Re: [squid-users] Weirdness caching objects with a vary header on a accelerator
On Wed, May 02, 2007 at 12:34:51AM +0200, Henrik Nordstrom wrote: tis 2007-05-01 klockan 11:43 +0200 skrev Bastian Blank: On Mon, Apr 30, 2007 at 10:37:24AM +0200, Bastian Blank wrote: The response is properly written according to the store.log: | 1177918188.354 SWAPOUT 00 5DD09DA912DD58C2EFBDAC8382385625 200 1177918188-1 1178018188 x-squid-internal/vary - 1/201 GET http://jura13.jura.uni-tuebingen.de/ | 1177918188.354 SWAPOUT 00 0001 6401BF3ABD2BDF388518448979017161 200 1177918188 1171557682 1177921788 text/html 18413/18413 GET http://jura13.jura.uni-tuebingen.de/ The key 5DD09DA912DD58C2EFBDAC8382385625 is built using the vary header and is therefor unusable to find this object again. This problem is seen if you use urlgroup:s. See discussion in bug #1947. It's not the vary details which is lost, it's the urlgroup when writing out the x-squid-internal object. I removed the usage of urlgroups from the store key as workaround and it works. Thank you. Bastian -- Too much of anything, even love, isn't necessarily a good thing. -- Kirk, The Trouble with Tribbles, stardate 4525.6
[squid-users] COSS performance
Hi, I am running squid-2.6.Stable 3 on linux-2.6.10 kernel I am using squid epoll and coss cache_dir. System memory: 4 GB Cache Memory: 2 GB cache_dir coss /cache01/coss 1 block-size=2048 max-size=131072 cache_dir coss /cache02/coss 1 block-size=2048 max-size=131072 I am getting the below error message. storeCossCreateMemOnlyBuf: no free membufs. You may need to increase the value of membufs on the /cache01/coss cache_dir Do i require to change any configuration in squid? Regards Chima
Re: [squid-users] NTLM configuration
On 5/1/07, Ganesh Balasubramanian [EMAIL PROTECTED] wrote: Guys, Please excuse my ignorance on this one, as i'm working on this proxy server configuration only for past couple of weeks. I have installed squid 2.6x version in my win2k machine. In the same machine i had DNS server and ADS server running. In my network all i had is only windows OS. Now i want to configure my proxy server to work with NTLM auth. From our internal application, we can configure it to use the NTLM mode, where for authentication it will take up the windows logged in user. But when i had the proxy configured in that client machine it blocks the user auth information. So i guess in the squid conf file, we need to add up those details to make it work with NTLM. Can you help me out on to know, what is the basic configuration that has to be added in the .conf file, for the NTLM auth to work in windows OS. I suggest you start by checking your squid.conf.default file, with special attantion to the section titled # === NTLM scheme options follow === -- /kinkie
Re: [squid-users] COSS performance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 2 May 2007 12:46:03 +0530 chima s [EMAIL PROTECTED] wrote: Hi, I am running squid-2.6.Stable 3 on linux-2.6.10 kernel I am using squid epoll and coss cache_dir. System memory: 4 GB Cache Memory: 2 GB cache_dir coss /cache01/coss 1 block-size=2048 max-size=131072 cache_dir coss /cache02/coss 1 block-size=2048 max-size=131072 I am getting the below error message. storeCossCreateMemOnlyBuf: no free membufs. You may need to increase the value of membufs on the /cache01/coss cache_dir Do i require to change any configuration in squid? Hi Chima, You can try setting membufs=100 Regards Chima - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFGOFT2VrOl+eVhOvYRAqIgAJ4zRi4cFEpv5uJ+i6DBQVfxZDh/1QCfRqix qPU/z8MSCO7zAQw8ZdUHx34= =RHgr -END PGP SIGNATURE-
