Im running FC3 and have squid built into this distro. Anyway, when trying to start it in the service manager, i get this message. squid failed. The error was: init_cache_dir /var/spool/squid... Starting squid: [FAILED] Im not sure what im meant to do, in /var/spool/squid the permissions are 777 Please advise. Thanks Ben
Re: [squid-users] squid failed. The error was: init_cache_dir
Pls check your cache.logs, must be seen an interesting logging for your squid configuration. At least when squid first starting up, it will create cache.log - Original Message - From: Ben [EMAIL PROTECTED] To: Gert Brits [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Monday, July 25, 2005 6:23 AM Subject: RE: [squid-users] squid failed. The error was: init_cache_dir sorry, no help On Mon, 2005-07-25 at 10:53 +0200, Gert Brits wrote: Hi There On the command line, type in : squid -z Then Do a: chown squid:squid /var/spool/squid/ -Rf And try to start again. -Original Message- From: doni [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 10:44 AM To: Ben; squid-users@squid-cache.org Subject: Re: [squid-users] squid failed. The error was: init_cache_dir Try to check /var/log/messages - Original Message - From: Ben [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Monday, July 25, 2005 3:46 AM Subject: [squid-users] squid failed. The error was: init_cache_dir Hi All, Im running FC3 and have squid built into this distro. Anyway, when trying to start it in the service manager, i get this message. squid failed. The error was: init_cache_dir /var/spool/squid... Starting squid: [FAILED] Im not sure what im meant to do, in /var/spool/squid the permissions are 777 Please advise. Thanks Ben
Re: [squid-users] squid failed. The error was: init_cache_dir
Squid Cache (Version 2.5.STABLE9): Terminated abnormally. CPU Usage: 0.009 seconds = 0.005 user + 0.004 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 On Mon, 2005-07-25 at 16:29 +0700, doni wrote: Pls check your cache.logs, must be seen an interesting logging for your squid configuration. At least when squid first starting up, it will create cache.log - Original Message - From: Ben [EMAIL PROTECTED] To: Gert Brits [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Monday, July 25, 2005 6:23 AM Subject: RE: [squid-users] squid failed. The error was: init_cache_dir sorry, no help On Mon, 2005-07-25 at 10:53 +0200, Gert Brits wrote: Hi There On the command line, type in : squid -z Then Do a: chown squid:squid /var/spool/squid/ -Rf And try to start again. -Original Message- From: doni [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 10:44 AM To: Ben; squid-users@squid-cache.org Subject: Re: [squid-users] squid failed. The error was: init_cache_dir Try to check /var/log/messages - Original Message - From: Ben [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Monday, July 25, 2005 3:46 AM Subject: [squid-users] squid failed. The error was: init_cache_dir Hi All, Im running FC3 and have squid built into this distro. Anyway, when trying to start it in the service manager, i get this message. squid failed. The error was: init_cache_dir /var/spool/squid... Starting squid: [FAILED] Im not sure what im meant to do, in /var/spool/squid the permissions are 777 Please advise. Thanks Ben
Re: [squid-users] squid failed. The error was: init_cache_dir
* Ben [EMAIL PROTECTED]: sorry, it said Squid Cache (Version 2.5.STABLE9): Terminated abnormally. CPU Usage: 0.009 seconds = 0.007 user + 0.002 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 FATAL: Could not determine fully qualified hostname. Please set 'visible_hostname' does this help?? How about setting visible_hostname? -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
Re: [squid-users] squid failed. The error was: init_cache_dir
Hi - Original Message - From: Ben [EMAIL PROTECTED] To: doni [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Monday, July 25, 2005 4:59 AM Subject: Re: [squid-users] squid failed. The error was: init_cache_dir sorry, it said Squid Cache (Version 2.5.STABLE9): Terminated abnormally. CPU Usage: 0.009 seconds = 0.007 user + 0.002 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 FATAL: Could not determine fully qualified hostname. Please set 'visible_hostname' does this help?? Please check your squid.conf, visible_hostname must be a name of your server
Re: [squid-users] webmin module
Matteo Villari ha scritto: Hi all! Does anyone know if there is an updated version of squid webmin module that support the offline_mode tag? Thanks a lot... Done. I've modified the old one. If someone need the same feature i could post the few line i added.
