Re: [squid-users] squid 2.5 and large acl
Matus UHLAR - fantomas wrote: On 04.02 13:54, Paweł Staszewski wrote: does anybody have experiences with squid and large number (1 lines) of acl-s like: acl user1 src xxx.xxx.xxx.xxx/255.255.255.255 tcp_outgoing_address xxx.xxx.xxx.xxx user1 I doubt so, but is would be imho very ineffective. Also, I don't know what OS will allow you to have 1 IP addresses on local interface. Why do you want to do this? so you want to get this result? http://www.squid-cache.org/Doc/FAQ/FAQ-7.html#ss7.13 thanks for your reply/ curently i have : ip addr show | grep vlan0891 | wc -l 7689 And that is also number of users in our network. In network users have 10/8 subnet and for http traffic I use squid-proxy and want to assign to every user uniq ip ...with squid so every user will be see as his nated ip on www-servers. Squid proxy is not a nat for network , nat is doing another linux based machine. So question was about performance of that large acl list in squid.conf , and any experiences with that many acl-s in squid.conf :)
Re: [squid-users] Squid is blocking access to some BBC news sites
Hello Via the webmin interface I turned on/off "X_Forwarded_For?". Via the squid.conf file i tried "forwarded_for" set to both yes and no. Our IP address range is the internal range of 10.146.* Jason From: Matus UHLAR - fantomas <[EMAIL PROTECTED]> To: squid-users@squid-cache.org Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Fri, 6 Jan 2006 08:08:04 +0100 On 05.01 11:30, Jason Bassett wrote: > By the forwarded_for setting, do you mean the "X-Forwarded-For header?", i > have tried this on and off but no change. I can not see a "forwarded_for" > option on its own. here it is: http://squid.visolve.com/squid/squid24s1/miscellaneous.htm#forwarded_for What exactly did you turn on and off and how? > >From: Matus UHLAR - fantomas <[EMAIL PROTECTED]> > >To: squid-users@squid-cache.org > >Subject: Re: [squid-users] Squid is blocking access to some BBC news sites > >Date: Thu, 5 Jan 2006 11:49:07 +0100 > > > >On 05.01 10:22, Jason Bassett wrote: > >> Clicking many of these links results in a greyish BBC page stating > >> "We're sorry. The content you requested is available for UK users > >> only.". We are in the UK to this page should appear. > >> > >> Bypassing SQUID completely, resolves this issue. > > > >I guess you use IPs from private ranges on your network (10.*, 192.168.* or > >172.16-31.*). If so, try setting forwarded_for to off, and if that helps, > >it's probably a bug on their page that should be reported. Are you using IP's from this ranges on your network? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One OS to rule them all, One OS to find them, One OS to bring them all and into darkness bind them
Re: [squid-users] Squid is blocking access to some BBC news sites
Good morning We are running squid version 2.5. I now understand that there is a version 3? We are in England. When we search at www.bbc.co.uk/news (for example for 'genocide' - thats the topic the children are working on), we recieve a list of results, we click "All News Audio Video results >>" and get a more defined list of results with media clips. Clicking many of these links results in a greyish BBC page stating "We're sorry. The content you requested is available for UK users only.". We are in the UK to this page should appear. This only occurs when going through the Squid proxy. Jason From: Mark Elsen <[EMAIL PROTECTED]> To: Jason Bassett <[EMAIL PROTECTED]> CC: squid-users@squid-cache.org, [EMAIL PROTECTED] Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Thu, 5 Jan 2006 16:57:12 +0100 > Hello everyone > > I am using SQUID in a school with SQUIDGUARD. It has been brought to my > attention that various news articles at www.bbc.co.uk/news do not open > properly. What happens, then, more exact. Error in browser . What is in squid´s access.log for these requests ? Anything else in cache.log ? >This only occurs when going through the SQUID proxy. I have > disabled SQUIDGUARD to ensure this was not the problem, it is definitely a > SQUID issue. SQUID version ? > > When we search at www.bbc.co.uk/news (for example for 'genocide' - thats the > topic the children are working on), we recieve a list of results, we click > "All News Audio Video results >>" and get a more defined list of results > with media clips. > > Clicking many of these links results in a greyish BBC page stating "We're > sorry. The content you requested is available for UK users only.". We are > in the UK to this page should appear. In which country are you living ? M.
