Re: [squid-users] How to rotate logs in Squid
Hi, On Wednesday 19 July 2006 17:46, Mehmet, Levent (Accenture) wrote: Hi We have just installed Squid and I would like to know how rotate the logs files. Please can some explain on how this can be done automatically without admin interference. We are running Squid Suse 10.1 On SUSE Linux, you do not need to configure a cron job executing squid -k. Log file rotation is done automatically using logrotate. The configuration file for the Squid logfiles is /etc/logrotate.d/squid. It contains information when and how to rotate the following files: * /var/log/squid/cache.log * /var/log/squid/access.log * /var/log/squid/store.log By default, they are rotated depending on their size. If you have configured any other log files (or modified the names), just include them here. A description of the syntax is available in the man page of logrotate. logrotate is run via a cron job daily (have a look at /etc/cron.daily/logrotate) Regards, Peter -- Peter Albrecht, Novell Training Services, [EMAIL PROTECTED]
Re: [squid-users] Delay Pools
Original Message Hi I am running Squid as a transparent Proxy and it all seems to work Ok. I am now trying to limit the bandwidth usage of certain users and I am using the example in 19.8 to limit a single user to 128 Kbps. Is there a option on the debug_options that I can enable so that I can see if it is actually working. Or is there another way to test. Thanks for the help cachemgr - Delay Pool Levels signature.asc Description: OpenPGP digital signature
RE: [squid-users] How to rotate logs in Squid
Thanks Peter I have looked in the etc/logrotate.d/ but I have no squid any ideas ? -Original Message- From: Peter Albrecht [mailto:[EMAIL PROTECTED] Sent: 20 July 2006 07:41 To: squid-users@squid-cache.org Subject: Re: [squid-users] How to rotate logs in Squid Hi, On Wednesday 19 July 2006 17:46, Mehmet, Levent (Accenture) wrote: Hi We have just installed Squid and I would like to know how rotate the logs files. Please can some explain on how this can be done automatically without admin interference. We are running Squid Suse 10.1 On SUSE Linux, you do not need to configure a cron job executing squid -k. Log file rotation is done automatically using logrotate. The configuration file for the Squid logfiles is /etc/logrotate.d/squid. It contains information when and how to rotate the following files: * /var/log/squid/cache.log * /var/log/squid/access.log * /var/log/squid/store.log By default, they are rotated depending on their size. If you have configured any other log files (or modified the names), just include them here. A description of the syntax is available in the man page of logrotate. logrotate is run via a cron job daily (have a look at /etc/cron.daily/logrotate) Regards, Peter -- Peter Albrecht, Novell Training Services, [EMAIL PROTECTED] PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk This email and any files transmitted with it are confidential. If you are not the intended recipient, any reading, printing, storage, disclosure, copying or any other action taken in respect of this email is prohibited and may be unlawful. If you are not the intended recipient, please notify the sender immediately by using the reply function and then permanently delete what you have received.Incoming and outgoing email messages are routinely monitored for compliance with the Department of Healths policy on the use of electronic communications. For more information on the Department of Healths email policy, click http;//www.doh.gov.uk/emaildisclaimer.htm The original of this email was scanned for viruses by Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. On leaving the GSI this email was certified virus free. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk
Re: [squid-users] How to rotate logs in Squid
Hi Mehmet, On Thursday 20 July 2006 10:01, Mehmet, Levent (Accenture) wrote: Thanks Peter I have looked in the etc/logrotate.d/ but I have no squid any ideas ? The file will only be installed if you install the Squid package: merkur2:~ # rpm -qf /etc/logrotate.d/squid squid-2.5.STABLE12-18.2 Well, this is from SLES 10 which is based on SUSE Linux 10.1. I don't have a SUSE Linux 10.1 around but it should be the same package. So please install this package from your installation media and even if you decide to use your own Squid (self-compiled), you can use the configuration file for logrotate. If I can be of any additional help, please let me know. Regards, Peter -- Peter Albrecht, Novell Training Services, [EMAIL PROTECTED]
RE: [squid-users] How to rotate logs in Squid
