[squid-users] Errors during Log Analysis using Calamaris
I have squid-2.6.STABLE9-1 running on Fedora Core 6 stably and I am trying to use calamaris-2.59-1 for log analysis. While running calamaris, the following errors are generated in the log report: Invalid conversion in sprintf: %t at /usr/bin/calamaris line 3306, line 134591. Use of uninitialized value in sprintf at /usr/bin/calamaris line 3306, line 134591. Invalid conversion in sprintf: %a at /usr/bin/calamaris line 3306, line 134591. Use of uninitialized value in sprintf at /usr/bin/calamaris line 3306, line 134591. Invalid conversion in sprintf: %; at /usr/bin/calamaris line 3306, line 134591. Use of uninitialized value in sprintf at /usr/bin/calamaris line 3306, line 134591. Invalid conversion in sprintf: %v at /usr/bin/calamaris line 3306, line 134591. Use of uninitialized value in sprintf at /usr/bin/calamaris line 3306, line 134591. Line 134591 happened to be the last line in the log file. These errors are repeated a number of times and in addition the output report is full of large number (thousands) of blank lines and a few junk characters also. Surprisingly the log analysis is also carried out and a proper report is generated along with these errors. I have used the same version of calamaris on squid running on FC3 as well as CentOS 4.3 without any errors. What could be the reason behind these errors ? I have not selected any log format in squid.conf leaving the same at default setting none. Do I need to select any specific format ? Thanks, -- Manish Kathuria
[squid-users] Squid with delaypools and dansguardian
Hi everybody, Well I'm quite desperate and hope you could help me mates... well I have a machine in wich I run squid and dansguardian with clamav... this is running fine but now I want to enable delay_pools too... for controlling bandwith because there are some important high loads that slowdown internet connection when for example someone downloads an iso image... that's reason for I want to enable delay_pools... Ok but the problem is that I filter with dansguardian so all requesting ip is always the ip of dansguardian... so delay_pools are applying bad because only one ip asks for everybody... how could I do for enabling delay_pools with dansguardian? setting another squid before dansguardian machine and enabling delay_pools there because If I fetch slowly internet connected squid will too bring iso's (for example) slowly? any ideas please, it's quite an urgent project... thanks mates!
Re: [squid-users] sqid redirector for ssl?
Hi, It is using the redirector for SSL traffic. But if this is a forward proxy then all Squid knows about SSL traffic is CONNECT hostname:port, and this is what is sent to the redirector. The only possible result of the redirector is to leave the request as-is or return a new hostname:port where the connections should be forwarded. I tried that, but it doesn't seem to work. I have this line in the squirm.pattern file: regex ^www.mydomain.de:443$ www.intern:443 and when I test squirm at the command line, then I can observe this: www.mydomain.de:443 127.0.0.1/- - GET www.intern:443 127.0.0.1/- - GET Fri Mar 16 09:35:15 2007:www.mydomain.de:443:www.intern:443 www.intern:443 127.0.0.1/- - CONNECT www.mydomain.de:443 127.0.0.1/- - CONNECT for me it looks like the squirm is ignoring the connect statement, or did I missed something else? kind regards Sebastian
[squid-users] Which virusscanner to use ?