[squid-users] Winbind group membership authentication
Hi, I'm new to the list so I hope I'm not asking one of those questions that gets asked ten times a week :) I'm running Squid 2.5 Stable with Samba 3.03 on Fedora core 2. I set it up by reading the NTLM/winbind sections in the FAQ, which also roughly corresponds with some other people's squid.conf's I googled. Winbind is working, ntlm_auth tests OK and NTLM authentication via IE works fine for domain users (2K AD). But of course, I want to authenticate based on group membership not just plain domain membership. wbinfo_group.pl seems to be working - I can manually feed it usernames or 'domain+username' and groupnames and get the correct responses. Fine so far but when squid speaks to wbinfo_group.pl the script only sees the domain name and the group to be queried, not the username (according to its debug output). Hence it allways returns ERR. I've tried setting the winbind separator to '+' but this doesnt seem to have made a difference. To be honest I've only been using linux for a few months so this has all taken me quite a while and I'm running out of time I can spend on this - I'm hoping someone out there can suggest something. Revelant squid.conf lines: auth_param ntlm program /usr/lib/squid/ntlm_auth ssl\\server auth_param ntlm children 2 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/lib/squid/ntlm_auth ssl\\server auth_param basic children 2 auth_param basic realm Workbench testbox auth_param basic credentialsttl 2 hours external_acl_type nt_group ttl=60 concurrency=2 %LOGIN /usr/lib/squid/wbinfo_group.pl acl all src 0.0.0.0/0.0.0.0 acl benches src 10.1.1.0/24 acl lan src 192.17.90.0/24 ... acl domainusers proxy_auth REQUIRED acl groupmembers external nt_group ProxyAccess # TAG: http_access #http_access allow ncsa_users http_access allow benches #http_access allow lan #http_access allow localhost #http_access allow authenticated http_access allow domainusers groupmembers http_access deny all Cache.log debug output from wbinfo_group.pl: (ssl is the domain name, not the user name - hence the ERR) Got ssl ProxyAccess from squid User: -ssl- Group: -ProxyAccess- SID: -S-1-5-21-1343024091-2111687655-854245398-1124 Domain Group (2)- GID: -10002- Sending ERR to squid Thanks for reading, Neil
Fw: [squid-users] Persistent HTTPS / SSL connections through Squid
Not sure if I posted this email correctly.. sorry for possible duplicate. Is there a way to allow persistent HTTPS / SSL connections to a specific site through squid? I have an application that requires a full time connection. Wayne
RE: [squid-users] squid failed. The error was: init_cache_dir
Hi there Search for the TAG: visible_hostname part in your squid.conf file. Then set to like : visible_hostname proxy.mydomain.com -Original Message- From: doni [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 12:09 PM To: Ben Cc: squid-users@squid-cache.org Subject: Re: [squid-users] squid failed. The error was: init_cache_dir Hi - Original Message - From: Ben [EMAIL PROTECTED] To: doni [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Monday, July 25, 2005 4:59 AM Subject: Re: [squid-users] squid failed. The error was: init_cache_dir sorry, it said Squid Cache (Version 2.5.STABLE9): Terminated abnormally. CPU Usage: 0.009 seconds = 0.007 user + 0.002 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 FATAL: Could not determine fully qualified hostname. Please set 'visible_hostname' does this help?? Please check your squid.conf, visible_hostname must be a name of your server
[squid-users] Squid termintation process
Dear All I am trouble in starting squid, it is already running fine but last i tried to stop and strat squid it doesnot start and abnormally termintates below is an error in /var/squid/log/cache.log storeDiskdInit: msgget: (28) No space left on device Please advised me solution waiting for prompt reply Thanks Muhammad Aslam With Best Regards Muhammad Aslam ul Haq World Online (WOL) Internet Operations 502, Syedna Taher Saifuddin Memorial Foundation Building, Beaumont Road, Civil Lines,Karachi. Voice: (92-21)111600222 URL: http://www.wol.net.pk
[squid-users] Problem with squid... Dirty Cache constant restart loop....