[squid-users] Squid and sarg
Hi, At the moment I'm generating log files from my squid server using sarg on a daily basis which gives me a run down of what each user is using. Is there a way to get sarg to do some sort of separation of time for the different tarrif structures? ie. sarg must show the bandwidth usage for the 08:00 - 17:00 slot, 17:00 - 00:00 slot and the 00:00 - 08:00 slot, so that each different slot can be seen separately for each user? Are there any other squid accounting packages which offer this feature? An HTML report of the results would be ideal. Thanks Nolan
Re: [squid-users] Squid and sarg
Nolan Rumble wrote: >Hi, > >At the moment I'm generating log files from my squid server using sarg >on a daily basis which gives me a run down of what each user is using. >Is there a way to get sarg to do some sort of separation of time for the >different tarrif structures? ie. sarg must show the bandwidth usage for >the 08:00 - 17:00 slot, 17:00 - 00:00 slot and the 00:00 - 08:00 slot, >so that each different slot can be seen separately for each user? > I believe there is a University in South Africa that successfully uses squidguard for billing and authorisation. Kind regards Xander
RE: [squid-users] restriciting spyware
hello gurus, Is it possible to stop spyware entering in to the network with help of squid. The users are allowed to access only through proxy except one to two systems which are direct. But our network is often affected by spywares. Please suggest me a solution to stop this. Thanks Geetha - Hello, There is not any particular way of blocking spyware using squid. You might want to use squidGuard as it already has a big list of sites which contains unwanted malware/viruses. It would be helpful if you go ahead and block all Gambling sites, sites with cracks which usually contains spyware. This would be your first line of defense. The other way to stay free of Spyware would be by deploying Microsoft Antispyware on all the windows systems on your network. Regards Srid
Re: [squid-users] restriciting spyware
> hello gurus, > > Is it possible to stop spyware entering in to the > network with help of squid. > Basically not because SQUID , only deals with the http transport layer. You can use , a virus scanning box ; in as a parent for your SQUID sever. Use adequate anti virus protection on every PC; which has access to the Internet , proxy-based or not. The term virus is ment in a broadened meaning here; i.e. modern anti-virus sellers include spyware blocking too into there product(s). M.
Re: [squid-users] Squid is blocking access to some BBC news sites
> > We are running squid version 2.5. Please include the complete SQUID version string , which can be obtainted with : % squid -v >I now understand that there is a version 3? > No there isn´t. > We are in England. > > When we search at www.bbc.co.uk/news (for example for 'genocide' - thats the > topic the children are working on), we recieve a list of results, we click > "All News Audio Video results >>" and get a more defined list of results > with media clips. > > Clicking many of these links results in a greyish BBC page stating "We're > sorry. The content you requested is available for UK users only.". We are > in the UK to this page should appear. > Try this in squid.conf : header_access deny X-Forwarded-for M.
Re: [squid-users] "Operation not permitted" when reloading or restarting squid, onlywith version 2.5STABLE11 or 12
> Hi everyone, > I'm running squid as user squid. > Up to version 2.5STABLE10 everything worked fine. Starting with STABLE11, > I get the following error when I reload or restart squid: > > fook:/home # /usr/local/squid/sbin/squid -k reconfigure > squid: ERROR: Could not send signal 1 to process 25503: (1) Operation not > permitted > > If I change back to V10 everything is OK. > > Any ideas? > Make sure that squid, is running under the same intented user. (forgot to set correctly in one for the squid.confs ?) M.