Hi! Just want to know WHICH virusscanner do you prefer to use in conjunction with squid ? We're using squid 2.6 and squidGuard on Debian Etch. I tried squidclamav, but we had Problems with some sites (AOL-Webmail) und Systems (MSN-Webmessenger) NOT working. So i appreciate your recommendation. Ove Starckjohann
Re: [squid-users] WCCP Module for WCCP Version 2
Martin, Below are the report from Cisco router. Global WCCP information: Router information: Router Identifier: my.router.ip.addr Protocol Version:2.0 Service Identifier: web-cache Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected:0 Redirect access-list:squid-wccp Total Packets Denied Redirect: 702 Total Packets Unassigned:0 Group access-list: squid-cache Total Messages Denied to Group: 0 Total Authentication failures: 0 WCCP Cache-Engine information: Web Cache ID: my.squid.ip.addr Protocol Version: 2.0 State: Usable Initial Hash Info: Assigned Hash Info: Hash Allotment:256 (100.00%) Packets Redirected:0 Connect Time: 00:02:39 From information above, the Router has WCCP link to Squid box, am I right? Thx Rgds, Awie - Original Message - From: Awie [EMAIL PROTECTED] To: Martin Köbele [EMAIL PROTECTED] Cc: Henrik Nordstrom [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Friday, March 16, 2007 13:58 Subject: Re: [squid-users] WCCP Module for WCCP Version 2 Have you turned on full blown debug logging to see what is happening or not happening? Yes, the Linux has already modprobe ip_wccp as it was running WCCPv1. I captured the traffic to Squid box by using ethereal and I saw WCCP 2.0 Here I am I see you. If the WCCP connection is establish, why is it unable redirect? Please advise. Thx Rgds, Awie On Friday 16 March 2007 00:03:42 Awie wrote: Thank you very much, Henrik! Awie, how is it going for you? Regards, Martin Martin Henrik, Thanks a lot for discussion but I become more confuse to choose ip_wccp or ip_gre. From this topic I assume that ip_wccp still able to serve WCCPv2. Now I try ip_wccp (version 1.7) that resulting no packet be redirected to Squid box. As my kernel is 2.4.34 (currently, I have no plan to use 2.6.x yet), I need your advise the better module I should use. Thx Rgds, Awie On Thursday 15 March 2007 10:54, Henrik Nordstrom wrote: tor 2007-03-15 klockan 09:55 -0400 skrev Martin Kobele: So in 2.4.32, the GRE implementation does not support WCCP. Ok, rebooted the box, ip_gre is built into the kernel, loading ip_wccp and I don't set up the GRE tunnel. Why/How does that work? It doesn't need the GRE tunnel. Would it use the GRE tunnel if it was there? When you load ip_wccp it probably takes over as GRE protocol handler, effectively disabling ip_gre. Regards Henrik -- Martin Kobele Software Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7 -- Martin Kobele Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7
Re: [squid-users] WCCP Module for WCCP Version 2
Henrik Martin, I found an interesting in Ethereal report. In Squid box (WCCP Here I am), the hash bucket 0-255 reported not assigned. But in Cisco router (WCCP I see You), the hash bucket 0-255 assigned. Is that a normal condition? Please advise. Thx Rgds, Awie - Original Message - From: Awie [EMAIL PROTECTED] To: Martin Köbele [EMAIL PROTECTED] Cc: Henrik Nordstrom [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Friday, March 16, 2007 17:14 Subject: Re: [squid-users] WCCP Module for WCCP Version 2 Martin, Below are the report from Cisco router. Global WCCP information: Router information: Router Identifier: my.router.ip.addr Protocol Version:2.0 Service Identifier: web-cache Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected:0 Redirect access-list:squid-wccp Total Packets Denied Redirect: 702 Total Packets Unassigned:0 Group access-list: squid-cache Total Messages Denied to Group: 0 Total Authentication failures: 0 WCCP Cache-Engine information: Web Cache ID: my.squid.ip.addr Protocol Version: 2.0 State: Usable Initial Hash Info: Assigned