Hi all. Been running squid for years, never really had any problems till today. Everything seems to have been running fine till just before 12pm.. Then someone comes in and asks if the net is down Sure enough squid has died and is no longer running on the server. I do a service squid start Try to connect to the internet again... Nothing. No username/password request etc. Tail -f /var/log/squid/cache.log I get... 2005/07/25 15:10:14| Starting Squid Cache version 2.4.STABLE6 for i686-pc-linux-gnu... 2005/07/25 15:10:14| Process ID 5379 2005/07/25 15:10:14| With 1024 file descriptors available 2005/07/25 15:10:14| Performing DNS Tests... 2005/07/25 15:10:14| Successful DNS name lookup tests... 2005/07/25 15:10:14| DNS Socket created on FD 4 2005/07/25 15:10:14| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2005/07/25 15:10:14| helperOpenServers: Starting 20 'squirm' processes 2005/07/25 15:10:14| helperOpenServers: Starting 15 'ncsa_auth' processes 2005/07/25 15:10:17| Unlinkd pipe opened on FD 44 2005/07/25 15:10:17| Swap maxSize 6144 KB, estimated 4726153 objects 2005/07/25 15:10:17| Target number of buckets: 236307 2005/07/25 15:10:17| Using 262144 Store buckets 2005/07/25 15:10:17| Max Mem size: 8192 KB 2005/07/25 15:10:17| Max Swap size: 6144 KB 2005/07/25 15:10:17| Rebuilding storage in /var/squid/cache (DIRTY) 2005/07/25 15:10:17| Using Least Load store dir selection 2005/07/25 15:10:17| Set Current Directory to /var/squid/cache Repeated over and over and over etc. Ok, I figure that the cached files are not happy, So I remove the cache files, then set them back up using -z still the same problem. Rebooted the box, removed squirm and ncsa_auth, still the same... Im looking to remove the cache next to see if that helps it. Looked on google etc for this problem and no one seems to have an answer Any ideas? Many Thanks Ross
RE: [squid-users] Squid termintation process
Hi There It seems like one of your partitions are full On the command line type the following : Df -h And then copy and paste that for us -Original Message- From: Aslam [mailto:[EMAIL PROTECTED] Sent: 26 July 2005 03:28 AM To: squid-users@squid-cache.org Subject: [squid-users] Squid termintation process Dear All I am trouble in starting squid, it is already running fine but last i tried to stop and strat squid it doesnot start and abnormally termintates below is an error in /var/squid/log/cache.log storeDiskdInit: msgget: (28) No space left on device Please advised me solution waiting for prompt reply Thanks Muhammad Aslam With Best Regards Muhammad Aslam ul Haq World Online (WOL) Internet Operations 502, Syedna Taher Saifuddin Memorial Foundation Building, Beaumont Road, Civil Lines,Karachi. Voice: (92-21)111600222 URL: http://www.wol.net.pk
RE: [squid-users] Problem with squid... Dirty Cache constant restart loop....
Hi There 1.) Check your disk space ( your cache partition if it is on its own ). 2.) Check if you have a proper DNS server that can resolve DNS names under /etc/resolve.conf 3.) Remove your old cache under your cache directory. 4.) squid -z 5.) restart squid. -Original Message- From: Ross McInnes [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 03:27 PM To: squid-users@squid-cache.org Subject: [squid-users] Problem with squid... Dirty Cache constant restart loop Hi all. Been running squid for years, never really had any problems till today. Everything seems to have been running fine till just before 12pm.. Then someone comes in and asks if the net is down Sure enough squid has died and is no longer running on the server. I do a service squid start Try to connect to the internet again... Nothing. No username/password request etc. Tail -f /var/log/squid/cache.log I get... 2005/07/25 15:10:14| Starting Squid Cache version 2.4.STABLE6 for i686-pc-linux-gnu... 2005/07/25 15:10:14| Process ID 5379 2005/07/25 15:10:14| With 1024 file descriptors available 2005/07/25 15:10:14| Performing DNS Tests... 2005/07/25 15:10:14| Successful DNS name lookup tests... 2005/07/25 15:10:14| DNS Socket created on FD 4 2005/07/25 15:10:14| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2005/07/25 15:10:14| helperOpenServers: Starting 20 'squirm' processes 2005/07/25 15:10:14| helperOpenServers: Starting 15 'ncsa_auth' processes 2005/07/25 15:10:17| Unlinkd pipe opened on FD 44 2005/07/25 15:10:17| Swap maxSize 6144 KB, estimated 4726153 objects 2005/07/25 15:10:17| Target number of buckets: 236307 2005/07/25 15:10:17| Using 262144 Store buckets 2005/07/25 15:10:17| Max Mem size: 8192 KB 2005/07/25 15:10:17| Max Swap size: 6144 KB 2005/07/25 15:10:17| Rebuilding storage in /var/squid/cache (DIRTY) 2005/07/25 15:10:17| Using Least Load store dir selection 2005/07/25 15:10:17| Set Current Directory to /var/squid/cache Repeated over and over and over etc. Ok, I figure that the cached files are not happy, So I remove the cache files, then set them back up using -z still the same problem. Rebooted the box, removed squirm and ncsa_auth, still the same... Im looking to remove the cache next to see if that helps it. Looked on google etc for this problem and no one seems to have an answer Any ideas? Many Thanks Ross
RE: [squid-users] Problem with squid... Dirty Cache constant restart loop....