Re: [squid-users] restriciting spyware
> > hello gurus, > > > > Is it possible to stop spyware entering in to the > > network with help of squid. > > > > Basically not because SQUID , only deals with the http transport > layer. You can use , a virus scanning box ; in as a parent for > your SQUID sever. > > Use adequate anti virus protection on every PC; which has > access to the Internet , proxy-based or not. > > The term virus is ment in a broadened meaning here; i.e. modern > anti-virus sellers include spyware blocking too into there product(s). > > M. I do agree with Mark, in terms of using adequate malware protection (malware was the term decided upon to include any software that's malicious: spyware, adware, grayware, viruses, trojans, etc) primarily for this problem. However, proxying the network's traffic is an excellent way to "control" things. There are quite a few blacklist databases out there which you can plug into squid. I personally use SquidGuard to do it. The few occasions at which our proxy server is down, the users notice it because malware manages to affect their machines. Unfortunately I don't feel like the databases are updated often enough. This is mainly because malware is an exponential problem and it's incredibly hard to keep up with. I'm putting a project team together to specifically set up a database which manages malware sources more efficiently. Currently, the database will be built for squidguard, because I like the simplicity of SquidGuard. I've heard DansGuardian is "better" because it's more feature-rich. Additionally, you can check out http://www.squid-cache.org/related-software.html There's all kinds of options out there. On a side-note, if anyone is interesting in working on my source database, please let me know off-list. Regards, Tim Rainier
Re: [squid-users] Transparent Proxy
> I searched the Whole FAQ and I didn't find any documentation that tells how > to configure SQUID to work as an transparent proxy. > http://www.squid-cache.org/Doc/FAQ/FAQ-17.html M.
[squid-users] a log question
Hi everybody I want to know if i can exclude an ip address from logging, I mean i dont want that an especific ip address can appearin access.log file If the answer is " yes... you can :) " I need to know how get this Thanks in advance Regards. Mario
Re: [squid-users] yum not directed through parent
> irst off, I'm new at this and I'm not a sysadmin so I may have > overlooked/not understood how to do this based on the > squid.confdocumentation. > > I'm on a corporate network behind a proxy that requires > authentication, i'm using squid so that I don't have to go throught > the head ache of configuring the authorization for each app. > > I've done the following (with my appropriate domain of course) > acl local-servers dstdomain .foo.net > acl all src 0.0.0.0/0.0.0.0 > never_direct deny local-servers > never_direct allow all > > And everything works great, however when I try to use yum it tries to go > direct and not through the parent. Here are some entries from access.log: > > 1136475166.948 0 127.0.0.1 TCP_HIT/200 1454 GET > http://apt.sw.be/fedora/4/en/i386/dag/repodata/repomd.xml - NONE/- > application/xml > 1136474756.414 0 127.0.0.1 TCP_HIT/200 1454 GET > http://apt.sw.be/fedora/4/en/i386/dag/repodata/repomd.xml - NONE/- > application/xml > 1136474775.362 0 127.0.0.1 TCP_HIT/200 1315 GET > http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/i386/repodata/repomd.xml > - NONE/- text/xml > 1136474846.545 0 127.0.0.1 TCP_HIT/200 1454 GET > http://apt.sw.be/fedora/4/en/i386/dag/repodata/repomd.xml - NONE/- > application/xml > 1136474964.462 0 127.0.0.1 TCP_HIT/200 1505 GET > http://download.fedora.redhat.com/pub/fedora/linux/core/4/i386/os/repodata/ > repomd.xml > - NONE/- text/xml > 1136475035.703 0 127.0.0.1 TCP_HIT/200 1505 GET > http://download.fedora.redhat.com/pub/fedora/linux/extras/4/i386/repodata/repomd.xml > - NONE/- text/xml > These are hits. SQUID doesn´t need to contact the parent or the remote weberver, because the object is already in the cache. > i've noticed that occasionally one to gmail isn't through the parent either: > 1136474609.793 0 127.0.0.1 TCP_MISS/000 0 POST > http://mail.google.com/mail/? - NONE/- - > 1136474671.377 0 127.0.0.1 TCP_MISS/000 0 POST > http://mail.google.com/mail/? - NONE/- - > - Check your squid.conf thoroughly, make sure no other http_access rules are in place , which could cause this. - SQUID version ? M.