Hash Info: Hash Allotment:256 (100.00%) Packets Redirected:0 Connect Time: 00:02:39 From information above, the Router has WCCP link to Squid box, am I right? Thx Rgds, Awie - Original Message - From: Awie [EMAIL PROTECTED] To: Martin Köbele [EMAIL PROTECTED] Cc: Henrik Nordstrom [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Friday, March 16, 2007 13:58 Subject: Re: [squid-users] WCCP Module for WCCP Version 2 Have you turned on full blown debug logging to see what is happening or not happening? Yes, the Linux has already modprobe ip_wccp as it was running WCCPv1. I captured the traffic to Squid box by using ethereal and I saw WCCP 2.0 Here I am I see you. If the WCCP connection is establish, why is it unable redirect? Please advise. Thx Rgds, Awie On Friday 16 March 2007 00:03:42 Awie wrote: Thank you very much, Henrik! Awie, how is it going for you? Regards, Martin Martin Henrik, Thanks a lot for discussion but I become more confuse to choose ip_wccp or ip_gre. From this topic I assume that ip_wccp still able to serve WCCPv2. Now I try ip_wccp (version 1.7) that resulting no packet be redirected to Squid box. As my kernel is 2.4.34 (currently, I have no plan to use 2.6.x yet), I need your advise the better module I should use. Thx Rgds, Awie On Thursday 15 March 2007 10:54, Henrik Nordstrom wrote: tor 2007-03-15 klockan 09:55 -0400 skrev Martin Kobele: So in 2.4.32, the GRE implementation does not support WCCP. Ok, rebooted the box, ip_gre is built into the kernel, loading ip_wccp and I don't set up the GRE tunnel. Why/How does that work? It doesn't need the GRE tunnel. Would it use the GRE tunnel if it was there? When you load ip_wccp it probably takes over as GRE protocol handler, effectively disabling ip_gre. Regards Henrik -- Martin Kobele Software Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7 -- Martin Kobele Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7
Re: [squid-users] squid3+content encode (gzip)
See ./configure --help output, there was a specific flag for enabling content encoding (--enable-content-encoding, I assume). Hope this helps, On 3/16/07, Wahyu [EMAIL PROTECTED] wrote: Hi, Any one have try squid3+content encode successfully? i got problem with my installation. Patch and build were success, but when i got this error when i'm running squid. Starting proxy server: 2007/03/15 12:57:53| parseConfigFile: 'squid.conf' line 294 unrecognized: 'negotiate_ce_access allow all' 2007/03/15 12:57:53| parseConfigFile: 'squid.conf' line 303 unrecognized: 'encode_gzip_access allow all' 2007/03/15 12:57:53| parseConfigFile: 'squid.conf' line 312 unrecognized: 'encode_deflate_access allow all' -why -- Gonzalo A. Arana
[squid-users] Merchandise
Hi everyone, I've received the first set of Squid merchandise from Cafepress; a shirt and a mug. They're simple items with the Squid logo artwork on them. I'll add more merchandise as people request. I'll try to do up some Squid-2.6 release shirts which'll double as the 10 year anniversary shirts. (Which, if people would like them to be pretty, should be designed by someone else than me. If I could draw I wouldn't be hacking on Squid.) The Cafepress store is at: http://www.cafepress.com/squidproxy A few dollars from each product sold will go towards ongoing maintainence and future development of open source web proxy/caching solutions. Let me know what you think! Adrian
[squid-users] Question about bandwith
Hi mates, Well let's see if I have and squid proxy that is connected to Internet with 4 MB cable modem... and have in the other way retrieving objects from cache a 56 kbps connection... will squid bring for example from Internet an iso of a dvd at 4 mb speed and buffer it for passing to 56kbps connection or although it's connection is the speed of 4 mb cable internet connection it will download at 56 kbps connection speed from internet because can only pass to cache object fetchers at this speed¿ thanks a lot !