Heya gert, df -h shows FilesystemSize Used Avail Use% Mounted on /dev/sda5 22G 6.3G 15G 31% / /dev/sda1 99M 36M 58M 39% /boot none 501M 0 501M 0% /dev/shm /dev/sda2 9.7G 2.9G 6.3G 32% /var/log/squid /dev/sdb1 68G 65M 64G 1% /var/squid/cache -- cache dir I can ping/traceroute/nslookup/host everywhere Ive done that, ive even set it back to defaults on /usr/local/squid/cache (still says its dirty) Done all of that im afraid... Ross -Original Message- From: Gert Brits [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 14:43 To: squid-users@squid-cache.org Subject: RE: [squid-users] Problem with squid... Dirty Cache constant restart loop Hi There 1.) Check your disk space ( your cache partition if it is on its own ). 2.) Check if you have a proper DNS server that can resolve DNS names under /etc/resolve.conf 3.) Remove your old cache under your cache directory. 4.) squid -z 5.) restart squid. -Original Message- From: Ross McInnes [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 03:27 PM To: squid-users@squid-cache.org Subject: [squid-users] Problem with squid... Dirty Cache constant restart loop Hi all. Been running squid for years, never really had any problems till today. Everything seems to have been running fine till just before 12pm.. Then someone comes in and asks if the net is down Sure enough squid has died and is no longer running on the server. I do a service squid start Try to connect to the internet again... Nothing. No username/password request etc. Tail -f /var/log/squid/cache.log I get... 2005/07/25 15:10:14| Starting Squid Cache version 2.4.STABLE6 for i686-pc-linux-gnu... 2005/07/25 15:10:14| Process ID 5379 2005/07/25 15:10:14| With 1024 file descriptors available 2005/07/25 15:10:14| Performing DNS Tests... 2005/07/25 15:10:14| Successful DNS name lookup tests... 2005/07/25 15:10:14| DNS Socket created on FD 4 2005/07/25 15:10:14| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2005/07/25 15:10:14| helperOpenServers: Starting 20 'squirm' processes 2005/07/25 15:10:14| helperOpenServers: Starting 15 'ncsa_auth' processes 2005/07/25 15:10:17| Unlinkd pipe opened on FD 44 2005/07/25 15:10:17| Swap maxSize 6144 KB, estimated 4726153 objects 2005/07/25 15:10:17| Target number of buckets: 236307 2005/07/25 15:10:17| Using 262144 Store buckets 2005/07/25 15:10:17| Max Mem size: 8192 KB 2005/07/25 15:10:17| Max Swap size: 6144 KB 2005/07/25 15:10:17| Rebuilding storage in /var/squid/cache (DIRTY) 2005/07/25 15:10:17| Using Least Load store dir selection 2005/07/25 15:10:17| Set Current Directory to /var/squid/cache Repeated over and over and over etc. Ok, I figure that the cached files are not happy, So I remove the cache files, then set them back up using -z still the same problem. Rebooted the box, removed squirm and ncsa_auth, still the same... Im looking to remove the cache next to see if that helps it. Looked on google etc for this problem and no one seems to have an answer Any ideas? Many Thanks Ross
AW: [squid-users] owa access
Hi, Mhh.. We don't use squid via ssl nor OWA with ssl. (i think debugging is simplier without that) In /etc/hosts there is a correct naming of the server, But it doesn't work. I can get to the login window but not further. SSL activation on squid i don't know either how to manage :-( Thanks, for response. Cheers, Andrew Jason Whiteaker schrieb am Montag, 25. Juli 2005 15:10: Hi Andrew, I wish I had better news, as I too have tried to get OWA to work with Squid. The final answer is that I was able to get OWA to work with Squid, however, you'll find that the spell checker is broken. It appears to be because of non-RFC compliance by OWA (big surprise there, eh?) :-) The issue stems from apparent HTTP chunking issues, and from what I've seen, a future release of Squid may address this. For now, we can access OWA via Squid (HTTPS - Squid - HTTP - OWA), but the spell checker function is broken. This may not be a big deal to your user base, but it's an issue here. See this Microsoft article: http://support.microsoft.com/default.aspx?scid=kb;en-us;307347 I think your current issue is that you'll need a filter on OWA so that it will not send HTTPS back as part of the HTTP header info, that is, it sounds like you're having the issue I ran into - OWA doesn't know that it's behind a proxy, so when it responds, it responds with HTTPS in the header info and your client establishes the connection to the OWA server that bypasses the proxy. Your Squid config seems OK. Be sure to create a host entry for your mailserver in /etc/hosts that points to the real (internal) IP of the OWA server. Good luck! -Jason -Original Message- From: Mrvka Andreas [mailto:[EMAIL PROTECTED] Sent: Monday, July 25, 2005 2:08 AM To: Squid-Users Subject: [squid-users] owa access hi list, i know, there are many writings about outlook web access and how to configure it with transparent proxy. but i still have problems :-( I configured my proxy like this: http_port 80 httpd_accel_host internalmailserver httpd_accel_port 80 httpd_accel_single_host on httpd_accel_with_proxy on httpd_accel_uses_host_header off I can connect from outside and get my basic authentication from my internalmailserver. But then i will be forwarded direct to my internalmailserver And never via my published proxy name. In fact, connection to internalmailserver is denied. Please can you also give me a hint how to change my config to use SSL? (how to create a ssl certificate) Thanks, Andrew
RE: [squid-users] Squid termintation process