Re: [squid-users] access control issues
Anyone have any input here? Can this be done? On 1/5/06, Dustin <[EMAIL PROTECTED]> wrote: > > You don't explain which group is supposed to do what. So I'll guess. > > > > 'Full_InetAllow' has full inet access, 'de_InetAllow' should be > limited to a few sites. > > > This ACL is invalid (I wonder why Squid didn't complain). Either it's > > > > acl localnet proxy_auth REQUIRED > > > > or > > > > acl localnet src 10.100.3.0/24 > > > > It works though :) > > > > > > > When I tried the following, squid would not start: > > > > Why not? Which errors occur? > > > > Its not bombing out anymore, perhaps the server reboot changed that. > > > > acl de_urls dstdomain .fedex.com .ups.com > > > acl de_InetAllow external win_domain_group Web_access_dataentry > > > http_access allow de_InetAllow de_urls > > > http_access deny all > > > > This would mean you allow access to the de_urls for members of the > > Web_access_dataentry group. Everyone else is denied access. > > > Yes, that is what I'd like to accomplish, limit the sites which this > group 'de_InetAllow' can access. > > I just tried this but did not work either: > > == > acl localnet proxy_auth REQUIRED > acl de_urls dstdomain .fedex.com .ups.com > acl de_InetAllow external win_domain_group Web_access_dataentry > http_access allow de_InetAllow de_urls > acl Full_InetAllow external win_domain_group Web_access_full > http_access allow Full_InetAllow > == > > FYI, I am still able to go anywhere w/ a user in the 'Full_InetAllow' group. > > Any ideas? > > -Dustin >
[squid-users] Contend Encoding for Squid
There was an initiative for this started by http://swelltech.com/squidgzip/ Does anyone know the current status on this? Or if there is another alternate solution? Thanks, Ankur Prakash
Re: [squid-users] Squid is blocking access to some BBC news sites
Hello again My Squid version is: Squid Cache: Version 2.5.STABLE10 I added header_access deny X-Forwarded-for to the bottom of my squid.conf but now i get this error: 2006/01/06 21:27:48| squid.conf line 3466: header_access deny X-Forwarded-for 2006/01/06 21:27:48| aclParseAccessLine: expecting 'allow' or 'deny', got 'X-Forwarded-for'. I have tried accessing the bbc articles through from home via my own squid which is running the same distro (mandriva 2006) and squid version(see above). I have the same problem at home. Jason From: Mark Elsen <[EMAIL PROTECTED]> To: Jason Bassett <[EMAIL PROTECTED]> CC: squid-users@squid-cache.org Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Fri, 6 Jan 2006 18:00:28 +0100 > > We are running squid version 2.5. Please include the complete SQUID version string , which can be obtainted with : % squid -v >I now understand that there is a version 3? > No there isn´t. > We are in England. > > When we search at www.bbc.co.uk/news (for example for 'genocide' - thats the > topic the children are working on), we recieve a list of results, we click > "All News Audio Video results >>" and get a more defined list of results > with media clips. > > Clicking many of these links results in a greyish BBC page stating "We're > sorry. The content you requested is available for UK users only.". We are > in the UK to this page should appear. > Try this in squid.conf : header_access deny X-Forwarded-for M.
Re: [squid-users] Squid is blocking access to some BBC news sites
Try: header_access X-Forwarded-For deny all Deny should come afterwards. D.Radel. - Original Message - From: "Jason Bassett" <[EMAIL PROTECTED]> To: Sent: Saturday, January 07, 2006 10:31 AM Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Hello again My Squid version is: Squid Cache: Version 2.5.STABLE10 I added header_access deny X-Forwarded-for to the bottom of my squid.conf but now i get this error: 2006/01/06 21:27:48| squid.conf line 3466: header_access deny X-Forwarded-for 2006/01/06 21:27:48| aclParseAccessLine: expecting 'allow' or 'deny', got 'X-Forwarded-for'. I have tried accessing the bbc articles through from home via my own squid which is running the same distro (mandriva 2006) and squid version(see above). I have the same problem at home. Jason From: Mark Elsen <[EMAIL PROTECTED]> To: Jason Bassett <[EMAIL PROTECTED]> CC: squid-users@squid-cache.org Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Fri, 6 Jan 2006 18:00:28 +0100 > > We are running squid version 2.5. Please include the complete SQUID version string , which can be obtainted with : % squid -v >I now understand that there is a version 3? > No there isn´t. > We are in England. > > When we search at www.bbc.co.uk/news (for example for 'genocide' - > thats the > topic the children are working on), we recieve a list of results, > we click > "All News Audio Video results >>" and get a more defined list of > results > with media clips. > > Clicking many of these links results in a greyish BBC page stating "We're > sorry. The content you requested is available for UK users only.". > We are > in the UK to this page should appear. > Try this in squid.conf : header_access deny X-Forwarded-for M.