[squid-users] Help Me Please
Hi, who can I help? what is my Problem? I am a New user in linux, My OP System is Redhat Enterprise 4 ,I want run Squit in our Network , But When I want Run squit by service squit start ,Failed Show me . and when enter squid command squid is stopped you have new mail in /var/spool/mail/root apeared. I restart My OP system . now I use squid command.anything apeared but when I enter squid command for start it squid is allredy running show me. [EMAIL PROTECTED] ~]# squid -N -d1 2007/05/02 13:05:24| Starting Squid Cache version 2.5.STABLE6 for i386- redhat-linux-gnu... 2007/05/02 13:05:24| Process ID 4048 2007/05/02 13:05:24| With 1024 file descriptors available 2007/05/02 13:05:24| Performing DNS Tests... 2007/05/02 13:05:24| Successful DNS name lookup tests... 2007/05/02 13:05:24| DNS Socket created at 0.0.0.0, port 32769, FD 4 2007/05/02 13:05:24| Adding nameserver 194.225.90.4 from /etc/resolv.conf 2007/05/02 13:05:24| Adding nameserver 4.2.2.3 from /etc/resolv.conf 2007/05/02 13:05:24| User-Agent logging is disabled. 2007/05/02 13:05:24| Referer logging is disabled. 2007/05/02 13:05:24| Unlinkd pipe opened on FD 9 2007/05/02 13:05:24| Swap maxSize 2048000 KB, estimated 157538 objects 2007/05/02 13:05:24| Target number of buckets: 7876 2007/05/02 13:05:24| Using 8192 Store buckets 2007/05/02 13:05:24| Max Mem size: 174080 KB 2007/05/02 13:05:24| Max Swap size: 2048000 KB 2007/05/02 13:05:24| Rebuilding storage in /cache/ (CLEAN) 2007/05/02 13:05:24| Using Least Load store dir selection 2007/05/02 13:05:24| Current Directory is /root 2007/05/02 13:05:24| Loaded Icons. 2007/05/02 13:05:26| Accepting HTTP connections at 0.0.0.0, port 3128, FD 10. 2007/05/02 13:05:26| Accepting ICP messages at 0.0.0.0, port 3130, FD 11. 2007/05/02 13:05:26| WCCP Disabled. 2007/05/02 13:05:26| Ready to serve requests. 2007/05/02 13:05:26| Done scanning /cache/ swaplog (0 entries) 2007/05/02 13:05:26| Finished rebuilding storage from disk. 2007/05/02 13:05:26| 0 Entries scanned 2007/05/02 13:05:26| 0 Invalid entries. 2007/05/02 13:05:26| 0 With invalid flags. 2007/05/02 13:05:26| 0 Objects loaded. 2007/05/02 13:05:26| 0 Objects expired. 2007/05/02 13:05:26| 0 Objects cancelled. 2007/05/02 13:05:26| 0 Duplicate URLs purged. 2007/05/02 13:05:26| 0 Swapfile clashes avoided. 2007/05/02 13:05:26| Took 2.5 seconds ( 0.0 objects/sec). 2007/05/02 13:05:26| Beginning Validation Procedure 2007/05/02 13:05:26| Completed Validation Procedure 2007/05/02 13:05:26| Validated 0 Entries 2007/05/02 13:05:26| store_swap_size = 0k 2007/05/02 13:05:27| storeLateRelease: released 0 objects 2007/05/02 13:27:21| Preparing for shutdown after 0 requests 2007/05/02 13:27:21| Waiting 0 seconds for active connections to finish 2007/05/02 13:27:21| FD 10 Closing HTTP connection 2007/05/02 13:27:23| Shutting down... 2007/05/02 13:27:23| FD 11 Closing ICP connection 2007/05/02 13:27:23| Closing unlinkd pipe on FD 9 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done 2007/05/02 13:27:23| storeDirWriteCleanLogs: Starting... 2007/05/02 13:27:23| Finished. Wrote 0 entries. 2007/05/02 13:27:23| Took 0.0 seconds ( 0.0 entries/sec). 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done config file dont have problem because squid -k pars anything show me.