Re: [squid-users] sarg reports
Quoting Munawar Zeeshan [EMAIL PROTECTED]: DENY contents through squid.conf.SARG DENIED will work then On 3/15/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I know this may not be totally related to squid, but I cant seem to get my sarg installation to generate denied reports. Everything else works fine. I have denied in my sarg.conf. My accesslog shows TCP_DENIED for denied requests. Is this a bug in the last couple of versions of Sarg? -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools -- Munawar Zeeshan Islamabad,Pakistan +92-300-514-6886 +92-321-535-4851 Huh? I dont understand. ddh -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] WCCP Module for WCCP Version 2
Yes Martin, it is just like yours. FYI, the Squid Cisco was running with WCCPv1 very well. After getting problem with hotmail.com, I want to upgrade to WCCPv2 that I heard it will solve the problem Thx Rgds, Awie - Original Message - From: Martin Kobele [EMAIL PROTECTED] To: Awie [EMAIL PROTECTED] Cc: squid-users@squid-cache.org Sent: Friday, March 16, 2007 19:22 Subject: Re: [squid-users] WCCP Module for WCCP Version 2 Hi Awie, how did you configure your outgoing interface on the cisco? There should be something like this: interface FastEthernet0/0 ip address 192.168.3.21 255.255.255.0 no ip directed-broadcast ip wccp web-cache redirect out no ip mroute-cache Regards, Martin On Friday 16 March 2007 05:14:17 Awie wrote: Martin, Below are the report from Cisco router. Global WCCP information: Router information: Router Identifier: my.router.ip.addr Protocol Version:2.0 Service Identifier: web-cache Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected:0 Redirect access-list:squid-wccp Total Packets Denied Redirect: 702 Total Packets Unassigned:0 Group access-list: squid-cache Total Messages Denied to Group: 0 Total Authentication failures: 0 WCCP Cache-Engine information: Web Cache ID: my.squid.ip.addr Protocol Version: 2.0 State: Usable Initial Hash Info: Assigned Hash Info: Hash Allotment:256 (100.00%) Packets Redirected:0 Connect Time: 00:02:39 From information above, the Router has WCCP link to Squid box, am I right? Thx Rgds, Awie - Original Message - From: Awie [EMAIL PROTECTED] To: Martin Köbele [EMAIL PROTECTED] Cc: Henrik Nordstrom [EMAIL PROTECTED]; squid-users@squid-cache.org Sent: Friday, March 16, 2007 13:58 Subject: Re: [squid-users] WCCP Module for WCCP Version 2 Have you turned on full blown debug logging to see what is happening or not happening? Yes, the Linux has already modprobe ip_wccp as it was running WCCPv1. I captured the traffic to Squid box by using ethereal and I saw WCCP 2.0 Here I am I see you. If the WCCP connection is establish, why is it unable redirect? Please advise. Thx Rgds, Awie On Friday 16 March 2007 00:03:42 Awie wrote: Thank you very much, Henrik! Awie, how is it going for you? Regards, Martin Martin Henrik, Thanks a lot for discussion but I become more confuse to choose ip_wccp or ip_gre. From this topic I assume that ip_wccp still able to serve WCCPv2. Now I try ip_wccp (version 1.7) that resulting no packet be redirected to Squid box. As my kernel is 2.4.34 (currently, I have no plan to use 2.6.x yet), I need your advise the better module I should use. Thx Rgds, Awie On Thursday 15 March 2007 10:54, Henrik Nordstrom wrote: tor 2007-03-15 klockan 09:55 -0400 skrev Martin Kobele: So in 2.4.32, the GRE implementation does not support WCCP. Ok, rebooted the box, ip_gre is built into the kernel, loading ip_wccp and I don't set up the GRE tunnel. Why/How does that work? It doesn't need the GRE tunnel. Would it use the GRE tunnel if it was there? When you load ip_wccp it probably takes over as GRE protocol handler, effectively disabling ip_gre. Regards Henrik -- Martin Kobele Software Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7 -- Martin Kobele Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7 -- Martin Kobele Developer t. 519-826-5222 ext #224 f. 519-826-5228 [EMAIL PROTECTED] Netsweeper Corporate Head Office 104 Dawson Road Guelph, Ontario N1H 1A7
[squid-users] Bandwidth Limiting