Hi Peter Thanks Yes you are correct we installed our own self - compiled squid which is why I don't see the files. I shall install this package. Do you think there would be any confiction with the live squid running if I perform this task Thanks once again -Original Message- From: Peter Albrecht [mailto:[EMAIL PROTECTED] Sent: 20 July 2006 09:11 To: squid-users@squid-cache.org Subject: Re: [squid-users] How to rotate logs in Squid Hi Mehmet, On Thursday 20 July 2006 10:01, Mehmet, Levent (Accenture) wrote: Thanks Peter I have looked in the etc/logrotate.d/ but I have no squid any ideas ? The file will only be installed if you install the Squid package: merkur2:~ # rpm -qf /etc/logrotate.d/squid squid-2.5.STABLE12-18.2 Well, this is from SLES 10 which is based on SUSE Linux 10.1. I don't have a SUSE Linux 10.1 around but it should be the same package. So please install this package from your installation media and even if you decide to use your own Squid (self-compiled), you can use the configuration file for logrotate. If I can be of any additional help, please let me know. Regards, Peter -- Peter Albrecht, Novell Training Services, [EMAIL PROTECTED] PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk This email and any files transmitted with it are confidential. If you are not the intended recipient, any reading, printing, storage, disclosure, copying or any other action taken in respect of this email is prohibited and may be unlawful. If you are not the intended recipient, please notify the sender immediately by using the reply function and then permanently delete what you have received.Incoming and outgoing email messages are routinely monitored for compliance with the Department of Healths policy on the use of electronic communications. For more information on the Department of Healths email policy, click http;//www.doh.gov.uk/emaildisclaimer.htm The original of this email was scanned for viruses by Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. On leaving the GSI this email was certified virus free. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk
Re: [squid-users] Howto NOT log URLs in access.log
Michael Ellis wrote: Hi, I was wondering if anyone knows of a way to configure squid so that it does not write the URL to access.log. All I want to know is who was browsing the web from which computer and when (date, client ip, and authname). This is to comply with personal privacy and information policies and laws. Hello Mike Ellis, In squid-2.6, you can customize the access log format by using logformat directive in squid.conf file. logformat squid %ts.%03tu %6tr %a %Ss/%03Hs %st %rm %ru %un %Sh/%A %mt %ru is Request URL. If remove the format code (%ru) from the logformat direcive, the requested URL will not write into access.log. -- Thanks, Visolve Squid Team, http://squid.visolve.com
Re: [squid-users] How to rotate logs in Squid
Hi Mehmet, On Thursday 20 July 2006 10:25, Mehmet, Levent (Accenture) wrote: Hi Peter Thanks Yes you are correct we installed our own self - compiled squid which is why I don't see the files. I shall install this package. Do you think there would be any confiction with the live squid running if I perform this task It depends on where you installed your Squid files. There are two options to get /etc/logrotate.d/squid on your system: 1) You stay with your self-compiled Squid. Then I recommend installing the Squid package on another machine and copying /etc/logrotate.d/squid to your real server. logrotate will detect the squid file and will rotate the log files automatically, so no other action is required. If you want/need to install the package on your real server, please check first if it would overwrite some of your own files. To get the list of files in the rpm package, do rpm -qpl /path/to/the/squidpackage But there are more than 1000 files in the package ... 2) Save your squid.conf and install the package from the installation media. (Maybe remove all your self-installed squid files first to get a clean system.) Then copy your configuration to /etc/squid/squid.conf and start your Squid. Using Squid from the installation media also has the advantage that you can use the start script /etc/init.d/squid. So you don't need to modify anthing besides the configuration. And using rpm packages allows easily for removing/updating packages with all dependencies and all files. Do you have a special need why you can't use the Squid package provided on the DVD/CD? Normally it should be fine using this package. Regards, Peter -- Peter Albrecht, Novell Training Services, [EMAIL PROTECTED]
RE: [squid-users] How to rotate logs in Squid