[squid-users] Memory Issue
Hi, I have 4GB memory in my machine . The machine is four Intel(R) Xeon(R) CPU - 1.60GHz processors box. The bios correctly shows 4GB memory. Initially the machine had Redhat Enterprise Linux 3 on it and the machine showed all 4GB memory . Now I have reinstalled the OS to FC6 . But now machine shows *only 3 GB memory*. We have tried recompiling the linux kernel with following options but still it didnt show all the available memory (4GB) Method :1 CONFIG_HIGHMEM4G=y CONFIG_HIGHMEM=y Method : 2 CONFIG_HIGHMEM64G=y CONFIG_HIGHMEM=y We have also tried passing boot option mem=4096M to the kernel without any luck. What it could be the reason? How to fix this issue? Thanks in advance, Sekar
Re: [squid-users] Memory Issue
Sekar, on 05/02/2007 04:19 PM [GMT+500], wrote : Hi, I have 4GB memory in my machine . The machine is four Intel(R) Xeon(R) CPU - 1.60GHz processors box. The bios correctly shows 4GB memory. Initially the machine had Redhat Enterprise Linux 3 on it and the machine showed all 4GB memory . Now I have reinstalled the OS to FC6 . But now machine shows *only 3 GB memory*. Pretty much off topic for squid-user, better to post in fedora mailing list :PTry to boot your machine with some livecd and see if its show you all available ram? Or Try some decent linux distro :) Thanks.
Re: [squid-users] Memory Issue
Sekar said: Hi, I have 4GB memory in my machine . The machine is four Intel(R) Xeon(R) CPU - 1.60GHz processors box. The bios correctly shows 4GB memory. Initially the machine had Redhat Enterprise Linux 3 on it and the machine showed all 4GB memory . Now I have reinstalled the OS to FC6 . But now machine shows *only 3 GB memory*. We have tried recompiling the linux kernel with following options but still it didnt show all the available memory (4GB) Method :1 CONFIG_HIGHMEM4G=y CONFIG_HIGHMEM=y Method : 2 CONFIG_HIGHMEM64G=y CONFIG_HIGHMEM=y We have also tried passing boot option mem=4096M to the kernel without any luck. What it could be the reason? How to fix this issue? Thanks in advance, Sekar Is this the right maillist to ask the above? I don't see what squid has to do with it.! Ask squid related challenges.!
Re: [squid-users] Help Me Please
download squid src and compile. then it should eb more easy to debug. - Original Message - From: naser [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Wednesday, May 02, 2007 3:01 PM Subject: [squid-users] Help Me Please Hi, who can I help? what is my Problem? I am a New user in linux, My OP System is Redhat Enterprise 4 ,I want run Squit in our Network , But When I want Run squit by service squit start ,Failed Show me . and when enter squid command squid is stopped you have new mail in /var/spool/mail/root apeared. I restart My OP system . now I use squid command.anything apeared but when I enter squid command for start it squid is allredy running show me. [EMAIL PROTECTED] ~]# squid -N -d1 2007/05/02 13:05:24| Starting Squid Cache version 2.5.STABLE6 for i386- redhat-linux-gnu... 2007/05/02 13:05:24| Process ID 4048 2007/05/02 13:05:24| With 1024 file descriptors available 2007/05/02 13:05:24| Performing DNS Tests... 2007/05/02 13:05:24| Successful DNS name lookup tests... 2007/05/02 13:05:24| DNS Socket created at 0.0.0.0, port 32769, FD 4 2007/05/02 13:05:24| Adding nameserver 194.225.90.4 from /etc/resolv.conf 2007/05/02 13:05:24| Adding nameserver 4.2.2.3 from /etc/resolv.conf 2007/05/02 13:05:24| User-Agent logging is disabled. 2007/05/02 13:05:24| Referer logging is disabled. 