I've got a LAN behind a machine running Squid and this machine lies behind a router which provides the LAN with the Internet connection ... Is it possible to forward ALL the outgoing connections on the 65,535 available ports to the port which Squid runs on (3128) so that any outgoing and incoming traffic passes by Squid, and then will I be able to define ACL rules and delay pools to limit the bandwidth ? pgpb5DY2yUVmh.pgp Description: PGP signature
[squid-users] user-agent header in access.log
Dear all, I need to see the user-agent header in the access.log file from Squid in order to apply an acl browser to permiot only Mozilla browsers going through my proxy. Now I can see any user-agent header in my access.log file. How can I do to see the user-agent header in the Squid's access.log file ??? Thanks alejandro.-
RE: [squid-users] Merchandise
Nice T-shirt Adrian, I'll be buying one or two. Dave -Original Message- From: Adrian Chadd [mailto:[EMAIL PROTECTED] Sent: Friday, March 16, 2007 6:53 AM To: squid-users@squid-cache.org Subject: [squid-users] Merchandise Hi everyone, I've received the first set of Squid merchandise from Cafepress; a shirt and a mug. They're simple items with the Squid logo artwork on them. I'll add more merchandise as people request. I'll try to do up some Squid-2.6 release shirts which'll double as the 10 year anniversary shirts. (Which, if people would like them to be pretty, should be designed by someone else than me. If I could draw I wouldn't be hacking on Squid.) The Cafepress store is at: http://www.cafepress.com/squidproxy A few dollars from each product sold will go towards ongoing maintainence and future development of open source web proxy/caching solutions. Let me know what you think! Adrian
Re: [squid-users] sqid redirector for ssl?
Hi all, I tried that, but it doesn't seem to work. I have this line in the squirm.pattern file: regex ^www.mydomain.de:443$ www.intern:443 and when I test squirm at the command line, then I can observe this: www.mydomain.de:443 127.0.0.1/- - GET www.intern:443 127.0.0.1/- - GET Fri Mar 16 09:35:15 2007:www.mydomain.de:443:www.intern:443 www.intern:443 127.0.0.1/- - CONNECT www.mydomain.de:443 127.0.0.1/- - CONNECT for me it looks like the squirm is ignoring the connect statement, or did I missed something else? after a short look into the source I found out that squirm only handles GET requests. After exchanging the pattern matching of GET, with CONNECT it works as I want it to work. Sebastian
Re: [squid-users] Squid doesn't access Hotmail?
On 14.03.07 08:50, Angela Burrell wrote: I am having problems getting through to Hotmail. It seems to happen only when squid is being used as transparent. intercepting, not transparent. When I configure browsers to go through the proxy directly, everything works great. ...and when you intercept connections, do you configure browsers to use the proxy? In that case it's not intercepted. The connection can be: - direct - intercepted - proxied (browser is configured to use proxy). It is Squid 2.6.STABLE9 (from source). Mozilla 1.7.12 https://login.live.com/login.srf?id=2svc=mailcbid=24325msppjph=1tw=900f s=1lc=1033_lang=ENbk=72886070 IE6: https://login.live.com/ppsecure/post.srf?id=2svc=mailcbid=24325msppjph=1; tw=900fs=1lc=4105_lang=ENbk=117381 hell, do you intercept https connections? Other https websites work fine with squid, for example I can log in to banking and other webmail sites like gmail. I am routing to squid from the firewall like this: iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3328 dport 80 is http, not https. -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows found: (R)emove, (E)rase, (D)elete
Re: [squid-users] Oom-killer and Squid
On 14.03.07 13:07, Dave Rhodes wrote: Have you had a chance to look at the file I sent you a few days ago? I wonder, why did you send it to Henrik. It looks like the mem_node is growing and never stops. what are your cache_mem and cache_dir settings? how much of memory do you have in the machine and what's the architecture? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 2B|!2B, that's a question!