Merhaba Mehmet, Have you ever tried to run Crontab with squid -k rotate option? Best regards, Ilker G. -Original Message- From: Mehmet, Levent (Accenture) [mailto:[EMAIL PROTECTED] Sent: Thursday, July 20, 2006 11:01 AM To: Peter Albrecht; squid-users@squid-cache.org Subject: RE: [squid-users] How to rotate logs in Squid Thanks Peter I have looked in the etc/logrotate.d/ but I have no squid any ideas ? -Original Message- From: Peter Albrecht [mailto:[EMAIL PROTECTED] Sent: 20 July 2006 07:41 To: squid-users@squid-cache.org Subject: Re: [squid-users] How to rotate logs in Squid Hi, On Wednesday 19 July 2006 17:46, Mehmet, Levent (Accenture) wrote: Hi We have just installed Squid and I would like to know how rotate the logs files. Please can some explain on how this can be done automatically without admin interference. We are running Squid Suse 10.1 On SUSE Linux, you do not need to configure a cron job executing squid -k. Log file rotation is done automatically using logrotate. The configuration file for the Squid logfiles is /etc/logrotate.d/squid. It contains information when and how to rotate the following files: * /var/log/squid/cache.log * /var/log/squid/access.log * /var/log/squid/store.log By default, they are rotated depending on their size. If you have configured any other log files (or modified the names), just include them here. A description of the syntax is available in the man page of logrotate. logrotate is run via a cron job daily (have a look at /etc/cron.daily/logrotate) Regards, Peter -- Peter Albrecht, Novell Training Services, [EMAIL PROTECTED] PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk This email and any files transmitted with it are confidential. If you are not the intended recipient, any reading, printing, storage, disclosure, copying or any other action taken in respect of this email is prohibited and may be unlawful. If you are not the intended recipient, please notify the sender immediately by using the reply function and then permanently delete what you have received.Incoming and outgoing email messages are routinely monitored for compliance with the Department of Healths policy on the use of electronic communications. For more information on the Department of Healths email policy, click http;//www.doh.gov.uk/emaildisclaimer.htm The original of this email was scanned for viruses by Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable Wireless in partnership with MessageLabs. On leaving the GSI this email was certified virus free. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk
[squid-users] Squid Slow Downloads problem--large files
Help ! Anyone got ideas ? Best Regards, Adam --邮件原件- -发件人: adam.cheng [mailto:[EMAIL PROTECTED] -发送时间: 2006年7月18日 11:54 -收件人: squid-users@squid-cache.org -主题: [squid-users] Squid Slow Downloads problem--large files - -Hi, squid-user - -In my test , Apache is much more faster than squid when there are about -30Mbps load. - -brief result: - ---large file download testing (10M and 40M) ---Current load: 15Mbps (squid service) ---IOwait: 6% ---test result: (same box, same environment) - Apache: 60~70Mbytes/s - Squid: 700~900Kbytes/s (HIT from squid cache) - -Detail information listed below. - --- -- - --Hi, squid-users: -- --I have met a slow download problem of squid , would anybody like to tell -me what’s --the matter with my squid Or is there any way to resolve this problem ? -- --Squid info: -- --[EMAIL PROTECTED] ~]# squid -v --Squid Cache: Version 2.5.STABLE12 --configure options: --prefix=/usr/local/squid --enable-epoll ---disable-ident-lookups enable-async-io=160 --enable-storeio=ufs,aufs,diskd --enable-snmp enable-cache-digests --enable-useragent-log --enable-referer-log enable-kill-parent-hack --enable--internal-dns -- -- --squid.conf: -- --http_port 80 --icp_port 0 --acl httpmp3 url_regex -i ^http://.*\.mp3$ --no_cache deny httpmp3 --acl httpwmv url_regex -i ^http://.*\.wmv$ --no_cache deny httpwmv --acl httprm url_regex -i ^http://.*\.rm$ --no_cache deny httprm -- cache_mem 1768 MB -- cache_swap_low 70 -- cache_swap_high 80 --maximum_object_size 204800 KB --minimum_object_size 0 KB --maximum_object_size_in_memory 102400 KB -- cache_replacement_policy lru -- memory_replacement_policy lru --cache_dir diskd /data/cache1 28000 16 256 --cache_dir diskd /data/cache2 28000 16 256 --logformat squid_custom_log %ts.%03tu %6tr %a %Ss/%03Hs %st %rm -%ru --%un %Sh/%A %mt %{Referer}h %{User-Agent}h %{Cookie}h --cache_access_log /data/proclog/log/squid/access.log squid_custom_log --cache_log /data/proclog/log/squid/cache.log --cache_store_log none --pid_filename /var/run/squid.pid -- hosts_file /etc/hosts -- diskd_program /usr/local/squid/libexec/diskd -- unlinkd_program /usr/local/squid/libexec/unlinkd -- -- --refresh_pattern -i ^http://player.toodou.com.