Re: [squid-users] Squid is blocking access to some BBC news sites
> Hello again > > My Squid version is: > Squid Cache: Version 2.5.STABLE10 > > I added header_access deny X-Forwarded-for > to the bottom of my squid.conf but now i get this error: > > 2006/01/06 21:27:48| squid.conf line 3466: header_access deny > X-Forwarded-for > 2006/01/06 21:27:48| aclParseAccessLine: expecting 'allow' or 'deny', got > 'X-Forwarded-for'. Well, I just looked it up in squid.conf; and the 2 items need to be mirrored in the header_access directive. Try : header_access X-Forwarded-for deny > > I have tried accessing the bbc articles through from home via my own squid > which is running the same distro (mandriva 2006) and squid version(see > above). I have the same problem at home. > > M.
[squid-users] squid 3 build failure
squid-3.0-PRE3-20060106 does not want to build for me. This is on a centos-3 system. Any suggestions? Could I be missing some package? ./configure --prefix=/usr/local/squid time make | tee /tmp/buildlog if g++ -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/usr/local/squid/etc/squid.conf\" -I. -I. -I../include -I. -I. -I../include -I../include -I../lib/libTrie/include -I../lib/cppunit-1.10.0/include -I ../lib/cppunit-1.10.0/include -Werror -Wall -Wpointer-arith -Wwrite-strings -Wcomments -g -O2 -MT ACLUserData.o -MD -MP -MF "$depbase.Tpo" -c -o ACLUserData.o ACLUserData.cc; \ then mv -f "$depbase.Tpo" "$depbase.Po"; else rm -f "$depbase.Tpo"; exit 1; fi depbase=`echo asn.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`; \ if g++ -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\"/usr/local/squid/etc/squid.conf\" -I. -I. -I../include -I. -I. -I../include -I../include -I../lib/libTrie/include -I../lib/cppunit-1.10.0/include -I ../lib/cppunit-1.10.0/include -Werror -Wall -Wpointer-arith -Wwrite-strings -Wcomments -g -O2 -MT asn.o -MD -MP -MF "$depbase.Tpo" -c -o asn.o asn.cc; \ then mv -f "$depbase.Tpo" "$depbase.Po"; else rm -f "$depbase.Tpo"; exit 1; fi asn.cc:47:21: forward.h: No such file or directory asn.cc: In function `void asnCacheStart(int)': asn.cc:244: no method `FwdState::fwdStart' make[3]: *** [asn.o] Error 1 make[3]: Leaving directory `/usr/local/src/squid-3.0-PRE3-20060106/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/usr/local/src/squid-3.0-PRE3-20060106/src' make[1]: *** [all] Error 2 make[1]: Leaving directory `/usr/local/src/squid-3.0-PRE3-20060106/src' make: *** [all-recursive] Error 1 -- Some days it's just not worth chewing through the restraints... Mark D. Foster, CISSP <[EMAIL PROTECTED]> http://mark.foster.cc/
Re: [squid-users] Squid is blocking access to some BBC news sites
Hi folks Its sorted now, D& E Radels solution worked. Mark im afraid your solution still caused me a similar error. Can anyone explain what "header_access X-Forwarded-For deny all" line actually does? Thanks for all your help Jason From: "D & E Radel" <[EMAIL PROTECTED]> To: "Jason Bassett" <[EMAIL PROTECTED]>, Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Sat, 7 Jan 2006 10:40:38 +1300 Try: header_access X-Forwarded-For deny all Deny should come afterwards. D.Radel. - Original Message - From: "Jason Bassett" <[EMAIL PROTECTED]> To: Sent: Saturday, January 07, 2006 10:31 AM Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Hello again My Squid version is: Squid Cache: Version 2.5.STABLE10 I added header_access deny X-Forwarded-for to the bottom of my squid.conf but now i get this error: 2006/01/06 21:27:48| squid.conf line 3466: header_access deny X-Forwarded-for 2006/01/06 21:27:48| aclParseAccessLine: expecting 'allow' or 'deny', got 'X-Forwarded-for'. I have tried accessing the bbc articles through from home via my own squid which is running the same distro (mandriva 2006) and squid version(see above). I have the same problem at home. Jason From: Mark Elsen <[EMAIL