RE: [squid-users] Oom-killer and Squid
Matus, I was having difficult getting the file on the mail site because of it's size. Henrik and I had already begun a dialog so I sent the file to him. Anyway, I think Henrik solved it. The early releases of the HTTP 1.1 patch caused a memory leak. I've upgraded to 2.6-STABLE10 and I'm monitoring. I'll let you know. Thanks, Dave -Original Message- From: Matus UHLAR - fantomas [mailto:[EMAIL PROTECTED] Sent: Friday, March 16, 2007 12:06 PM To: squid-users@squid-cache.org Subject: Re: [squid-users] Oom-killer and Squid On 14.03.07 13:07, Dave Rhodes wrote: Have you had a chance to look at the file I sent you a few days ago? I wonder, why did you send it to Henrik. It looks like the mem_node is growing and never stops. what are your cache_mem and cache_dir settings? how much of memory do you have in the machine and what's the architecture? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 2B|!2B, that's a question!
Re: [squid-users] COSS memory use
On 14.03.07 11:49, leongmzlist wrote: Looking into solution on reducing squid mem use. I have 32bit squid and 64bit squid running; but I'm quickly running out of RAM again. 32bit squid on linux 64bit kernel, aufs: ~115 bytes / obj 64bit squid; aufs, linux: ~165 bytes / obj afaik it's ~72/194 So, a 32bit squid w/ 4G of RAM can actually store more objects than a 64bit squid w/ 6G of ram. you must decrease the memory a big. Let's say your squid can use up to 3GB of memory when it's 32 bit (4GB of address space minus usually 1GB of reserved area) vs. 5.5GB when it's 64 bit (6gb of RAM minus some OS usage). since the 72/104, it's 44739242 vs. 56784423 objects metadata. That's not good. what? that 64bit squid has bigger memory usage? It's the price of higher limits. -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Christian Science Programming: Let God Debug It!.
[squid-users] understanding how Last-Modified is really used...
Folks, If you have been following along my other questions, I want to use a proxy on my kiosk to cache downsized images. The problem is that the system operator can make changes to images, such as rotating them or cropping them. If I understand all this correctly, I can change the Last-Modified header to reflect the last time the image was changed rather then when the script was run to downsize the image. Correct? Assuming I can change the Last-Modified header, is there some type of pre-fetch that the proxy does to JUST get the header info as to knows whether or not to get the generated content? Assuming there is some type of pre-fetch. Is my impression correct that I have to handle the pre-fetch correctly within my script (PHP, by the way) and not do the actual content when receiving a pre-fetch request? If my impression is correct about this whole thing, how do I detect that the request is a pre-fetch and not a full fetch, generically speaking, for I don't know if I am going to be sticking with PHP;) Sam
[squid-users] Re: understanding how Last-Modified is really used...
I found the answer: HTTP/1.1 Specs -- 13.3 Validation Model http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html#sec13.3 and HTTP/1.1 Specs -- 14.24 If-Match http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.24 Very, very cool! I am about to go to beta, but this I will do for the RC1! For those that helped enlighten me, thanks! Sam
Re: [squid-users] UTC
Please don't top post? I'm not sure what you mean. Chris Robertson [EMAIL PROTECTED] wrote on 03/15/2007 06:22:35 PM: [EMAIL PROTECTED] wrote: access.log stores the time/date stamp as: nnn.nnn where 'n' is a digit between 0 and 9. I'd like to read timestamps in human-readable form. :-) Like I said, there was a simple perl command to convert it. I just don't know where to find it. Please don't top post. Here's what you are looking for: http://www.squid-cache.org/mail-archive/squid-users/200503/0690.html Chris _ THIS E-MAIL is private correspondence and is intended only for the identified recipients. We attempt to correctly address all e-mails, but if for any reason you have received this message in error, please take notice that you should not disclose or distribute this message to any other person. You should immediately notify the sender and delete this message. If the message contains or attaches CONFIDENTIAL information, you must treat that information confidentially. For questions, please contact the sender.