*2073600 100% -2073600 --ignore-reload --refresh_pattern -i ^http://www.blogcn.com.*1440 50% 1440 --refresh_pattern -i ^http://images.blogcn.com.*1440 50% 1440 --refresh_pattern -i ^http://female.blogcn.com.*1440 50% 1440 --refresh_pattern -i ^http://img.365ren.com.* 720 100% 720 --refresh_pattern -i ^http://cfs1.365ren.com.*720 100% 720 --refresh_pattern -i ^http://cafe-img.365ren.com.*720 100% 720 --refresh_pattern -i ^http://cafe-cfs1.365ren.com.*720 100% 720 --refresh_pattern -i ^http60 0% 60 ignore-reload --collapsed_forwarding on --refresh_stale_hit 0 minute --request_timeout 30 seconds -- persistent_request_timeout 3 seconds -- pconn_timeout 60 seconds --acl all src 0.0.0.0/0.0.0.0 --acl manager proto cache_object --acl localhost src 127.0.0.1/255.255.255.255 --acl to_localhost dst 127.0.0.0/8 --acl SSL_ports port 443 563 --acl Safe_ports port 80 # http --acl Safe_ports port 21 # ftp --acl Safe_ports port 443 563 # https, snews --acl Safe_ports port 70 # gopher --acl Safe_ports port 210 # wais --acl Safe_ports port 1025-65535 # unregistered ports --acl Safe_ports port 280 # http-mgmt --acl Safe_ports port 488 # gss-http --acl Safe_ports port 591 # filemaker --acl Safe_ports port 777 # multiling http --acl CONNECT method CONNECT --acl monitor src 192.168.1.0/255.255.255.0 --http_access allow manager --http_access allow manager monitor --http_access deny manager --acl PURGE method PURGE --http_access allow PURGE localhost --http_access deny purge --acl snmppublic snmp_community public --snmp_access allow snmppublic localhost --http_access deny !Safe_ports --http_access deny CONNECT !SSL_ports --http_access allow all --http_reply_access allow all -- cache_mgr [EMAIL PROTECTED] -- cache_effective_user squid -- cache_effective_group squid --visible_hostname CHN-SH-3-341 --httpd_accel_host virtual --httpd_accel_port 80 --httpd_accel_single_host off --httpd_accel_with_proxy off --httpd_accel_uses_host_header on --dns_testnames original1.chinacache.com original2.chinacache.com -- logfile_rotate 0 -- --cachemgr_passwd test4squid config -- store_avg_object_size 20 KB --client_db off --header_access X-Cache-Lookup deny all --snmp_port 3401 --acl snmppublic snmp_community public -- client_persistent_connections off -- server_persistent_connections off --vary_ignore_expire on --strip_query_terms off --negative_ttl 0 minute --dns_retransmit_interval 10 seconds --store_dir_select_algorithm round-robin --dns_timeout 2 minute --negative_dns_ttl 1 minute
Re: [squid-users] How to rotate logs in Squid
Mehmet, Levent (Accenture) wrote: Hi We have just installed Squid and I would like to know how rotate the logs files. Hello Mehmet, The command squid -k rotate will rotate the log files. -- Thanks, Visolve Squid Team, http://squid.visolve.com
[squid-users] Blocking Searches with squidguard
Is there any way I can configure squidguard 1.2.0 to block searches such as: http://www.google.co.uk/search?q=boobs and http://www.google.co.uk/search?stuff=some+stuffq=boobsmorestuff=more+stuff Where boobs is any one of a selection of forbidden words? -- Brian Gregory. [EMAIL PROTECTED] Computer Room Volunteer. Therapy Centre. Prospect Park Hospital.
Re: [squid-users] Blocking Searches with squidguard
Try this. acl badsearch url_regex /usr/local/squid/etc/badsearch.txt(put all words you want to block in this file) deny_info ERR_ACCESS_DENIED badsearch http_access deny badsearch Regards, Rikunj Brian Gregory wrote: Is there any way I can configure squidguard 1.2.0 to block searches such as: http://www.google.co.uk/search?q=boobs and http://www.google.co.uk/search?stuff=some+stuffq=boobsmorestuff=more+stuff Where boobs is any one of a selection of forbidden words?
[squid-users] Re: sslReadServer: FD 342: read failure: (104) Connection reset by peer
tor 2006-07-20 klockan 01:25 +0530 skrev Sushil Deore: Hi Henrik, I am running a squid-2.5 server with two seperate cache servers. In both the cache server's cache.log file I am getting the entry from yesterday and still on 2006/07/20 01:09:54| sslReadServer: FD 396: read failure: (104) Connection reset by peer This indicates that the contacted server aborted the connection unexpectedly while the client was sending requests to the server. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] 2.6S1 WCCP2 problems
ons 2006-07-19 klockan 15:54 -0400 skrev Bryan Shoebottom: I will give that a shot. Is there any reason why this isn't in the FAQ? Lack of people having time to update the FAQ? Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