2007/05/02 13:05:24| Unlinkd pipe opened on FD 9 2007/05/02 13:05:24| Swap maxSize 2048000 KB, estimated 157538 objects 2007/05/02 13:05:24| Target number of buckets: 7876 2007/05/02 13:05:24| Using 8192 Store buckets 2007/05/02 13:05:24| Max Mem size: 174080 KB 2007/05/02 13:05:24| Max Swap size: 2048000 KB 2007/05/02 13:05:24| Rebuilding storage in /cache/ (CLEAN) 2007/05/02 13:05:24| Using Least Load store dir selection 2007/05/02 13:05:24| Current Directory is /root 2007/05/02 13:05:24| Loaded Icons. 2007/05/02 13:05:26| Accepting HTTP connections at 0.0.0.0, port 3128, FD 10. 2007/05/02 13:05:26| Accepting ICP messages at 0.0.0.0, port 3130, FD 11. 2007/05/02 13:05:26| WCCP Disabled. 2007/05/02 13:05:26| Ready to serve requests. 2007/05/02 13:05:26| Done scanning /cache/ swaplog (0 entries) 2007/05/02 13:05:26| Finished rebuilding storage from disk. 2007/05/02 13:05:26| 0 Entries scanned 2007/05/02 13:05:26| 0 Invalid entries. 2007/05/02 13:05:26| 0 With invalid flags. 2007/05/02 13:05:26| 0 Objects loaded. 2007/05/02 13:05:26| 0 Objects expired. 2007/05/02 13:05:26| 0 Objects cancelled. 2007/05/02 13:05:26| 0 Duplicate URLs purged. 2007/05/02 13:05:26| 0 Swapfile clashes avoided. 2007/05/02 13:05:26| Took 2.5 seconds ( 0.0 objects/sec). 2007/05/02 13:05:26| Beginning Validation Procedure 2007/05/02 13:05:26| Completed Validation Procedure 2007/05/02 13:05:26| Validated 0 Entries 2007/05/02 13:05:26| store_swap_size = 0k 2007/05/02 13:05:27| storeLateRelease: released 0 objects 2007/05/02 13:27:21| Preparing for shutdown after 0 requests 2007/05/02 13:27:21| Waiting 0 seconds for active connections to finish 2007/05/02 13:27:21| FD 10 Closing HTTP connection 2007/05/02 13:27:23| Shutting down... 2007/05/02 13:27:23| FD 11 Closing ICP connection 2007/05/02 13:27:23| Closing unlinkd pipe on FD 9 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done 2007/05/02 13:27:23| storeDirWriteCleanLogs: Starting... 2007/05/02 13:27:23| Finished. Wrote 0 entries. 2007/05/02 13:27:23| Took 0.0 seconds ( 0.0 entries/sec). 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done config file dont have problem because squid -k pars anything show me.
Re: [squid-users] Memory Issue
which kernel is it? - Original Message - From: Sekar [EMAIL PROTECTED] To: squid squid-users@squid-cache.org Sent: Wednesday, May 02, 2007 4:19 PM Subject: [squid-users] Memory Issue Hi, I have 4GB memory in my machine . The machine is four Intel(R) Xeon(R) CPU - 1.60GHz processors box. The bios correctly shows 4GB memory. Initially the machine had Redhat Enterprise Linux 3 on it and the machine showed all 4GB memory . Now I have reinstalled the OS to FC6 . But now machine shows *only 3 GB memory*. We have tried recompiling the linux kernel with following options but still it didnt show all the available memory (4GB) Method :1 CONFIG_HIGHMEM4G=y CONFIG_HIGHMEM=y Method : 2 CONFIG_HIGHMEM64G=y CONFIG_HIGHMEM=y We have also tried passing boot option mem=4096M to the kernel without any luck. What it could be the reason? How to fix this issue? Thanks in advance, Sekar
Re: [squid-users] Help Me Please
naser wrote: who can I help? what is my Problem? What problem do you think you're having? You've not given us any idea as to what Squid is or isn't doing that you think it shouldn't or should. -- Martin A. Brooks | http://www.antibodymx.net/ | Anti-spam anti-virus Consultant| [EMAIL PROTECTED] | filtering. Inoculate antibodymx.net | m: +447896578023 | your mail system.