PROTECTED]> To: Jason Bassett <[EMAIL PROTECTED]> CC: squid-users@squid-cache.org Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Fri, 6 Jan 2006 18:00:28 +0100 > > We are running squid version 2.5. Please include the complete SQUID version string , which can be obtainted with : % squid -v >I now understand that there is a version 3? > No there isn´t. > We are in England. > > When we search at www.bbc.co.uk/news (for example for 'genocide' - > thats the > topic the children are working on), we recieve a list of results, > we click > "All News Audio Video results >>" and get a more defined list of > results > with media clips. > > Clicking many of these links results in a greyish BBC page stating "We're > sorry. The content you requested is available for UK users only.". > We are > in the UK to this page should appear. > Try this in squid.conf : header_access deny X-Forwarded-for M.
Re: [squid-users] Squid is blocking access to some BBC news sites
> Hi folks > > Its sorted now, D& E Radels solution worked. Mark im afraid your solution > still caused me a similar error. > > Can anyone explain what "header_access X-Forwarded-For deny all" line > actually does? > > Checkout squid.conf.default, lookup the directive and read all the comments. M.
Re: [squid-users] Squid is blocking access to some BBC news sites
That's not a squid problem. It's your problem with the BBC website. What is the IP of the squid server? Do a search for what is my ip on Google using your squid, find out your squid's IP address, and find out where the IP address is located. Where is the squid server? If it is in the UK, complain to BBC. If it's not in the UK, then get a squid server that is in the UK, or get a peer in the UK that is used to connect to the BBC. Chris -Original Message- From: Jason Bassett [mailto:[EMAIL PROTECTED] Sent: Fri Jan 06 03:44:18 2006 To: squid-users@squid-cache.org Subject:Re: [squid-users] Squid is blocking access to some BBC news sites Good morning We are running squid version 2.5. I now understand that there is a version 3? We are in England. When we search at www.bbc.co.uk/news (for example for 'genocide' - thats the topic the children are working on), we recieve a list of results, we click "All News Audio Video results >>" and get a more defined list of results with media clips. Clicking many of these links results in a greyish BBC page stating "We're sorry. The content you requested is available for UK users only.". We are in the UK to this page should appear. This only occurs when going through the Squid proxy. Jason >From: Mark Elsen <[EMAIL PROTECTED]> >To: Jason Bassett <[EMAIL PROTECTED]> >CC: squid-users@squid-cache.org, [EMAIL PROTECTED] >Subject: Re: [squid-users] Squid is blocking access to some BBC news sites >Date: Thu, 5 Jan 2006 16:57:12 +0100 > > > Hello everyone > > > > I am using SQUID in a school with SQUIDGUARD. It has been brought to my > > attention that various news articles at www.bbc.co.uk/news do not open > > properly. > > What happens, then, more exact. > Error in browser . > > What is in squid´s access.log for these requests ? > Anything else in cache.log ? > > >This only occurs when going through the SQUID proxy. I have > > disabled SQUIDGUARD to ensure this was not the problem, it is definitely >a > > SQUID issue. > > SQUID version ? > > > > > > When we search at www.bbc.co.uk/news (for example for 'genocide' - thats >the > > topic the children are working on), we recieve a list of results, we >click > > "All News Audio Video results >>" and get a more defined list of results > > with media clips. > > > > Clicking many of these links results in a greyish BBC page stating >"We're > > sorry. The content you requested is available for UK users only.". We >are > > in the UK to this page should appear. > >In which country are you living ? > >M. !DSPAM:1,43be2de3113002018290492!
Re: [squid-users] Squid is blocking access to some BBC news sites
Hi folks Its sorted now, D& E Radels solution worked. Mark im afraid your solution still caused me a similar error. Same solution, just a syntax error. "deny all" was in the wrong place (and I am not sure whether the lowercase F in "for" affects anything - Are Squid ACLs case sensitive?). Mark had the actual solution though. Can anyone explain what "header_access X-Forwarded-For deny all" line actually does? I think it simply stops Squid from passing your local private IP address through to the webserver. Instead it passes the external IP address of your network (or the Squid box itself's IP perhaps)? Thanks for all your help We're all here to give and receive help. I monitor this group mainly to learn more about squid. :-) D.Radel.
RE: [squid-users] amazon.com problems
I'm having the same problem. It seems to help a little to check Use HTTP 1.1 through proxy connections in MSIE. Not sure why. Isn't squid HTTP 1.0 only? -- Ray Eads Internet Administration Specialist Sno-Isle Libraries -Original Message- From: David Maina <[EMAIL PROTECTED]> Date: Fri, 9 Dec 2005 08:20:13 +0300 (EAT) [EMAIL PROTECTED] said: > YES! > > I'm running squid and squidguard. I love both programs, but for some > reason, my users stopped being able to get amazon.com. > > I've checked my logs - there's nothing in access.log or cache.log > other than amazon.com urls. > > I thought it was one of those problems that would be unique to my > setup and computer and undebuggable. I'm so glad you asked it! Same here,,but i think it's amazon.com site wich has problem(s),maybe their webserver has developed bugs!.There is no way we could be having the same problem at one go and we are not even using the same proxy(ies). FYI with no proxy on the site works fine!! > Anybody have a clue? I can dig up the relevant portion of the log > files if need be. > > Are you running squidGuard also or just squid or any other redirector? > > Thanks. Yosi > > >> -Original Message- From: Dan Kern >> [mailto:[EMAIL PROTECTED] Sent: Thursday, December 08, 2005 >> 1:55 PM To: squid-users@squid-cache.org Subject: [squid-users] >> amazon.com problems >> >> >> Hello everyone >> >> Is anyone else running Squid having any problems connecting to >> amazon.com? It's worked in the past, but suddenly all we can bring up >> is the page header and the top graphics on the page, and the rest of >> the page never comes up. It just sits there and times out. I've >> tested this on two separate Squid servers with the same result. >> However, using a socks or ISA proxy server there is no such problem. >> No problems with any other webites (found so far). >> >> Any similar experiences or insight would be appreciated. Thanks! >> >> __ Do You Yahoo!? >> Tired of spam? Yahoo! Mail has the best spam protection around >> http://mail.yahoo.com >> >
Re: [squid-users] Squid is blocking access to some BBC news sites
Hiya The ip of the squid server is 10.146.24.23. an internal address. My ip as found though google shows as 80.193.20.30 because that is my external router. My router, my squid server and my entire network are located in England. Jason From: "Covington, Chris" <[EMAIL PROTECTED]> To: "Jason Bassett" <[EMAIL PROTECTED]>, Subject: Re: [squid-users] Squid is blocking access to some BBC news sites Date: Fri, 6 Jan 2006 17:24:02 -0500 That's not a squid problem. It's your problem with the BBC website. What is the IP of the squid server? Do a search for what is my ip on Google using your squid, find out your squid's IP address, and find out where the IP address is located. Where is the squid server? If it is in the UK, complain to BBC. If it's not in the UK, then get a squid server that is in the UK, or get a peer in the UK that is used to connect to the BBC. Chris -Original Message- From: Jason Bassett [mailto:[EMAIL PROTECTED] Sent: Fri Jan 06 03:44:18 2006 To: squid-users@squid-cache.org Subject:Re: [squid-users] Squid is blocking access to some BBC news sites Good morning We are running squid version 2.5. I now understand that there is a version 3? We are in England. When we search at www.bbc.co.uk/news (for example for 'genocide' - thats the topic the children are working on), we recieve a list of results, we click "All News Audio Video results >>" and get a more defined list of results with media clips. Clicking many of these links results in a greyish BBC page stating "We're sorry. The content you requested is available for UK users only.". We are in the UK to this page should appear. This only occurs when going through the Squid proxy. Jason >From: Mark Elsen <[EMAIL PROTECTED]> >To: Jason Bassett <[EMAIL PROTECTED]> >CC: squid-users@squid-cache.org, [EMAIL PROTECTED] >Subject: Re: [squid-users] Squid is blocking access to some BBC news sites >Date: Thu, 5 Jan 2006 16:57:12 +0100 > > > Hello everyone > > > > I am using SQUID in a school with SQUIDGUARD. It has been brought to my > > attention that various news articles at www.bbc.co.uk/news do not open > > properly. > > What happens, then, more exact. > Error in browser . > > What is in squid´s access.log for these requests ? > Anything else in cache.log ? > > >This only occurs when going through the SQUID proxy. I have > > disabled SQUIDGUARD to ensure this was not the problem, it is definitely >a > > SQUID issue. > > SQUID version ? > > > > > > When we search at www.bbc.co.uk/news (for example for 'genocide' - thats >the > > topic the children are working on), we recieve a list of results, we >click > > "All News Audio Video results >>" and get a more defined list of results > > with media clips. > > > > Clicking many of these links results in a greyish BBC page stating >"We're > > sorry. The content you requested is available for UK users only.". We >are > > in the UK to this page should appear. > >In which country are you living ? > >M. !DSPAM:1,43be2de3113002018290492!
[squid-users] wrong diskspace count and assertion failed: diskd/store_dir_diskd.c:1930: "buf"
squid crashes periodically the server did not crashed or was shutdown, this happens after a certain time Jan 7 03:17:33 wco-alm squid[52151]: WARNING: Disk space over limit: 19205596 KB > 14336000 KB Jan 7 03:17:40 wco-alm kernel: pid 52151 (squid), uid 1004: exited on signal 6 Jan 7 03:17:40 wco-alm squid[52151]: assertion failed: diskd/store_dir_diskd.c:1930: "buf" Jan 7 03:17:51 wco-alm squid[68896]: WARNING: Closing open FD2 Jan 7 03:17:51 wco-alm squid[68896]: Starting Squid Cache version 2.5.STABLE12 and squid goes counting: Jan 7 03:19:00 wco-alm squid[68896]: WARNING: Disk space over limit: 22004956 KB > 14336000 KB but it is wrong: /dev/da0s1f9.7G3.1G5.8G35%/c/c1 /dev/da0s1g9.7G3.1G5.9G34%/c/c2 cache_dir diskd /c/c1 7000 64 64 Q1=128 Q2=96 cache_dir diskd /c/c2 7000 64 64 Q1=128 Q2=96 H A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br
Re: [squid-users] wrong diskspace count and assertion failed: diskd/store_dir_diskd.c:1930: "buf"
> squid crashes periodically > the server did not crashed or was shutdown, this happens after a certain time > > Jan 7 03:17:33 wco-alm squid[52151]: WARNING: Disk space over limit: 19205596 > KB > 14336000 KB > Jan 7 03:17:40 wco-alm kernel: pid 52151 (squid), uid 1004: exited on signal > 6 > Jan 7 03:17:40 wco-alm squid[52151]: assertion failed: > diskd/store_dir_diskd.c:1930: "buf" > Jan 7 03:17:51 wco-alm squid[68896]: WARNING: Closing open FD2 > Jan 7 03:17:51 wco-alm squid[68896]: Starting Squid Cache version > 2.5.STABLE12 > > and squid goes counting: > > Jan 7 03:19:00 wco-alm squid[68896]: WARNING: Disk space over limit: 22004956 > KB > 14336000 KB > > but it is wrong: > > /dev/da0s1f9.7G3.1G5.8G35%/c/c1 > /dev/da0s1g9.7G3.1G5.9G34%/c/c2 > > cache_dir diskd /c/c1 7000 64 64 Q1=128 Q2=96 > cache_dir diskd /c/c2 7000 64 64 Q1=128 Q2=96 > > Upgrade to the latest STABLE release , and verify this issue again. M.