FilesystemSize Used Avail Use% Mounted on /dev/sda2 12G 1.9G 9.3G 17% / /dev/sda11011M 36M 924M 4% /boot /dev/sdb1 16G 49M 14G 78% /cache1 /dev/sdc1 16G 12G 3.3G 78% /cache2 /dev/sdd1 16G 12G 3.5G 77% /cache3 *** REPLY SEPARATOR *** On 07/25/2005 at 3:34 PM Gert Brits wrote: Hi There It seems like one of your partitions are full On the command line type the following : Df -h And then copy and paste that for us -Original Message- From: Aslam [mailto:[EMAIL PROTECTED] Sent: 26 July 2005 03:28 AM To: squid-users@squid-cache.org Subject: [squid-users] Squid termintation process Dear All I am trouble in starting squid, it is already running fine but last i tried to stop and strat squid it doesnot start and abnormally termintates below is an error in /var/squid/log/cache.log storeDiskdInit: msgget: (28) No space left on device Please advised me solution waiting for prompt reply Thanks Muhammad Aslam With Best Regards Muhammad Aslam ul Haq World Online (WOL) Internet Operations 502, Syedna Taher Saifuddin Memorial Foundation Building, Beaumont Road, Civil Lines,Karachi. Voice: (92-21)111600222 URL: http://www.wol.net.pk
Re: [squid-users] unjustified denied access
Christoph Haas wrote: On Sat, Jul 23, 2005 at 12:35:23PM -0400, Guillermo Gomez wrote: I'm having a weird denial of access for specific google searches which is making me crazy. I dont have such a rule to deny specific google searches (i dont even know how to do it) and the weirdest part is that the reply from Squid is teling me it occurred in the future. ERROR While trying to retrieve the URL: http://www.google.co.ve/search? The following error was encountered: Access Denied. Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. Set 'debug_options ALL,1 33,2' in your squid.conf and run 'squid -k reconfig'. The cache.log should then tell you why an access is denied (in other words: which ACL matched). Christoph Thanks Christoph That's what i needed, and yes it was an ACL match. Time was right but in GMT format. Thanks again Guillermo
[squid-users] squid server specs
Quick question: I am looking at implementing squid proxy for internet authentication purposes. We will not be utilizing the cache just the authentication piece. I will be installing this on Red Hat Linux running on an Intel platform. My question is how big do these boxes need to be as far as processor, memory, etc? We will have hundreds of users authenticating at any given time. -- The contents of this e-mail (and any attachments) are confidential, may be privileged and may contain copyright material. You may only reproduce or distribute material if you are expressly authorized by us to do so. If you are not the intended recipient, any use, disclosure or copying of this email (and any attachments) is unauthorized. If you have received this e-mail in error, please notify the sender and immediately delete this e-mail and any copies of it from your system. ==
RE: [squid-users] Problem with squid... Dirty Cache constant restart loop....[SOLVED]
Hey all again... Ive sorted this now. What cleared it was when I ran a default config pointing back to the default locations. I then changed the cache dir back to where it should be and it was still ok... Changed everything else one by one back to where it should be and it failed on the logs directory... My store.log file was 2GB ++... Funny thing was it got rotated at 4am this morning (does it every week) So had a look through it and there are 1000's of lines such as 1122286149.325 RELEASE -1 2DC3245064EB354E24E2A91F3AB185B4 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 216DB1B58751EE8D10965063EF2581D4 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 AA135BE9264086B83BC91DA34755DF42 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 CC6D2D7C3C4C026DFA8B79C5EA1CF548 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 DE84219FE2466C35C6F7A97D2884AA02 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 D7A9D8327A71DCD1E8BB681E33DD1005 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 05C4E760CA6F74198E6AC587AB57A93F ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 A9FAF6B5D35654D62AC88009E09F01E0 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 292329206E1C38E653A2AE53789C44F2 ? ? ? ? ?/? ?/? ? ? 1122286149.325 RELEASE -1 7E901F327EEF9E1C5B640324807BE474 ? ? ? ? ?/? ?/? ? ? Any ideas what this is?? But anyways the web is working again :) Cheers Ross -Original Message- From: Ross McInnes [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 14:56 To: squid-users@squid-cache.org Subject: RE: [squid-users] Problem with squid... Dirty Cache constant restart loop Heya gert, df -h shows FilesystemSize Used Avail Use% Mounted on /dev/sda5 22G 6.3G 15G 31% / /dev/sda1 99M 36M 58M 39% /boot none 501M 0 501M 0% /dev/shm /dev/sda2 9.7G 2.9G 6.3G 32% /var/log/squid /dev/sdb1 68G 65M 64G 1% /var/squid/cache -- cache dir I can ping/traceroute/nslookup/host everywhere Ive done that, ive even set it back to defaults on /usr/local/squid/cache (still says its dirty) Done all of that im afraid... Ross -Original Message- From: Gert Brits [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 14:43 To: squid-users@squid-cache.org Subject: RE: [squid-users] Problem with squid... Dirty Cache constant restart loop Hi There 1.) Check your disk space ( your cache partition if it is on its own ). 2.) Check if you have a proper DNS server that can resolve DNS names under /etc/resolve.conf 3.) Remove your old cache under your cache directory. 4.) squid -z 5.) restart squid. -Original Message- From: Ross McInnes [mailto:[EMAIL PROTECTED] Sent: 25 July 2005 03:27 PM To: squid-users@squid-cache.org Subject: [squid-users] Problem with squid... Dirty Cache constant restart loop Hi all. Been running squid for years, never really had any problems till today. Everything seems to have been running fine till just before 12pm.. Then someone comes in and asks if the net is down Sure enough squid has died and is no longer running on the server. I do a service squid start Try to connect to the internet again... Nothing. No username/password request etc. Tail -f /var/log/squid/cache.log I get... 2005/07/25 15:10:14| Starting Squid Cache version 2.4.STABLE6 for i686-pc-linux-gnu... 2005/07/25 15:10:14| Process ID 5379 2005/07/25 15:10:14| With 1024 file descriptors available 2005/07/25 15:10:14| Performing DNS Tests... 2005/07/25 15:10:14| Successful DNS name lookup tests... 2005/07/25 15:10:14| DNS Socket created on FD 4 2005/07/25 15:10:14| Adding nameserver 127.0.0.1 from /etc/resolv.conf 2005/07/25 15:10:14| helperOpenServers: Starting 20 'squirm' processes 2005/07/25 15:10:14| helperOpenServers: Starting 15 'ncsa_auth' processes 2005/07/25 15:10:17| Unlinkd pipe opened on FD 44 2005/07/25 15:10:17| Swap maxSize 6144 KB, estimated 4726153 objects 2005/07/25 15:10:17| Target number of buckets: 236307 2005/07/25 15:10:17| Using 262144 Store buckets 2005/07/25 15:10:17| Max Mem size: 8192 KB 2005/07/25 15:10:17| Max Swap size: 6144 KB 2005/07/25 15:10:17| Rebuilding storage in /var/squid/cache (DIRTY) 2005/07/25 15:10:17| Using Least Load store dir selection 2005/07/25 15:10:17| Set Current Directory to /var/squid/cache Repeated over and over and over etc. Ok, I figure that the cached files are not happy, So I remove the cache files, then set them back up using -z still the same problem. Rebooted the box, removed squirm and ncsa_auth, still the same... Im looking to remove the cache next to see if that helps it. Looked on google etc for this problem and no one seems to have an answer Any ideas? Many Thanks Ross
[squid-users] RBL/RHSBL for Squid?
I was thinking about an RBL/RHSBL feature like know in MTas when reading this: http://www.theregister.co.uk/2005/07/25/spyware_screening/ Some sort of RBL , which lists malware URLs, hosts or IPs and which could then be blocked within Squid. -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
[squid-users] Squid accelerator
Hi everyone, I have a question, I hope that you can help: I want to setup a HTTPS accelerator using squid 2.5.STABLE7. The environment is: Client (Internet) -- (using https) -- My server (squid accelerator) -- (using http) -- My application server. Have a different enviroment that working: Client (Internet) -- (using https) -- My server (squid accelerator) -- (using https) -- My apache server Can the first enviroment work? Where is the difference in the two configurations? My squid.conf (second enviroment): http_port 80 https_port 443 cert=/etc/squid/server.crt key=/etc/squid/server.key redirect_rewrites_host_header off httpd_accel_port 80 httpd_accel_host 192.168.19.210 httpd_accel_single_host on httpd_accel_uses_host_header on Thanks in advance. Massimo Pignoloni
Re: [squid-users] Winbind group membership authentication
Neil Gaskell wrote: Hi, I'm new to the list so I hope I'm not asking one of those questions that gets asked ten times a week :) I'm running Squid 2.5 Stable with Samba 3.03 on Fedora core 2. I set it up by reading the NTLM/winbind sections in the FAQ, which also roughly corresponds with some other people's squid.conf's I googled. Winbind is working, ntlm_auth tests OK and NTLM authentication via IE works fine for domain users (2K AD). But of course, I want to authenticate based on group membership not just plain domain membership. wbinfo_group.pl seems to be working - I can manually feed it usernames or 'domain+username' and groupnames and get the correct responses. Fine so far but when squid speaks to wbinfo_group.pl the script only sees the domain name and the group to be queried, not the username (according to its debug output). Hence it allways returns ERR. I've tried setting the winbind separator to '+' but this doesnt seem to have made a difference. To be honest I've only been using linux for a few months so this has all taken me quite a while and I'm running out of time I can spend on this - I'm hoping someone out there can suggest something. Cracked it now I think. I was using the wrong ntlm_auth module, now I'm using the one in /usr/bin (that came with samba?) and its passing the right info to wbinfo_group.pl. Neil
[squid-users] external authentication script -- No such file
I have try to configure the configuration file to use a external authentication perl script, but it seems that something is wrong because when the file don't have permissions it says no permissions allowed and when I change the permissions it seems that squid can not find the file, is it any chroot configuration somewhere?? This happens either with external_acl and with auth_program, 2005/07/20 21:21:53| ipcCreate: /usr/lib/squid/authenticate2.pl: (2) No such file or directory Any help would be appreciated, Regards, Ricardo Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
Re: [squid-users] Transparent Squid
Robert Vangel wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pherowze wrote: Hi, Does anyone know how to setup transparent squid... kindly assist. Thanks. Pherowze. What you are probably looking for is an intercepting proxy (running on router intercepting http requests and sending them to the proxy server), and all you need to do is read through FAQ archives for plenty of information -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (MingW32) iD8DBQFC45dKW3d/aAsHRrcRAtVvAJ0Qd0akAH2CpYQH3qIz9QBGkyFeVQCggWFK fsk3avF1BJcYfpODa8j5O5w= =5fl0 -END PGP SIGNATURE- all depend on what do you want to do and how, i mean are you using some BSD system, or Solaris or Linux, are you going to implement in the system box or are you going to set it up with the LAN equipments? for example i use the OpenBSD box as router so i need to twek the system in order to work and put the redirection rule of the PF so this could happen. rdr on $int_if proto tcp from any to any port 80 - 127.0.0.1 port 3128 so send more information about whta you want to do. Carlos A. Garcia G. May the Force be with you.
Re: [squid-users] squid server specs
On 7/25/05, Corey Tyndall [EMAIL PROTECTED] wrote: I am looking at implementing squid proxy for internet authentication purposes. We will not be utilizing the cache just the authentication piece. If all you really need is authentication, Squid may not be the best solution, as Squid does a lot of extra work and rewriting of requests, necessary for caching but not really useful for just user authentication. Personally, I would instead consider something like the Cisco PIX or any other hardware or software product which can provide a Single Sign On approach to authenticating users for outbound (and/or inbound) access. If you do want to proceed with Squid, may I inquire as to what type of authentication will you be using? Will the credential store be local on the box running Squid, or will the authentication requests be forwarded using a network protocol to a remote host? If so, what protocol will be used for the network authentication? We will have hundreds of users authenticating at any given time. Squid will cache the password for a successful authentication for one hour by default: http://www.squid-cache.org/Doc/FAQ/FAQ-23.html#ss23.3 So for each unique user who successfully authenticates, the Squid server will only need to contact the authentication helper at most once per hour. Kevin Kadow (P.S. Squid caches local authentication usernames and passwords in memory in cleartext, so you may wish to look into encrypting swap.)
Re: Fw: [squid-users] Persistent HTTPS / SSL connections through Squid
On 25.07 07:28, Wayne Jansson wrote: Is there a way to allow persistent HTTPS / SSL connections to a specific site through squid? I have an application that requires a full time connection. Although it is possible and squid supports it, it's browsers' business and squid has nothing to do with it. The HTTP nature makes it irrelevant if different objects are fetched with different connections. -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows found: (R)emove, (E)rase, (D)elete
Re: [squid-users] Persistent HTTPS / SSL connections through Squid
I having similar problem and solve it with specify: read_timeout 240 minutes ( After each successful read(), the timeout will be extented ( 4 ours)) If you want can extend this time to 1440 (one day). Massimo - Original Message - From: Wayne Jansson [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Monday, July 25, 2005 1:28 PM Subject: Fw: [squid-users] Persistent HTTPS / SSL connections through Squid Not sure if I posted this email correctly.. sorry for possible duplicate. Is there a way to allow persistent HTTPS / SSL connections to a specific site through squid? I have an application that requires a full time connection. Wayne
[squid-users] 127.0.0.1
I'm running Dansguardian, Squid, Samba on Mandrake 10.2. I've recently upgraded Squid to 2.5 Stable 9 and tripped over a few configuration differences such as the visible hostname needing setting. I've changed a good few things in an attempt to get it working but now every client is identified in squid.log as 127.0.0.1 ??? (they are OK in the samba log) I think I'm missing something silly but the amount of coffee drunk precludes realisation. Any ideas? Rawlinm
[squid-users] Squid running in a gateway machine.
My iptables is running as both a gateway and a http-proxy. I route every incoming connection from the INTERNET to the 192.168.0.12:8080, wich is my web server. From my internal network when I try to access the address www.mydomain.com, wich represents my domain in the internet, the squid answers with (111) Connection refused message. I've already tried to use the no_cache option, like: acl DOMAIN url_reges .*mydomain.* no_cache DENY DOMAIN Can I use this configuration? -- Fernando Lujan
[squid-users] Load balancing redirector problem with virtual hosts
Hi all -
Okay, I've poked around a bunch looking for possible solutions to this
problem but can't seem to make any headway.
I'm implementing a simple load balancing solution between two origin servers
one of which is running squid and must also handle a number of
non-accelerated virtual hosts.