Re: [squid-users] Help Me Please
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 02 May 2007 14:31:58 +0430 naser [EMAIL PROTECTED] wrote: Hi, who can I help? what is my Problem? I am a New user in linux, My OP System is Redhat Enterprise 4 ,I want run Squit in our Network , But When I want Run squit by service squit start ,Failed Show me . and when enter squid command squid is stopped you have new mail in /var/spool/mail/root apeared. I restart My OP system . now I use squid command.anything apeared but when I enter squid command for start it squid is allredy running show me. [EMAIL PROTECTED] ~]# squid -N -d1 2007/05/02 13:05:24| Starting Squid Cache version 2.5.STABLE6 for i386- redhat-linux-gnu... 2007/05/02 13:05:24| Process ID 4048 2007/05/02 13:05:24| With 1024 file descriptors available 2007/05/02 13:05:24| Performing DNS Tests... 2007/05/02 13:05:24| Successful DNS name lookup tests... 2007/05/02 13:05:24| DNS Socket created at 0.0.0.0, port 32769, FD 4 2007/05/02 13:05:24| Adding nameserver 194.225.90.4 from /etc/resolv.conf 2007/05/02 13:05:24| Adding nameserver 4.2.2.3 from /etc/resolv.conf 2007/05/02 13:05:24| User-Agent logging is disabled. 2007/05/02 13:05:24| Referer logging is disabled. 2007/05/02 13:05:24| Unlinkd pipe opened on FD 9 2007/05/02 13:05:24| Swap maxSize 2048000 KB, estimated 157538 objects 2007/05/02 13:05:24| Target number of buckets: 7876 2007/05/02 13:05:24| Using 8192 Store buckets 2007/05/02 13:05:24| Max Mem size: 174080 KB 2007/05/02 13:05:24| Max Swap size: 2048000 KB 2007/05/02 13:05:24| Rebuilding storage in /cache/ (CLEAN) 2007/05/02 13:05:24| Using Least Load store dir selection 2007/05/02 13:05:24| Current Directory is /root 2007/05/02 13:05:24| Loaded Icons. 2007/05/02 13:05:26| Accepting HTTP connections at 0.0.0.0, port 3128, FD 10. 2007/05/02 13:05:26| Accepting ICP messages at 0.0.0.0, port 3130, FD 11. 2007/05/02 13:05:26| WCCP Disabled. 2007/05/02 13:05:26| Ready to serve requests. 2007/05/02 13:05:26| Done scanning /cache/ swaplog (0 entries) 2007/05/02 13:05:26| Finished rebuilding storage from disk. 2007/05/02 13:05:26| 0 Entries scanned 2007/05/02 13:05:26| 0 Invalid entries. 2007/05/02 13:05:26| 0 With invalid flags. 2007/05/02 13:05:26| 0 Objects loaded. 2007/05/02 13:05:26| 0 Objects expired. 2007/05/02 13:05:26| 0 Objects cancelled. 2007/05/02 13:05:26| 0 Duplicate URLs purged. 2007/05/02 13:05:26| 0 Swapfile clashes avoided. 2007/05/02 13:05:26| Took 2.5 seconds ( 0.0 objects/sec). 2007/05/02 13:05:26| Beginning Validation Procedure 2007/05/02 13:05:26| Completed Validation Procedure 2007/05/02 13:05:26| Validated 0 Entries 2007/05/02 13:05:26| store_swap_size = 0k 2007/05/02 13:05:27| storeLateRelease: released 0 objects 2007/05/02 13:27:21| Preparing for shutdown after 0 requests 2007/05/02 13:27:21| Waiting 0 seconds for active connections to finish 2007/05/02 13:27:21| FD 10 Closing HTTP connection 2007/05/02 13:27:23| Shutting down... 2007/05/02 13:27:23| FD 11 Closing ICP connection 2007/05/02 13:27:23| Closing unlinkd pipe on FD 9 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done 2007/05/02 13:27:23| storeDirWriteCleanLogs: Starting... 2007/05/02 13:27:23| Finished. Wrote 0 entries. 2007/05/02 13:27:23| Took 0.0 seconds ( 0.0 entries/sec). 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done 2007/05/02 13:27:23| aioSync: flushing pending I/O operations 2007/05/02 13:27:23| aioSync: done config file dont have problem because squid -k pars anything show me. Hi Naser, I think that the problem could be due to permissions. Under which user and group are you trying to start Squid? Also check your relevant configuration for access.log, cache.log and store.log. If possible, try to send us your squid.conf file for further investigation. Your version of Squid 2.5.STABLE6 seems to be quite old but that does not mean that your old version is actually causing the problem. I really suggest you to download and compile the latest source file from: http://www.squid-cache.org/Versions/v2/2.6/ Have a nice time debugging Squid :) - -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFGOIafVrOl+eVhOvYRApAIAKCW7E69TlVKFw3qiChJcI+zKJbcdgCfXDtm e6A5ax5ujNARv/XDQmfqR1w= =M4xN -END PGP SIGNATURE-
AW: [squid-users] Help Me Please
I restart My OP system . now I use squid command.anything apeared but when I enter squid command for start it squid is allredy running show me. could it be, that there is already a squid-version from your distribution running? so both - that from your distribution and your squd - will try to use the same port? have a look in cache.log, access.log etc... markus
Re: [squid-users] Transparent proxy testing from the proxy server
On Wednesday 02 May 2007 00:53, Henrik Nordstrom wrote: Did you allow localhost to use the proxy? I posted the squid.conf, and there is an acl that should be allowing localhost to use the proxy there, as far as I know. Did you look at that? Anything in cache.log? It looks pretty normal, and I see no errors there. Have you configured transparent interception properly in squid.conf? That is what I am trying to figure out, and part of why I posted my squid.conf. Here it is again: hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY hosts_file /etc/hosts refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl lan src 64.233.167.99 192.168.1.0/24 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow all http_access deny all http_reply_access allow all icp_access allow all coredump_dir /var/spool/squid -- Leah Kubik : d416-585-9971x692 : d416-703-5977 : m416-559-6511 Frauerpower! Co. : www.frauerpower.com : Toronto, ON Canada MSN: [EMAIL PROTECTED] | AIM: frauerpower | Yahoo: h3inous F9B6 FEFE 080B 8299 D7EA 1270 005C EC73 47C9 B7A6
Re: [squid-users] Transparent proxy testing from the proxy server
ons 2007-05-02 klockan 09:18 -0400 skrev Leah Kubik: That is what I am trying to figure out, and part of why I posted my squid.conf. Here it is again: No transparent interception support in that config. 2.6: http_port 3128 transparent 2.5: http_port 3128 httpd_accel_host virtual httpd_accel_uses_host_header on httpd_accel_with_proxy on (or something along those lines.. haven't worked with 2.5 in years) Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
RE: [squid-users] Help Me Please
I restart My OP system . now I use squid command.anything apeared but when I enter squid command for start it squid is allredy running show me. could it be, that there is already a squid-version from your distribution running? so both - that from your distribution and your squd - will try to use the same port? have a look in cache.log, access.log etc... markus It could also be that there is a squid.pid file that already exists on the system. What OS? Dave
Re: [squid-users] Transparent proxy testing from the proxy server
On Wednesday 02 May 2007 10:20, Henrik Nordstrom wrote: 2.5: http_port 3128 httpd_accel_host virtual httpd_accel_uses_host_header on httpd_accel_with_proxy on Actually, that's perfect. I thought that I had these parameters, but somewhere in my testing, I must have done something to remove them. Unfortunately, this client runs CentOS 4, and there are no 2.6 packages available for CentOS 4, and they are not inclined to use a source build or to upgrade at the moment. Thanks for putting up with me, Leah -- Leah Kubik : d416-585-9971x692 : d416-703-5977 : m416-559-6511 Frauerpower! Co. : www.frauerpower.com : Toronto, ON Canada MSN: [EMAIL PROTECTED] | AIM: frauerpower | Yahoo: h3inous F9B6 FEFE 080B 8299 D7EA 1270 005C EC73 47C9 B7A6
[squid-users] Re: confirm unsubscribe from squid-users@squid-cache.org
Re: [squid-users] cache_peer - multiple ones
Henrik Nordstrom wrote: tis 2007-05-01 klockan 23:41 +0100 skrev Gareth Edmondson: Thanks for the advice here. I read about this name= option earlier in the archives - but I got the impression from previous posters that it was in version 3 of squid and not the stable version that ships with Debian Etch. The stable version is 2.6.5-6. It's in 2.6 and later. cache_peer_access sslproxy allow CONNECT cache_peer_access sslproxy deny all cache_peer_access original upstream name deny CONNECT cache_peer_access original upstream name allow all I'm not sure they are in the right order. Looks fine. order of cache_peer_access is important, but only per peer. The order of the peers is not important. Everything seems to be working. However when we try and connect to the 443 website it challenges us again for the AD username and password. Upon entering this the browser challenges us again and again and again - simply not letting us through. One more thing, have you added trust between Squid and the peer for forwarding of proxy authentication? See the login option to cache_peer. Regards Henrik Here is an extract of my access.log file - what is the difference between a HIT and a MISS in this scenario? 117813.463 0 127.0.0.1 TCP_HIT/200 506 GET http://communities.rm.com/forums/skins/communities/images/message_gradient_header.gif - NONE/- image/gif 117813.515 53 127.0.0.1 TCP_MISS/404 1952 GET http://communities.rm.com/favicon.ico - DEFAULT_PARENT/webcluster.education.swansea.sch.uk text/html 117815.152111 127.0.0.1 TCP_MISS/302 1302 GET http://communities.rm.com/forums/member/default.aspx - DEFAULT_PARENT/webcluster.education.swansea.sch.uk text/html 117815.198 3 127.0.0.1 TCP_MISS/000 3112 CONNECT communities.rm.com:443 - DEFAULT_PARENT/proxyssl - 117818.229 3 127.0.0.1 TCP_MISS/000 3112 CONNECT communities.rm.com:443 - DEFAULT_PARENT/proxyssl - 117821.481 3 127.0.0.1 TCP_MISS/000 3112 CONNECT communities.rm.com:443 - DEFAULT_PARENT/proxyssl - You can see clearly where I have attempted to access a 443 website - yet it still asks me to authenticate against the AD with my username and password. The problem must lie with my authentication modules. GJE
[squid-users] Cant get redirect gre and wccp and cisco 3600 and 7200 and debian and centos
I´m becoming of thinking in throwing the towell. ive tried several ways of making wccp2 work with my squid 2.6 unstable kernel 2.6 with gre the idea was simple router + switch + clients and squid ive tried it in centos and also on debian (my favourite) all flavours of kernels and squids unstables releases im very close, but can handle it ive setup a gre tunnel with a 10.10.10.1 (router outcoming interface is a 200.x.x.x, ive setup no incoming, E0/0 is a 192.x.x.x class, wccp v2) clients are not surfing but they do if i force a proxy direction on the explorer packets are coming in the gre tunnel, i am seing them with the tcpdump command packets are supposed to be redirected through my iptables to port 3128 (ive tried dnat, redirecting) squid conf is ok, 3128 transparent
[squid-users] Authentication Override
We have a need for an authentication override for NTLM, for example there are users that share a computer for access, but the systems is logged with a generic account to Active Directory. We would like to know who is going where so the generic account doesn't have Internet access, but the users have another AD account for Internet only, and would like to give them the ability to get to the Internet without having to log out and log back into windows. We have smartfilter installed so users actually all have access but the default access is very restricted (fbi.gov, weather.com, etc.), If the users are in our Standard Internet group then they can get to more, and of course we have users that have unrestricted that can get to almost everything. So can we provide a weblink or a form that would allow them to override the NTLM authentication, or change the credentials from the browser. relevant parts of squid.conf: smartfilter_state on smartfilter_config /opt/squid/etc/config.txt smartfilter_userinfo_program /opt/squid/libexec/sf_userinfo -f /opt/squid/etc/config.txt smartfilter_userinfo_children 15 auth_param ntlm program /opt/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 30 auth_param basic program /opt/samba/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 15 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours acl all src 0.0.0.0/0.0.0.0 never_direct allow all acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 443 563 # https, snews acl Safe_ports port 1025-65535 # unregistered ports acl CONNECT method CONNECT acl AuthorizedUsers proxy_auth REQUIRED no_cache deny QUERY http_access allow all AuthorizedUsers http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all Thank you, Brian
[squid-users] Reverse Proxy and Authentication
Good Morning All, I've set squid up as a reverse proxy and performing header based redirection to two servers. Both of the two servers that are sitting behind squid require password authentication. I've googled, trolled through the squid archives, and experimented and clearly I'm just not very clever, because I cannot seem to get authentication to work. I've found a lot of half answers but nothing that is clear enough for me (an admitted non guru) Both of the servers normally ask for a username and password via a standard dialog. However behind the reverse proxy, they both just come back with access denied type messages, without a username/password prompt in sight. What basic and blindingly obvious step am I missing? Cheers Jo
[squid-users] Proper Access ACLs
I need to set up my squid instance so that it allows only local content to be cached, EXCEPT for access to content on a single external server. I have a proxy (extern-proxy.mydomain) that provides a path outside to reach the server external.com. Will the following configuration directives route requests to external.com ONLY through extern-proxy.mydomain while keeping all other requests inside my own domain? Is this the correct way to do this, or is there another recommendation for configuring for this case? cache_peer extern-proxy.mydomain parent 8181 5151 no-query no-digest acl OUTSIDE dstdomain external.com cache_peer_access allow OUTSIDE cache_peer_access deny all always_direct allow all never_direct deny all
Re: [squid-users] google
I didnt remove any of the defaults I am using 2.5 and the acl query statements are there. Not sure what you are trying to tell me. thanks, ddh 1) By default, Squid won't cache the response to any request with a question mark (usually GET requests with arguments signifying a dynamic page). 2) Even if this behavior had been changed in your install, the links you listed are not cacheable, due to the information not given by the server. Chris
Re: [squid-users] Transparent proxy testing from the proxy server
Leah Kubik wrote: Unfortunately, this client runs CentOS 4, and there are no 2.6 packages available for CentOS 4, and they are not inclined to use a source build or to upgrade at the moment. Thanks for putting up with me, Leah For what it's worth, the Squid SRPMs from Fedora Core 6 build fine on Centos 4.4. Chris
Re: [squid-users] Help Me Please
naser wrote: Hi, who can I help? what is my Problem? I am a New user in linux, My OP System is Redhat Enterprise 4 If you are actually using RedHat Enterprise 4 (as opposed to a clone), I'd suggest you contact RedHat. The whole purpose of paying them licensing fees is so you have a support contact who is familiar with your setup. In any case... ,I want run Squit in our Network , But When I want Run squit by service squit start ,Failed Show me . Perhaps you'd have better luck trying service squid start. *shrug* and when enter squid command squid is stopped you have new mail in /var/spool/mail/root apeared. I restart My OP system . now I use squid command.anything apeared but when I enter squid command for start it squid is allredy running show me. Squid is stopped, or squid is running? It can't be both. [EMAIL PROTECTED] ~]# squid -N -d1 2007/05/02 13:05:24| Starting Squid Cache version 2.5.STABLE6 for i386- redhat-linux-gnu... 2007/05/02 13:05:24| Process ID 4048 SNIP 2007/05/02 13:05:26| Beginning Validation Procedure 2007/05/02 13:05:26| Completed Validation Procedure 2007/05/02 13:05:26| Validated 0 Entries 2007/05/02 13:05:26| store_swap_size = 0k 2007/05/02 13:05:27| storeLateRelease: released 0 objects At this point, Squid is running. 2007/05/02 13:27:21| Preparing for shutdown after 0 requests 2007/05/02 13:27:21| Waiting 0 seconds for active connections to finish 2007/05/02 13:27:21| FD 10 Closing HTTP connection 2007/05/02 13:27:23| Shutting down... Just under 22 minutes later, it is told to shut down. Where is the problem? config file dont have problem because squid -k pars anything show me. Obviously. Squid starts and runs just fine. Chris
Re: [squid-users] google
Quoting Chris Robertson [EMAIL PROTECTED]: I didnt remove any of the defaults I am using 2.5 and the acl query statements are there. Not sure what you are trying to tell me. thanks, ddh 1) By default, Squid won't cache the response to any request with a question mark (usually GET requests with arguments signifying a dynamic page). 2) Even if this behavior had been changed in your install, the links you listed are not cacheable, due to the information not given by the server. Chris Cool. So nothing wrong with my proxy server. -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] Cant get redirect gre and wccp and cisco 3600 and 7200 and debian and centos
On Wed, May 02, 2007, Facundo Vilarnovo wrote: I??m becoming of thinking in throwing the towell. ? ive tried several ways of making wccp2 work with my squid 2.6 unstable kernel 2.6 with gre ? the idea was simple ? router + switch + clients and squid ? ? ive tried it in centos and also on debian (my favourite) ? all flavours of kernels and squids unstables releases ? im very close, but can handle it ? ive setup a gre tunnel with a 10.10.10.1 (router outcoming interface is a 200.x.x.x, ive setup no incoming, E0/0 is a 192.x.x.x class, wccp v2) ? clients are not surfing but they do if i force a proxy direction on the explorer ? packets are coming in the gre tunnel, i am?seing them with the tcpdump command packets are supposed to be redirected through my iptables to port 3128 (ive tried dnat, redirecting) squid conf is ok, 3128 transparent Whats your linux config look like? Have you turned off reverse path checking? Have you looked at the instructions in the Squid Wiki under Configuration Examples for some inspiration? adrian
Re: [squid-users] Cant get redirect gre and wccp and cisco 3600 and 7200 and debian and centos
On Thu, May 03, 2007, Nicolas Royo wrote: Hi! i was just missing the gre tunnel redirecting with DNAT to eth0! Make sure you've also compiled squid with --enable-linux-netfilter too.. Adrian