Re: [squid-users] Can't see user-agent header in access.log
Alejandro wrote: Dear all, I've a Squid proxy on a Debian Sarge box (I can't remember the squid version now). I want to filter by a acl name browser type in order to allow just Mozilla anc compatible web browsers. I made the appropriatte acl (acl webbrowsers browser Mozilla) and the filter rule (http_access deny !webbrowsers), but it doesn't work at allOpera browsers can go through my Squid :( So I went to the Squid's access.log file and I notice that user-agent header is not present at all. What can I do to force the user-agent header to be present in the access log file in order to check its value ??? Special thanks alejandro.- From squid.conf.default: # TAG: useragent_log # Note: This option is only available if Squid is rebuilt with the # --enable-useragent-log option # # Squid will write the User-Agent field from HTTP requests # to the filename specified here. By default useragent_log # is disabled. Check with squid -v to see if user agent logging has been compiled in. Be aware that Opera makes it very easy to switch the reported user agent (http://www.opera.com/support/search/view/570/). Chris
Re: [squid-users] bandwidth limitization
Jagdish wrote: Hi, The solution given by Kashif is good if the users have static IPs. What if the users are in DHCP ? Also, we would like to limit the download for one set of users to 10 MB and the other to 15 Mb . How do we implement the same ? Thanks Regards Jagdish ACLs via MAC address: http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-f5a9a7efc69525f1e3d928b725cced0f7822e451 Chris
Re: [squid-users] Squid with delaypools and dansguardian
[EMAIL PROTECTED] wrote: Hi everybody, Well I'm quite desperate and hope you could help me mates... well I have a machine in wich I run squid and dansguardian with clamav... this is running fine but now I want to enable delay_pools too... for controlling bandwith because there are some important high loads that slowdown internet connection when for example someone downloads an iso image... that's reason for I want to enable delay_pools... Ok but the problem is that I filter with dansguardian so all requesting ip is always the ip of dansguardian... so delay_pools are applying bad because only one ip asks for everybody... how could I do for enabling delay_pools with dansguardian? setting another squid before dansguardian machine and enabling delay_pools there because If I fetch slowly internet connected squid will too bring iso's (for example) slowly? any ideas please, it's quite an urgent project... thanks mates! Recompile with --enable-follow-x-forwarded-for, and use delay_pool_uses_indirect_client on in your squid.conf. See the patch page (http://devel.squid-cache.org/follow_xff/index.html) for more details. Chris
Re: [squid-users] Bandwidth Limiting
Mohamed Hazem wrote: I've got a LAN behind a machine running Squid and this machine lies behind a router which provides the LAN with the Internet connection ... Is it possible to forward ALL the outgoing connections on the 65,535 available ports to the port which Squid runs on (3128) so that any outgoing and incoming traffic passes by Squid, and then will I be able to define ACL rules and delay pools to limit the bandwidth ? Squid is strictly an HTTP proxy. While you COULD do this, nothing but HTTP traffic would work (HTTPS traffic would likely be broken as well unless special steps were taken). There are other projects aimed at traffic shaping (http://en.wikipedia.org/wiki/Traffic_shaping#External_links). Chris
Re: [squid-users] UTC
[EMAIL PROTECTED] wrote: Please don't top post? I'm not sure what you mean. Irony at its finest. :o) http://www.xs4all.nl/~hanb/documents/quotingguide.html You may have seen the following email signature: A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? That's it in a nutshell. Chris
Re: [squid-users] list's time zone
tor 2007-03-15 klockan 14:55 -0800 skrev Milli Gurung: Not sure who to address this but I think the squid's mailing list server still hasn't updated its daylight savings timezone. All my squid emails show up an hour earlier - I'm using PDT. The list server does not touch your Date header. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] COSS memory use
fre 2007-03-16 klockan 17:16 +0100 skrev Matus UHLAR - fantomas: you must decrease the memory a big. Let's say your squid can use up to 3GB of memory when it's 32 bit (4GB of address space minus usually 1GB of reserved area) vs. 5.5GB when it's 64 bit (6gb of RAM minus some OS usage). 32-bit applications on a 64-bit OS has nearly the whole 32-bit address space available, 4GB. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Can't see user-agent header in access.log
tor 2007-03-15 klockan 22:34 -0300 skrev Alejandro: What can I do to force the user-agent header to be present in the access log file in order to check its value ??? See the logformat directive. Allows you to specify exactly what should be logged in access.log. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Problem applying ICAP Patch to 2.6.STABLE10
tor 2007-03-15 klockan 21:38 +0100 skrev Kai Steverding: I just downloaded the latest ICAP Patch from http://devel.squid-cache.org/cgi-bin/diff2/icap-2_6.patch and tried to apply it to the latest 2.6 branch squid.It didn't apply: http://www.squid-cache.org/mail-archive/squid-dev/200703/0074.html Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Which virusscanner to use ?