The set up looks like this:
Primary server:
Squid in surrogate mode listening on 80, with redirector for all URIs
Apache, bound to 127.0.0.1 listening on 80
Serving a number of name-based virtual hosts
Secondary server:
Apache bound to IP listening on 80
I have squid running successfully for all virtual hosts using the single
primary origin server with the following directives:
httpd_accel_host 127.0.0.1
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_uses_host_header on
If I try to add support for my simple redirector (listed below) using the
following directives, I can no longer connect to any of the virtual hosts.
Client connections end up timing out (WARNING: Closing client 24.10.x.x
connection due to lifetime timeout).
redirect_program /path/to/load_balancer.pl
redirect_rewrites_host_header off
httpd_accel_host 127.0.0.1
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_uses_host_header on
The redirector (pared down for simplicity; eventually will direct to
secondary server too):
#!/usr/bin/perl -w
$|++;
while () {
print http://127.0.0.1;;
}
I'm sure this is a matter of balancing the different confg directives but I
haven't seen an config exactly like this before.
Any insight would be greatly appreciated!
Todd
Re: [squid-users] 127.0.0.1
Are you applying any iptables/ipchain rules? Regards Mohsin --- Secretary [EMAIL PROTECTED] wrote: I'm running Dansguardian, Squid, Samba on Mandrake 10.2. I've recently upgraded Squid to 2.5 Stable 9 and tripped over a few configuration differences such as the visible hostname needing setting. I've changed a good few things in an attempt to get it working but now every client is identified in squid.log as 127.0.0.1 ??? (they are OK in the samba log) I think I'm missing something silly but the amount of coffee drunk precludes realisation. Any ideas? Rawlinm __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: [squid-users] Squid termintation process
Seesm to be an old bug, which squid version you are using, check your cache_dir directive in squid conf, else clean your cache and restart squid again. Regards Mohsin --- Aslam [EMAIL PROTECTED] wrote: FilesystemSize Used Avail Use% Mounted on /dev/sda2 12G 1.9G 9.3G 17% / /dev/sda11011M 36M 924M 4% /boot /dev/sdb1 16G 49M 14G 78% /cache1 /dev/sdc1 16G 12G 3.3G 78% /cache2 /dev/sdd1 16G 12G 3.5G 77% /cache3 *** REPLY SEPARATOR *** On 07/25/2005 at 3:34 PM Gert Brits wrote: Hi There It seems like one of your partitions are full On the command line type the following : Df -h And then copy and paste that for us -Original Message- From: Aslam [mailto:[EMAIL PROTECTED] Sent: 26 July 2005 03:28 AM To: squid-users@squid-cache.org Subject: [squid-users] Squid termintation process Dear All I am trouble in starting squid, it is already running fine but last i tried to stop and strat squid it doesnot start and abnormally termintates below is an error in /var/squid/log/cache.log storeDiskdInit: msgget: (28) No space left on device Please advised me solution waiting for prompt reply Thanks Muhammad Aslam With Best Regards Muhammad Aslam ul Haq World Online (WOL) Internet Operations 502, Syedna Taher Saifuddin Memorial Foundation Building, Beaumont Road, Civil Lines,Karachi. Voice: (92-21)111600222 URL: http://www.wol.net.pk Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
RE: [squid-users] Squid termintation process
are you using diskd? --- Mohsin Khan [EMAIL PROTECTED] wrote: Seesm to be an old bug, which squid version you are using, check your cache_dir directive in squid conf, else clean your cache and restart squid again. Regards Mohsin --- Aslam [EMAIL PROTECTED] wrote: FilesystemSize Used Avail Use% Mounted on /dev/sda2 12G 1.9G 9.3G 17% / /dev/sda11011M 36M 924M 4% /boot /dev/sdb1 16G 49M 14G 78% /cache1 /dev/sdc1 16G 12G 3.3G 78% /cache2 /dev/sdd1 16G 12G 3.5G 77% /cache3 *** REPLY SEPARATOR *** On 07/25/2005 at 3:34 PM Gert Brits wrote: Hi There It seems like one of your partitions are full On the command line type the following : Df -h And then copy and paste that for us -Original Message- From: Aslam [mailto:[EMAIL PROTECTED] Sent: 26 July 2005 03:28 AM To: squid-users@squid-cache.org Subject: [squid-users] Squid termintation process Dear All I am trouble in starting squid, it is already running fine but last i tried to stop and strat squid it doesnot start and abnormally termintates below is an error in /var/squid/log/cache.log storeDiskdInit: msgget: (28) No space left on device Please advised me solution waiting for prompt reply Thanks Muhammad Aslam With Best Regards Muhammad Aslam ul Haq World Online (WOL) Internet Operations 502, Syedna Taher Saifuddin Memorial Foundation Building, Beaumont Road, Civil Lines,Karachi. Voice: (92-21)111600222 URL: http://www.wol.net.pk Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