[squid-users] squid clamav
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear, I am thinking about using a antivirus next to squid here in the company. It would like tips and suggestions personal it of the list that already it uses, programs and tips of performance. Thanks - -- Márcio Luciano Donada mdonada at auroraalimentos dot com dot br Cooperativa Central Oeste Catarinense - Departamento de T.I. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFEv5nlyJq2hZEymxcRAp55AJ98K7+NpDfRQKsfrKxUrf9ziEY1MQCgzAOF kXxsVKFnABunuXuXueXFVdk= =KKez -END PGP SIGNATURE-
Re: [squid-users] 2.6S1 WCCP2 problems
ons 2006-07-19 klockan 15:50 -0400 skrev Bryan Shoebottom: before they stated that WCCP simply needs an IP and will grab any configured IP on the router, it doesn't matter. I think i am going to submit a bug, i don't know why squid is sending back a bad id. Perhaps your problem matches bug #1584? Cache unable to register with WCCPv2 url:http://www.squid-cache.org/bugs/show_bug.cgi?id=1584 Note: Bug #1584 is about an IOS issue where IOS incorrectly rejects WCCP control channel packets as duplicates if their IP level packet ID is 0. For correct operation IOS should be looking at the WCCP message ID, not the IP packet ID. The IP packet ID should be ignored completely, only relevant in handling of fragmented IP packets which is not the case here. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Help me !. Problem whit Squid 2.5 - commBind: Cannot bind socket FD 11
here my squid.conf: /etc/squid/squid.conf acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY request_body_max_size 8 MB acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl Inet src 192.168.0.0-192.168.0.254/255.255.255.0 acl EdonKey port 4661 4662 4663 4664 4665 acl negados url_regex /etc/squid/denysite acl ICQ port 5190 acl PUERTO_HTTPS port 443 acl Real_Player port 6970:6971 acl WebCam_Yahoo port 5100 acl Http_WebCam_Yahoo url_regex webcam.yahoo.com acl FTP port 20-21 acl DNS url_regex 53 http_access allow localhost http_access allow Inet http_access allow FTP http_access allow PUERTO_HTTPS http_access allow Real_Player http_access allow WebCam_Yahoo http_access allow Http_WebCam_Yahoo http_access allow ICQ http_access allow DNS http_access allow manager localhost http_access deny EdonKey http_access deny manager !localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny all icp_access allow Inet icp_access deny all httpd_accel_host virtual httpd_accel_port 80 httpd_accel_single_host off httpd_accel_with_proxy on httpd_accel_uses_host_header on cachemgr_passwd secret all offline_mode off http_port 192.168.0.1:3128 store_avg_object_size 2 GB cache_mem 32 MB ident_lookup_access allow all === Regards. Raul 2006/7/19, Odhiambo Washington [EMAIL PROTECTED]: * On 19/07/06 12:56 -0500, Raul Lapitzondo wrote: | Hi Odhiambo , | The actual configuration squid.conf not was modified. In any moment | it began to give error. | The scheme of my network is: | 192.168.0.1 -- 192.168.1.1 -- 192.168.1.2 | gateway -- adsl modem | eth0-- eth1 | | Regards | Raul | | 2006/7/19, Odhiambo WASHINGTON [EMAIL PROTECTED]: | * On 18/07/06 15:23 -0500, Raul Lapitzondo wrote: | | Hi all. | | | | I have a problem with Squid version 2.5.STABLE in SuSE 9.1. Since 3 | | years run squid without problems, but now i have error. When run | | rcsquid appear the next message: | | | | linux squid[15990]: Starting Squid Cache version 2.5.STABLE5 for | | i686-pc-linux-gnu... | | linux squid[15990]: Process ID 15990 | | linux squid[15990]: With 4096 file descriptors available | | linux squid[15990]: DNS Socket created at 0.0.0.0 , port 4635, FD 5 | | linux squid[15990]: Adding nameserver 192.168.1.1 from /etc/resolv.conf | | linux squid[15990]: Adding nameserver 200.32.3.129 from /etc/resolv.conf | | linux squid[15990]: Adding nameserver 200.42.0.109 from /etc/resolv.conf | | linux squid[15990]: User-Agent logging is disabled. | | linux squid[15990]: Referer logging is disabled. | | linux squid[15990]: Unlinkd pipe opened on FD 10 | | linux squid[15990]: Swap maxSize 102400 KB, estimated 0 objects | | linux squid[15990]: Target number of buckets: 0 | | linux squid[15990]: Using 8192 Store buckets | | linux squid[15990]: Max Mem size: 32768 KB | | linux squid[15990]: Max Swap size: 102400 KB | | linux squid[15990]: Local cache digest enabled; rebuild/rewrite every | | 3600/3600 sec | | linux squid[15990]: Rebuilding storage in /var/cache/squid (DIRTY) | | linux squid[15990]: Using Least Load store dir selection | | linux squid[15990]: Current Directory is / | | linux squid[15990]: Loaded Icons. | | linux squid[15990]: commBind: Cannot bind socket FD 11 to | | 192.168.0.1:3128: (99) Cannot assign requested address | | This IP address 192.168.0.1, is it configured on your ethernet | interface? | Once you resolve that, you are done, but I don't know how! Can you give more details, please? What is your Operating System? Can you please put your squid.conf somewhere on the web where we can see it? Use egrep -v '^[[:space:]]*(#|$)' squid.conf squid.conf.txt and put the .txt on the web somewhere. Can you also show the output of `ifconfig` from the machine? PS: Don't top-post! Best regards, Odhiambo Washington Systems Admin, Wananchi Online Ltd. Are you hosting your domain name with the leaders??: See http://webhosting.info/webhosts/tophosts/Country/KE DISCLAIMER: See http://www.wananchi.com/bms/terms.php --+- Odhiambo WASHINGTON. WANANCHI ONLINE LTD (Nairobi, KE) http://www.wananchi.com/email/ . 1ere Etage, Laptrust Plaza, Loita St., Mobile: (+254) 722 743 223 . # 10286, 00100 NAIROBI --+- I love the way Microsoft follows standards. In much the same manner that
[squid-users] Squid 2.6 WCCPv2 and FreeBSD
Hello, I'm having some problems running squid on FreeBSD 6.0 using WCCPv2. I've already tried squid-2.6.STABLE1 and squid-2.6.STABLE1-20060720. Using WCCPv1 works fine, but when use the wccp2_router option it crashes on startup. Here is a part of system log: Jul 20 12:47:30 webcache-4 squid[86283]: Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD 18. Jul 20 12:47:30 webcache-4 squid[86283]: Accepting SNMP messages on port 3401, FD 19. Jul 20 12:47:30 webcache-4 squid[86283]: WCCP Disabled. Jul 20 12:47:30 webcache-4 squid[86283]: Accepting WCCPv2 messages on port 2048, FD 20. Jul 20 12:47:30 webcache-4 squid[86283]: Initialising all WCCPv2 lists Jul 20 12:47:30 webcache-4 squid[86283]: Unable to disconnect WCCP out socket Jul 20 12:47:30 webcache-4 kernel: Jul 20 12:47:30 webcache-4 squid[86283]: Unable to disconnect WCCP out socket Jul 20 12:47:30 webcache-4 kernel: pid 86283 (squid), uid 65534: exited on signal 6 Jul 20 12:47:30 webcache-4 squid[86281]: Squid Parent: child process 86283 exited due to signal 6 What could be the problem? Other small thing: The config default is: diskd_program /usr/local/squid/libexec/diskd_daemon and it should be: diskd_program /usr/local/squid/libexec/diskd-daemon Regards, Carlos Filipe
[squid-users] invalid hash entry in internal DNS code causes assertion failure (2.6STABLE1/Solaris 10/SPARC)
Hi, Excuse me if this is a known issue. I have compiled Squid 2.6STABLE1 using Sun Studio 8 with the --enable-poll, --enable-cache-digests flags on Solaris 10/SPARC. The cache is configured to use the internal DNS feature and communicates with several parent caches. Squid stopped after an assertion failure in the internal DNS code. Below is the stack trace. Your help would be appreciated. Bertold Reading squid core file header read successfully Reading ld.so.1 Reading libcrypt_i.so.1 Reading libm.so.2 Reading libsocket.so.1 Reading libnsl.so.1 Reading libc.so.1 Reading libgen.so.1 Reading libc_psr.so.1 Reading nss_files.so.1 Reading nss_nis.so.1 program terminated by signal ABRT (Abort) 0xff13d5ec: _lwp_kill+0x0008: bcc,a,pt %icc,_lwp_kill+0x18 ! 0xff13d5fc Current function is hash_lookup 194 assert(walker != walker-next); (dbx) where [1] _lwp_kill(0x0, 0x6, 0x0, 0x6, 0x, 0x0), at 0xff13d5ec [2] raise(0x6, 0x0, 0xff121af4, 0x42770, 0xff164278, 0x6), at 0xff0dd884 [3] abort(0xffbf6770, 0x1, 0xff16527c, 0xa6544, 0xff167298, 0x0), at 0xff0bde38 [4] __assert(0x154da4, 0x154dbc, 0xc2, 0x77656263, 0xa6260, 0x16554c), at 0xff0be074 =[5] hash_lookup(hid = 0x28a550, k = 0x80e330), line 194 in hash.c [6] idnsCachedLookup(key = 0x80e330 somehost.example.com, callback = 0xc4fb8 = `squid`ipcache.c`ipcacheHandleReply(void *data, struct _rfc1035_rr *answers, int na, const char *error_message), data = 0x80e3a0), line 895 in dns_internal.c [7] idnsALookup(name = 0x80e330 somehost.example.com, callback = 0xc4fb8 = `squid`ipcache.c`ipcacheHandleReply(void *data, struct _rfc1035_rr *answers, int na, const char *error_message), data = 0x80e3a0), line 920 in dns_internal.c [8] ipcache_nbgethostbyname(name = 0x281228 somehost.example.com, handler = 0x7f5f8 = `squid`comm.c`commConnectDnsHandle(const struct _ipcache_addrs *ia, void *data), handlerData = 0x3c46888), line 453 in ipcache.c [9] commConnectStart(fd = 22, host = 0x281228 webcache1.west.sun.com, port = 8080U, callback = 0x93818 = `squid`forward.c`fwdConnectDone(int server_fd, int status, void *data), data = 0x873cb98), line 