fre 2007-03-16 klockan 09:55 +0100 skrev Starckjohann, Ove: Just want to know WHICH virusscanner do you prefer to use in conjunction with squid ? What looks most promising in my eyes is Squid with ICAP support, and the c-icap server with it's clamav plugin. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Oom-killer and Squid
fre 2007-03-16 klockan 17:05 +0100 skrev Matus UHLAR - fantomas: On 14.03.07 13:07, Dave Rhodes wrote: Have you had a chance to look at the file I sent you a few days ago? I wonder, why did you send it to Henrik. because I asked for him to collect certain large volume information about his problem.. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Top posting
fre 2007-03-16 klockan 15:11 -0400 skrev [EMAIL PROTECTED]: Please don't top post? I'm not sure what you mean. What you just did. Posting your followup in the top of the message, instead after the question and deleting everything not relevant to what you write. Top posting is good in negotiations etc where the full history of the conversation is needed in each single message, but useless and very confusing in discussions. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Question about bandwith
fre 2007-03-16 klockan 11:58 +0100 skrev Egoitz Aurrekoetxea: Hi mates, Well let's see if I have and squid proxy that is connected to Internet with 4 MB cable modem... and have in the other way retrieving objects from cache a 56 kbps connection... will squid bring for example from Internet an iso of a dvd at 4 mb speed and buffer it for passing to 56kbps connection or Squid buffers only a small part of the object. About 16KB internally plus the buffering done by TCP. So for large objects it will fetch at 56kbps due to being throttled by the client speed. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] Top posting
fre 2007-03-16 klockan 15:11 -0400 skrev [EMAIL PROTECTED]: Please don't top post? I'm not sure what you mean. I always liked: A: Because its hard to read! Q: Why is top posting bad? cheers- Brian -- Brian Riffle System and Network Administrator Klamath Community College 7390 South 6th St Klamath Falls, OR 97603 Phone 541.880.2245 Fax 541.885.7758
[squid-users] Squid-2.6.STABLE11 released
This is just a heads up that Squid-2.6.STABLE11 has just been released to fix the assertion failure which has plagued the 2.6.STABLE10 release quite badly. No security fixes this time (as usual). Only stability and cleanup, plus a important collapsed_forwarding bug fix for those who use this feature. A more formal announce will be sent in a few days. Recommendations: If using 2.6.STABLE10, upgrade to restore stability. If using 2.6.STABLE9 or an earlier release and not experiencing any significant problems then plan for an upgrade at a convenient time to make Squid to work around many broken web servers and generally behave a bit better. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
[squid-users] Squid authentication to a Samba domain controller
Hi all I'd like Squid to authenticate, possibly transparently with ntlm, to a Samba Domain Controller. I found, and used in other cases, plenty of documentation about doing this but with a Windows domain, via winbindd and ntlm_auth. But this approach seems not to be usable when the Squid box is also a Samba domain controller. Any ideas? Pointers to docs are appreciated. Thanks Luigi