RE: [squid-users] Squid 2.6.STABLE1 invalid request
All is working now. Thanks a lot ! If I want to use TPROXY how can I enable this ? Any docs / help ! TPROXY totally transparent proxy support under Linux, which to allow Squid to appear totally invisible to both client and server systems when transparently caching requests. This works by spoofing the source and destination address to both the client and server. -Original Message- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: 08 July 2006 13:56 To: abdock Cc: squid-users@squid-cache.org Subject: RE: [squid-users] Squid 2.6.STABLE1 invalid request lör 2006-07-08 klockan 09:40 +0300 skrev abdock: > Is this how I apply this patch ? > > > cd squid-2.6.STABLE1 > patch -p1 <../squid-2.6.STABLE1-spaces.patch > make clean > make install Looks fine, except that I don't know where you got that patch name... the changesets are all named ##.patch, and the transparent proxy fix is 10801.patch Regards Henrik
Re: [squid-users] Squid/SquidGuard: info of user and category
On Fri, Jul 07, 2006 at 09:13:42AM +0200, Peter Albrecht wrote: > Hello Karsten, > > On Friday 07 July 2006 00:20, Karsten Rothemund wrote: > > I don't know, if this is the correct forum for my question. Sorry, if > > not. > This is definitely the correct forum. :-) > Good to hear. [...] > > I assume all users are logging into your laptop with different user names, > correct? Then the easiest way would be to use user identification as provided Yes. Hopefully ;-) > by an ident daemon (RFC 931). For Linux, this could be pidentd, I am sure > there is something similar for FreeBSD available. > It is. And I installed and activated it. > From http://www.squidguard.org/config/: [.. example of config ..] exactly what I did. > > I assume you have a definition for "blacklists" containing the info about your > blacklists. I started with the lists provided by the FreeBSD-port (so out-of-the-box) > To get this working, you need to activate the ident lookup method in Squid. > Search for ident_lookup_access in squid.conf. I haven't tried this together > with SquidGuard but that should be no big deal. > I still do not get any info about the requesting user. The field is empty (checked with the cgi-script mentioned in my previous mail). It looks like this gets lost between squid and squidguard. Stil a little lost. Karsten -- Karsten Rothemund <[EMAIL PROTECTED]> /"\ PGP-Key: 0x7019CAA5 \ / Fingerprint: E752 C759 B9B2 2057 E42F \ ASCII Ribbon Campaign 50EE 47AC A7CE 7019 CAA5 / \ Against HTML Mail and News pgpj2OKUnsoi2.pgp Description: PGP signature
Re: [squid-users] squid 2.6 + transparent + ipfw
lör 2006-07-08 klockan 20:36 +0400 skrev Andrew Pantyukhin: > ipfw manpage says that the forward action "does not change > the contents of the packet at all". clientNatLookup() seems to > restore real destination address and port as most firewalls > change them. ipfirewall only changes L2 dest addr when > forwarding to remote host and only sends packet verbatim to > a designated socket when forwarding to local host. Ok. Can you please file a bug report with the relevant notes so we can have this fixed for the 2.6.STABLE2 release? http://www.squid-cache.org/bugs/ Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
[squid-users] Re: httpd_accel in Squid 2.6.STABLE1 problem
I am having trouble with squid config in 2.6 stable1.They have taken out httpd_accel_port and httpd_accel_host and replaced them with defaultsite http_port and cache_peer originserver options. When I put in the name of my server defaultsite http_port and the port that I am using under the cache_peer option squid returns an error saying that it doesn't understand the host name or port. I had to go back to another version of squid. Does anyone have a squid config http accelrater example for 2.6?
Re: [squid-users] squid 2.6 + transparent + ipfw
On 7/10/06, Henrik Nordstrom <[EMAIL PROTECTED]> wrote: lör 2006-07-08 klockan 20:36 +0400 skrev Andrew Pantyukhin: > ipfw manpage says that the forward action "does not change > the contents of the packet at all". clientNatLookup() seems to > restore real destination address and port as most firewalls > change them. ipfirewall only changes L2 dest addr when > forwarding to remote host and only sends packet verbatim to > a designated socket when forwarding to local host. Ok. Can you please file a bug report with the relevant notes so we can have this fixed for the 2.6.STABLE2 release? Sure, here you go: http://www.squid-cache.org/bugs/show_bug.cgi?id=1671 I hope I did it right, this was the first one for me. Thanks!
RE: [squid-users] Re: httpd_accel in Squid 2.6.STABLE1 problem
Hi, This is my config on 2.6 for transparent proxy http_port 3128 transparent defaultsite=virtual vhost vport Ciao, Nathaniel -Original Message- From: news [mailto:[EMAIL PROTECTED] On Behalf Of peter S Sent: Monday, July 10, 2006 5:12 AM To: squid-users@squid-cache.org Subject: [squid-users] Re: httpd_accel in Squid 2.6.STABLE1 problem I am having trouble with squid config in 2.6 stable1.They have taken out httpd_accel_port and httpd_accel_host and replaced them with defaultsite http_port and cache_peer originserver options. When I put in the name of my server defaultsite http_port and the port that I am using under the cache_peer option squid returns an error saying that it doesn't understand the host name or port. I had to go back to another version of squid. Does anyone have a squid config http accelrater example for 2.6? -- All messages that are coming from this domain is certified to be virus and spam free. If ever you have received any virus infected content or spam, please report it to the internet administrator of this domain [EMAIL PROTECTED] -- All messages that are coming from this domain is certified to be virus and spam free. If ever you have received any virus infected content or spam, please report it to the internet administrator of this domain [EMAIL PROTECTED]
RE: [squid-users] HowDo I: Get Date stamp on the access.log
HI, If you don't mind, can I get the entire rotation script? I want to rotate my access weekly, and I also need the time to be converted as well. How do I put it in script and crontab ? Thank you. --- Geoff Varney <[EMAIL PROTECTED]> wrote: > John, > I was there a while ago so searched around the Web > and came up with a > tool to help do this. I use this in a logrotation > script that runs each > night just before midnight so I have daily logs of > access. I also use a > script within this to convert IPs to host names so I > know from what > computer the access is. Here's what mine does: > > Rotate access.log > > Move the rotated log file to a log storage area and > rename it to include > date > > Convert IPs in log file to host names > > Convert Unix time stamps in log file to normal date > and time (My script > retains the original log file AND creates a new one > with host names and > date/time) > > Here is what is used to do the conversions: > > IP -> Host Name: > > perl /ip2name.pl -I rotated>/access.log > to>/.log > > Unix time conversion: > > cat /rotated_access.log | perl to>/conv_date > to>/output_file.log > > In my setup the output file of the first is then the > input file of the > 2nd... > > I don't think you can attach files here so I've > pm'ed you and attached > the ip2name.pl and conv_date files in case they > aren't readily found, I > forget where I found them, but I think they're > around. > > Here is the code of conv_date: > > #! /usr/bin/perl -p > s/^\d+\.\d+/localtime $&/e; > > If you're interested in my entire rotation script, I > can provide that > also. I'm no Linux wizard, still a beginner, but > figured this stuff out > (somewhat) and it's working for me. > > There may be some things you need to install for > these to work, not sure > what I did. You will also need to modify some > things in ip2name (you'll > see some of my info in there, maybe referring to > "ridge" which is part > of my domain name). conv_date (which is what you're > after anyway) is > good to go the way it is. You can just pull out the > cat. piece > above and get what you want right away. > > Hope this helps, and not more than you wanted!! > > Geoff > > -Original Message- > From: John Walubengo [mailto:[EMAIL PROTECTED] > Sent: Friday, July 07, 2006 1:39 AM > To: Guido Serassio; Laurent Marc 00 > Cc: squid-users@squid-cache.org > Subject: Re: [squid-users] HowDo I: Get Date stamp > on the access.log > > Below is my sample access.log data: > > 1152258629.089 23364 172.16.32.80 TCP_MISS/200 4625 > GET > http://www.pcreview.co.uk/template/vbulletin.css > student > DIRECT/70.86.33.18 text/css > > 1152258629.261 2792 172.16.32.80 TCP_MISS/200 2570 > GET > http://www.htmlgoodies.com/css/starlight/star-light.css > student DIRECT/63.236.73.67 text/css > > > It is basically the default log; how can i get it to > show > the date:time stamp so that I get to know WHEN the > users > accessed these sites? > > walu. > > > __ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam > protection around > http://mail.yahoo.com > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: [squid-users] Re: httpd_accel in Squid 2.6.STABLE1 problem
peter S wrote: I am having trouble with squid config in 2.6 stable1.They have taken out httpd_accel_port and httpd_accel_host and replaced them with defaultsite http_port and cache_peer originserver options. When I put in the name of my server defaultsite http_port and the port that I am using under the cache_peer option squid returns an error saying that it doesn't understand the host name or port. I had to go back to another version of squid. Does anyone have a squid config http accelrater example for 2.6? Hello Peter, http accelrater for 2.6 can be done by the following modification in squid.conf http_port 80 vhost cache_peer virtual parent 80 0 noquery originserver (or) cahce_peer [backend server IP] parent 80 0 noquery originserver http_access allow all Thanks, Visolve Squid Team, http://squid.visolve.com
[squid-users] error compile squid2.6.stable1
Hi, I just configure squid.2.6.stable1, (fedora4 & kernel 2.6.15.7 with cttproxy patch) & get the following error : tools.c:40:28: error: sys/capability.h: No such file or directory tools.c: In function âleave_suidâ: tools.c:636: error: âcap_user_header_tâ undeclared (first use in this function) tools.c:636: error: (Each undeclared identifier is reported only once tools.c:636: error: for each function it appears in.) tools.c:636: error: syntax error before âheadâ tools.c:637: error: âcap_user_data_tâ undeclared (first use in this function) tools.c:639: error: âheadâ undeclared (first use in this function) tools.c:639: error: â_LINUX_CAPABILITY_VERSIONâ undeclared (first use in this function) tools.c:641: error: âcapâ undeclared (first use in this function) tools.c:641: error: âCAP_NET_ADMINâ undeclared (first use in this function) tools.c:641: error: âCAP_NET_BIND_SERVICEâ undeclared (first use in this function) tools.c:641: error: âCAP_NET_BROADCASTâ undeclared (first use in this function) tools.c:642: warning: implicit declaration of function âcapsetâ solved after copy capability.h from /usr/include/linux/ to /usr/include/sys/ regards, Tino
[squid-users] Is this really working as shown
first _peer PINGS ACKED:0 0% FETCHES: 137 0% IGNORED:0 0% Histogram of PINGS ACKED: keep-alive ratio: 76% = second _peer PINGS ACKED:0 0% FETCHES: 137 0% IGNORED:0 0% Histogram of PINGS ACKED: keep-alive ratio: 86% === third _peer PINGS SENT :0 PINGS ACKED:0 0% FETCHES: 138 0% IGNORED:0 0% Histogram of PINGS ACKED: keep-alive ratio: 89% === Is this information from cachemgr relaiable That it is distrebuting load as much equal __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: [squid-users] HowDo I: Get Date stamp on the access.log
Thanx Geoff. U have given me exactly what I needed; a step by step solution aka the 'dummy's version' ;-). thanx alot. walu. --- Geoff Varney <[EMAIL PROTECTED]> wrote: > John, > Here are the files if you're interested. > > Geoff > > -Original Message- > From: John Walubengo [mailto:[EMAIL PROTECTED] > Sent: Friday, July 07, 2006 1:39 AM > To: Guido Serassio; Laurent Marc 00 > Cc: squid-users@squid-cache.org > Subject: Re: [squid-users] HowDo I: Get Date stamp on the > access.log > > Below is my sample access.log data: > > 1152258629.089 23364 172.16.32.80 TCP_MISS/200 4625 GET > http://www.pcreview.co.uk/template/vbulletin.css student > DIRECT/70.86.33.18 text/css > > 1152258629.261 2792 172.16.32.80 TCP_MISS/200 2570 GET > http://www.htmlgoodies.com/css/starlight/star-light.css > student DIRECT/63.236.73.67 text/css > > > It is basically the default log; how can i get it to show > the date:time stamp so that I get to know WHEN the users > accessed these sites? > > walu. > > > __ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection > around > http://mail.yahoo.com > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com