277 in comm.c [10] fwdConnectStart(data = 0x873cb98), line 625 in forward.c [11] fwdStartComplete(servers = 0x936118, data = 0x873cb98), line 635 in forward.c [12] peerSelectCallback(psstate = 0x6344e38), line 202 in peer_select.c [13] peerSelectFoo(ps = 0x6344e38), line 310 in peer_select.c [14] peerCheckNeverDirectDone(answer = 1, data = 0x6344e38), line 167 in peer_select.c [15] aclCheckCallback(checklist = 0x932910, answer = ACCESS_ALLOWED), line 2267 in acl.c [16] aclCheck(checklist = 0x932910), line 2224 in acl.c [17] aclNBCheck(checklist = 0x932910, callback = 0xdbf20 = `squid`peer_select.c`peerCheckNeverDirectDone(int answer, void *data), callback_data = 0x6344e38), line 2402 in acl.c [18] peerSelectFoo(ps = 0x6344e38), line 265 in peer_select.c [19] peerCheckAlwaysDirectDone(answer = 0, data = 0x6344e38), line 177 in peer_select.c [20] aclCheckCallback(checklist = 0x933cb0, answer = ACCESS_DENIED), line 2267 in acl.c [21] aclCheck(checklist = 0x933cb0), line 2236 in acl.c [22] aclNBCheck(checklist = 0x933cb0, callback = 0xdbfd0 = `squid`peer_select.c`peerCheckAlwaysDirectDone(int answer, void *data), callback_data = 0x6344e38), line 2402 in acl.c [23] peerSelectFoo(ps = 0x6344e38), line 254 in peer_select.c [24] peerSelect(request = 0x3a50328, entry = 0xa4b3470, callback = 0x94aa0 = `squid`forward.c`fwdStartComplete(struct _FwdServer *servers, void *data), callback_data = 0x873cb98), line 157 in peer_select.c [25] fwdStart(fd = 19, e = 0xa4b3470, r = 0x3a50328), line 881 in forward.c [26] clientProcessMiss(http = 0x951828), line 3517 in client_side.c [27] clientProcessRequest(http = 0x951828), line 3440 in client_side.c [28] clientCheckNoCacheDone(answer = 0, data = 0x951828), line 669 in client_side.c [29] aclCheckCallback(checklist = 0x933dc8, answer = ACCESS_DENIED), line 2267 in acl.c [30] aclCheck(checklist = 0x933dc8), line 2224 in acl.c [31] aclNBCheck(checklist = 0x933dc8, callback = 0x6d7f8 = `squid`client_side.c`clientCheckNoCacheDone(int answer, void *data), callback_data = 0x951828), line 2402 in acl.c [32] clientCheckNoCache(http = 0x951828), line 657 in client_side.c [33] clientAccessCheck2(data = 0x951828), line 368 in client_side.c [34] clientRedirectDone(data = 0x951828, result = (nil)), line 649 in client_side.c [35] clientRedirectStart(http = 0x951828), line 551 in client_side.c [36] clientAccessCheckDone(answer = 1, data = 0x951828), line 425 in client_side.c [37] aclCheckCallback(checklist = 0x932590, answer = ACCESS_ALLOWED), line 2267 in acl.c [38] aclCheck(checklist = 0x932590), line 2224 in acl.c [39] aclNBCheck(checklist = 0x932590, callback = 0x6c4e0 = `squid`client_side.c`clientAccessCheckDone(int answer, void *data), callback_data = 0x951828), line 2402 in acl.c [40] clientAccessCheck(data = 0x951828), line 357 in client_side.c [41]
Re: [squid-users] squid clamav
* M?rcio Luciano Donada [EMAIL PROTECTED]: Dear, I am thinking about using a antivirus next to squid here in the company. It would like tips and suggestions personal it of the list that already it uses, programs and tips of performance. We use dansguardian to couple Squid clamd -- Ralf Hildebrandt (i.A. des IT-Zentrums) [EMAIL PROTECTED] Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-BerlinFax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
[squid-users] squid 2.6STABLE1 strips authentication headers
Hello list, I wonder if it is a proper behavior of the squid to strip authentication headers, then it configured as accelerating proxy? I noticed this after upgrading squid from 2.5STABLE14 to 2.6STABLE1. Here what is send to squid: GET /adm/ HTTP/1.0 User-Agent: Wget/1.8.2 Host: ctsv.engec.ru Accept: */* Connection: Keep-Alive Authorization: Basic YW50b246MTIzMTIz Here waht squid sends to web server: GET /adm/ HTTP/1.0 User-Agent: Wget/1.8.2 Host: ctsv.engec.ru Accept: */* Via: 1.0 himbeer1.engec.ru:80 (squid) X-Forwarded-For: 85.142.33.28 Cache-Control: max-age=259200 Essential configuration from squid.conf: http_port 85.142.33.28:80 vhost defaultsite=himbeer.engec.ru cache_peer 127.0.0.1 parent 80 0 originserver If it a new behavor, it probably need to be documented, since it break many things for a lot of people. Software: squid-2.6.STABLE1-20060711 Compilation options: $ ./configure --bindir=/usr/local/sbin --sysconfdir=/usr/local/etc/squid --datadir=/usr/local/etc/squid --libexecdir=/usr/local/libexec/squid --localstated ir=/usr/local/squid --enable-removal-policies=lru heap --enable-storeio=aufs ufs diskd null --disable-wccp --prefix=/usr/local --with-pthreads --enable-epoll Sincerely, Anton Golubev ENGECON St. Petersburg Russia AAG69-RIPE AAG28-RIPN
Re: [squid-users] Help me !. Problem whit Squid 2.5 - commBind: Cannot bind socket FD 11
Hi Odhiambo . Very Thanks. The problem was solved !, with your help: http_port 3128 Regards. Raul 2006/7/20, Odhiambo WASHINGTON [EMAIL PROTECTED]: * On 20/07/06 10:45 -0500, Raul Lapitzondo wrote: | here my squid.conf: [snip] First of all, do you understand what your squid.conf does, the way you have configured it? You need to read squid.conf.default and try and understand the functionality of the various config options before using any squid.conf file. That's my personal reprimand to you :-) Now.. | http_port 192.168.0.1:3128 ^^ There is where your problem is living! If that IP address is not bound to any ethernet interfaces on your Squid server, then you are in for problems. Please change that line to the following: http_port 3128 Or simply comment it out and squid will listed to all interfaces on port 3128 (the default). Restart your Squid after the change! Show us the log if it fails again! On how to fix the actual problem, please read squid.conf.default over and over and over and over until you understand it. | store_avg_object_size 2 GB | cache_mem 32 MB | ident_lookup_access allow all | | === | | Regards. | Raul | | | 2006/7/19, Odhiambo Washington [EMAIL PROTECTED]: | * On 19/07/06 12:56 -0500, Raul Lapitzondo wrote: | | Hi Odhiambo , | | The actual configuration squid.conf not was modified. In any moment | | it began to give error. | | The scheme of my network is: | | 192.168.0.1 -- 192.168.1.1 -- 192.168.1.2 | | gateway -- adsl modem | | eth0-- eth1 | | | | Regards | | Raul | | | | 2006/7/19, Odhiambo WASHINGTON [EMAIL PROTECTED]: | | * On 18/07/06 15:23 -0500, Raul Lapitzondo wrote: | | | Hi all. | | | | | | I have a problem with Squid version 2.5.STABLE in SuSE 9.1. Since 3 | | | years run squid without problems, but now i have error. When run | | | rcsquid appear the next message: | | | | | | linux squid[15990]: Starting Squid Cache version 2.5.STABLE5 for | | | i686-pc-linux-gnu... | | | linux squid[15990]: Process ID 15990 | | | linux squid[15990]: With 4096 file descriptors available | | | linux squid[15990]: DNS Socket created at 0.0.0.0 , port 4635, FD 5 | | | linux squid[15990]: Adding nameserver 192.168.1.1 from | /etc/resolv.conf | | | linux squid[15990]: Adding nameserver 200.32.3.129 from | /etc/resolv.conf | | | linux squid[15990]: Adding nameserver 200.42.0.109 from | /etc/resolv.conf | | | linux squid[15990]: User-Agent logging is disabled. | | | linux squid[15990]: Referer logging is disabled. | | | linux squid[15990]: Unlinkd pipe opened on FD 10 | | | linux squid[15990]: Swap maxSize 102400 KB, estimated 0 objects | | | linux squid[15990]: Target number of buckets: 0 | | | linux squid[15990]: Using 8192 Store buckets | | | linux squid[15990]: Max Mem size: 32768 KB | | | linux squid[15990]: Max Swap size: 102400 KB | | | linux squid[15990]: Local cache digest enabled; rebuild/rewrite every | | | 3600/3600 sec | | | linux squid[15990]: Rebuilding storage in /var/cache/squid (DIRTY) | | | linux squid[15990]: Using Least Load store dir selection | | | linux squid[15990]: Current Directory is / | | | linux squid[15990]: Loaded Icons. | | | linux squid[15990]: commBind: Cannot bind socket FD 11 to | | | 192.168.0.1:3128: (99) Cannot assign requested address | | | | This IP address 192.168.0.1, is it configured on your ethernet | | interface? | | Once you resolve that, you are done, but I don't know how! | | Can you give more details, please? | | What is your Operating System? | Can you please put your squid.conf somewhere on the web where we can see | it? Use egrep -v '^[[:space:]]*(#|$)' squid.conf squid.conf.txt and | put the .txt on the web somewhere. | | Can you also show the output of `ifconfig` from the machine? | | PS: Don't top-post! | | Best regards, | Odhiambo Washington | Systems Admin, | Wananchi Online Ltd. | | Are you hosting your domain name with the leaders??: | See http://webhosting.info/webhosts/tophosts/Country/KE | | | DISCLAIMER: See http://www.wananchi.com/bms/terms.php | --+- | Odhiambo WASHINGTON. WANANCHI ONLINE LTD (Nairobi, KE) | http://www.wananchi.com/email/ . 1ere Etage, Laptrust Plaza, | Loita St., | Mobile: (+254) 722 743 223 . # 10286, 00100 NAIROBI | --+- | I love the way Microsoft follows standards. In much the same manner that | fish follow | migrating caribou. -- Paul Tomblin | | | | | | -- | Saludos | Raúl H. Lapitzondo -Wash http://www.netmeister.org/news/learn2quote.html DISCLAIMER: See http://www.wananchi.com/bms/terms.php -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL