Re: [squid-users] For admins that wanted to stop torrent downloads
SSCR Internet Admin wrote: Hi, I am experimenting on how to stop torrent downloads, but when a torrent client already established a connection, it don't drop the packets at all. I hope someone could share a thought or two about my approach 1. Run squid on transparent mode 2. I run this iptables command... #Reroute all ports to port 3128 $IPT -t nat -I PREROUTING -i $INT -p tcp --dport 80 -j DNAT --to 192.168.100.1:3128 Target to use is REDIRECT not DNAT. Or on systems with appropriately patched kernel TPROXY target is available. 4. I have found this logs on cache.log 2007/10/23 13:47:42| parseHttpRequest: Requestheader contains NULL characters 2007/10/23 13:47:42| parseHttpRequest: Unsupported method 'BitTorrent' 2007/10/23 13:47:42| clientReadRequest: FD 137 (192.168.100.61:3907) Invalid Request 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL characters 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent' 2007/10/23 13:47:43| clientReadRequest: FD 89 (192.168.100.61:3908) Invalid Request 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL characters 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent' 2007/10/23 13:47:43| clientReadRequest: FD 152 (192.168.100.61:3909) Invalid I don't know if these experiment also exist, but it's a good way, maybe someone could make a patch that blocks torrents or p2p apps based on the cache.log results. Better yet. The dev team is looking for somebody interested in adding full Torrent support to squid. That would entail adding settings and ACL to configure access/denial properly. Amos
Re: [squid-users] unlinked squid process
[EMAIL PROTECTED] wrote: Just wanted to know the meaning of MISS_TCP. I thought that might be an error message. Errors, as in 'problems with squid', shop up in cache.log and start with "WARNING:" or "fatal:" maybe followed by a "Starting Squid" if it was really bad. Thanks for the document. I am going to install a squid log analyzer to see what objects are cached ( I think we are caching quarries which I don't think it is a good idea ) Caching quarries could be a problem with all the rocks. Caching queries however, is how the web works faster than the network underneath it. which one do you recommend ? there is plenty of them but I was thinking of squeezer. is there a sequence in restarting apache and squid while apache is configured to be the parent ? no. because some time when we restart squid or apache the squid process is not killed, and new process will be started. do you mean apache is started twce? or do you mean squid is started twice? the second maybe related to a shutdown bug, long fixed in 2.6s12+. Amos Quoting Colin Campbell <[EMAIL PROTECTED]>: Hi, On Tue, 2007-10-23 at 01:29 -0400, [EMAIL PROTECTED] wrote: when I do "ps -ef | grep squid" I see squid25921 25919 0 21:04 ?00:00:00 (unlinkd) why it is unlinked ? I couldn't find any document to explain. It isn't "unlinkEd", it's "unlinkd" which is a daemon used to remove old objects from the cache. also I am using squid for accelerating my web server. I see following message in my access log files. TCP_MISS:FIRST_UP_PARENT "-" would you please let me know waht that message means From the FAQ (http://wiki.squid-cache.org/SquidFaq/SquidLogs) TCP_MISS = The requested object was not in the cache. FIRST_UP_PARENT = The object was fetched from the first parent in the list of parents. and if there is any thing I should concern about TCP_MISS:FIRST_UP_PARENT "-" 0 It's hard to tell exactly what you're concerned about. Show more of the log entry you're worried about. Colin -- Colin Campbell Unix Support/Postmaster/Hostmaster Citec +61 7 3227 6334
Re: [squid-users] unlinked squid process
Adrian Chadd wrote: On Tue, Oct 23, 2007, [EMAIL PROTECTED] wrote: when I do "ps -ef | grep squid" I see squid25921 25919 0 21:04 ?00:00:00 (unlinkd) why it is unlinked ? I couldn't find any document to explain. Its an old, old thing which is used to unlink files when you're running ufs. Its not used (AFAIK) for aufs or diskd, definitely not used for COSS. Definatey still used for aufs. I think I recall people on diskd mentioning it fairly recently, and its the kind of major piece those three closely related fs would share even if aufs/diskd didn't technically need it. Amos
RE: [squid-users] For admins that wanted to stop torrent downloads
It seems that I am observing now, 90% of torrent downloads are not connecting... I guess I would try several days, if these active connecting torrent can actually connect... This is somewhat useful as of now on my opinion, it cuts down torrent access... -Original Message- From: Amos Jeffries [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 23, 2007 3:22 PM To: SSCR Internet Admin Cc: squid-users@squid-cache.org Subject: Re: [squid-users] For admins that wanted to stop torrent downloads SSCR Internet Admin wrote: > Hi, > > I am experimenting on how to stop torrent downloads, but when a torrent > client already established a connection, it don't drop the packets at all. > I hope someone could share a thought or two about my approach > > 1. Run squid on transparent mode > 2. I run this iptables command... > > #Reroute all ports to port 3128 > $IPT -t nat -I PREROUTING -i $INT -p tcp --dport 80 -j DNAT --to > 192.168.100.1:3128 Target to use is REDIRECT not DNAT. Or on systems with appropriately patched kernel TPROXY target is available. > > 4. I have found this logs on cache.log > > 2007/10/23 13:47:42| parseHttpRequest: Requestheader contains NULL > characters > 2007/10/23 13:47:42| parseHttpRequest: Unsupported method 'BitTorrent' > 2007/10/23 13:47:42| clientReadRequest: FD 137 (192.168.100.61:3907) Invalid > Request > 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL > characters > 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent' > 2007/10/23 13:47:43| clientReadRequest: FD 89 (192.168.100.61:3908) Invalid > Request > 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL > characters > 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent' > 2007/10/23 13:47:43| clientReadRequest: FD 152 (192.168.100.61:3909) Invalid > > > I don't know if these experiment also exist, but it's a good way, maybe > someone could make a patch that blocks torrents or p2p apps based on the > cache.log results. > Better yet. The dev team is looking for somebody interested in adding full Torrent support to squid. That would entail adding settings and ACL to configure access/denial properly. Amos -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. __ NOD32 2608 (20071023) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com __ NOD32 2608 (20071023) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: [squid-users] Squid, tproxy, nat and multi-homed
From: "Ming-Ching Tiew" <[EMAIL PROTECTED]> > > But the fact is that as soon as I turn on squid directive, > > http_port 3128 tproxy transparent > > I will get private IP belonging to the original http web requestor > appearing > in the internet line - EVEN THOUGH - I do have a POSTROUTING > rule in the nat table to SNAT. As a matter of fact, > > iptables -t nat -nvL POSTROUTING > > shows that the SNAT rule has been traversed ( and the counter is incremented > ! ). > Just want to mention that my problem is fixed by doing this patch :- http://freshmeat.net/projects/doublenatcttproxy2patch/?branch_id=71776 Regards. Important Warning! *** This electronic communication (including any attached files) may contain confidential and/or legally privileged information and is only intended for the use of the person to whom it is addressed. If you are not the intended recipient, you do not have permission to read, use, disseminate, distribute, copy or retain any part of this communication or its attachments in any form. If this e-mail was sent to you by mistake, please take the time to notify the sender so that they can identify the problem and avoid any more mistakes in sending e-mail to you. The unauthorised use of information contained in this communication or its attachments may result in legal action against any person who uses it.
Re: [squid-users] Squid, tproxy, nat and multi-homed
Would you mind filing a bugzilla report with all of this in it please? Thanks, Adrian On Tue, Oct 23, 2007, Ming-Ching Tiew wrote: > > From: "Ming-Ching Tiew" <[EMAIL PROTECTED]> > > > > > But the fact is that as soon as I turn on squid directive, > > > > http_port 3128 tproxy transparent > > > > I will get private IP belonging to the original http web requestor > > appearing > > in the internet line - EVEN THOUGH - I do have a POSTROUTING > > rule in the nat table to SNAT. As a matter of fact, > > > > iptables -t nat -nvL POSTROUTING > > > > shows that the SNAT rule has been traversed ( and the counter is > incremented > > ! ). > > > > Just want to mention that my problem is fixed by doing this patch :- > > http://freshmeat.net/projects/doublenatcttproxy2patch/?branch_id=71776 > > Regards. > > > > Important Warning! > > *** > > This electronic communication (including any attached files) may contain > confidential and/or legally privileged information and is only intended for > the use of the person to whom it is addressed. If you are not the intended > recipient, you do not have permission to read, use, disseminate, distribute, > copy or retain any part of this communication or its attachments in any form. > If this e-mail was sent to you by mistake, please take the time to notify the > sender so that they can identify the problem and avoid any more mistakes in > sending e-mail to you. The unauthorised use of information contained in this > communication or its attachments may result in legal action against any > person who uses it. -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level bandwidth-capped VPSes available in WA -
Re: [squid-users] For admins that wanted to stop torrent downloads
SSCR Internet Admin wrote: It seems that I am observing now, 90% of torrent downloads are not connecting... I guess I would try several days, if these active connecting torrent can actually connect... This is somewhat useful as of now on my opinion, it cuts down torrent access... As would redirecting all traffic to /dev/null At present you are using a large memory/cpu-using process (squid) as a cheap blackhole. Squid is just receiving many requests it cant hanlde and drops almost immediately. There is other software available much better suited to that than squid. My point about REDIRECT/DNAT is the kernel-level differences between DNAT and REDIRECT that allow transparent mode to operate better with REDIRECT. Torrents still remain an unknown method to current generations of squid regardless of how they reach squid. Amos -Original Message- From: Amos Jeffries [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 23, 2007 3:22 PM To: SSCR Internet Admin Cc: squid-users@squid-cache.org Subject: Re: [squid-users] For admins that wanted to stop torrent downloads SSCR Internet Admin wrote: Hi, I am experimenting on how to stop torrent downloads, but when a torrent client already established a connection, it don't drop the packets at all. I hope someone could share a thought or two about my approach 1. Run squid on transparent mode 2. I run this iptables command... #Reroute all ports to port 3128 $IPT -t nat -I PREROUTING -i $INT -p tcp --dport 80 -j DNAT --to 192.168.100.1:3128 Target to use is REDIRECT not DNAT. Or on systems with appropriately patched kernel TPROXY target is available. 4. I have found this logs on cache.log 2007/10/23 13:47:42| parseHttpRequest: Requestheader contains NULL characters 2007/10/23 13:47:42| parseHttpRequest: Unsupported method 'BitTorrent' 2007/10/23 13:47:42| clientReadRequest: FD 137 (192.168.100.61:3907) Invalid Request 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL characters 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent' 2007/10/23 13:47:43| clientReadRequest: FD 89 (192.168.100.61:3908) Invalid Request 2007/10/23 13:47:43| parseHttpRequest: Requestheader contains NULL characters 2007/10/23 13:47:43| parseHttpRequest: Unsupported method 'BitTorrent' 2007/10/23 13:47:43| clientReadRequest: FD 152 (192.168.100.61:3909) Invalid I don't know if these experiment also exist, but it's a good way, maybe someone could make a patch that blocks torrents or p2p apps based on the cache.log results. Better yet. The dev team is looking for somebody interested in adding full Torrent support to squid. That would entail adding settings and ACL to configure access/denial properly. Amos
Re: [squid-users] unlinked squid process
[EMAIL PROTECTED] wrote: yes, that is the squid which has one process left over when we restart it. is there any document related to that shut down bug ? I was thinking of #1529 a 3.0-pre bug sorry not 2.6*. Sounds like a similar effect despite the version. Which squid are you using? Are you closing squid through a custom script sending SIGHUP/kill to a pid or a ports script provided by an official maintainer? A custom script may still encounter problems if it handles RunCache badly. Could be KILL'ing the child squid worker instead of HUP'ing the RunCache control process. Amos Thanks Quoting Amos Jeffries <[EMAIL PROTECTED]>: [EMAIL PROTECTED] wrote: Just wanted to know the meaning of MISS_TCP. I thought that might be an error message. Errors, as in 'problems with squid', shop up in cache.log and start with "WARNING:" or "fatal:" maybe followed by a "Starting Squid" if it was really bad. Thanks for the document. I am going to install a squid log analyzer to see what objects are cached ( I think we are caching quarries which I don't think it is a good idea ) Caching quarries could be a problem with all the rocks. Caching queries however, is how the web works faster than the network underneath it. which one do you recommend ? there is plenty of them but I was thinking of squeezer. is there a sequence in restarting apache and squid while apache is configured to be the parent ? no. because some time when we restart squid or apache the squid process is not killed, and new process will be started. do you mean apache is started twce? or do you mean squid is started twice? the second maybe related to a shutdown bug, long fixed in 2.6s12+. Amos Quoting Colin Campbell <[EMAIL PROTECTED]>: Hi, On Tue, 2007-10-23 at 01:29 -0400, [EMAIL PROTECTED] wrote: when I do "ps -ef | grep squid" I see squid25921 25919 0 21:04 ?00:00:00 (unlinkd) why it is unlinked ? I couldn't find any document to explain. It isn't "unlinkEd", it's "unlinkd" which is a daemon used to remove old objects from the cache. also I am using squid for accelerating my web server. I see following message in my access log files. TCP_MISS:FIRST_UP_PARENT "-" would you please let me know waht that message means From the FAQ (http://wiki.squid-cache.org/SquidFaq/SquidLogs) TCP_MISS = The requested object was not in the cache. FIRST_UP_PARENT = The object was fetched from the first parent in the list of parents. and if there is any thing I should concern about TCP_MISS:FIRST_UP_PARENT "-" 0 It's hard to tell exactly what you're concerned about. Show more of the log entry you're worried about. Colin -- Colin Campbell Unix Support/Postmaster/Hostmaster Citec +61 7 3227 6334
Re: [squid-users] unlinked squid process
Hi we are using SQUID 2.6.STABLE13 we usually restarting squid by flushing it service squid restart service squid flush flush) $0 stop sleep 2 echo -n 'Flushing squid cache: ' echo "" > /var/spool/squid/cache/swap.state echo_success echo /usr/local/squid/sbin/squid -z $0 start ;; Quoting Amos Jeffries <[EMAIL PROTECTED]>: [EMAIL PROTECTED] wrote: yes, that is the squid which has one process left over when we restart it. is there any document related to that shut down bug ? I was thinking of #1529 a 3.0-pre bug sorry not 2.6*. Sounds like a similar effect despite the version. Which squid are you using? Are you closing squid through a custom script sending SIGHUP/kill to a pid or a ports script provided by an official maintainer? A custom script may still encounter problems if it handles RunCache badly. Could be KILL'ing the child squid worker instead of HUP'ing the RunCache control process. Amos Thanks Quoting Amos Jeffries <[EMAIL PROTECTED]>: [EMAIL PROTECTED] wrote: Just wanted to know the meaning of MISS_TCP. I thought that might be an error message. Errors, as in 'problems with squid', shop up in cache.log and start with "WARNING:" or "fatal:" maybe followed by a "Starting Squid" if it was really bad. Thanks for the document. I am going to install a squid log analyzer to see what objects are cached ( I think we are caching quarries which I don't think it is a good idea ) Caching quarries could be a problem with all the rocks. Caching queries however, is how the web works faster than the network underneath it. which one do you recommend ? there is plenty of them but I was thinking of squeezer. is there a sequence in restarting apache and squid while apache is configured to be the parent ? no. because some time when we restart squid or apache the squid process is not killed, and new process will be started. do you mean apache is started twce? or do you mean squid is started twice? the second maybe related to a shutdown bug, long fixed in 2.6s12+. Amos Quoting Colin Campbell <[EMAIL PROTECTED]>: Hi, On Tue, 2007-10-23 at 01:29 -0400, [EMAIL PROTECTED] wrote: when I do "ps -ef | grep squid" I see squid25921 25919 0 21:04 ?00:00:00 (unlinkd) why it is unlinked ? I couldn't find any document to explain. It isn't "unlinkEd", it's "unlinkd" which is a daemon used to remove old objects from the cache. also I am using squid for accelerating my web server. I see following message in my access log files. TCP_MISS:FIRST_UP_PARENT "-" would you please let me know waht that message means From the FAQ (http://wiki.squid-cache.org/SquidFaq/SquidLogs) TCP_MISS = The requested object was not in the cache. FIRST_UP_PARENT = The object was fetched from the first parent in the list of parents. and if there is any thing I should concern about TCP_MISS:FIRST_UP_PARENT "-" 0 It's hard to tell exactly what you're concerned about. Show more of the log entry you're worried about. Colin -- Colin Campbell Unix Support/Postmaster/Hostmaster Citec +61 7 3227 6334
Re: [squid-users] unlinked squid process
On Tue, Oct 23, 2007, [EMAIL PROTECTED] wrote: > Hi > > we are using SQUID 2.6.STABLE13 > > we usually restarting squid by flushing it > service squid restart > service squid flush > > flush) > $0 stop > sleep 2 > echo -n 'Flushing squid cache: ' > echo "" > /var/spool/squid/cache/swap.state This line isn't flushing the cache and its probably creating a root-owned swap.state file thats causing your problem. Adrian
[squid-users] [min,max]-size and units
I'm using 2.6.STABLE14. I noticed that if you set a cache_dir entry with a size restriction that uses units (e.g. min-size=30kb ), it's accepted as valid syntax, but the units are ignored.
[squid-users] hiding "Unsupported method XYX"
Hi All, I would like to hide these messages so they don't get into cache.log They clutter my logs and I do not want to bother abuut them, as I hope this is not a real problem (is it?) I'm running 2.6.STABLE14 with the default debug_options. What should I do? From the FAQ and the docs i cannot determine which debug section (if any) this message belongs to. -- Filip Rembiałkowski
Re: [squid-users] unlinked squid process
Thanks, that is very interesting, the ownership of swap.state on all servers are squid, because it is pipe the echo output so it shouldn't change the permission. however was wondering if clearing swap.state is the way of clearing cache I was checking the squid that comes with Centos, it does not have any flush option, probably flush is a bad idea ? sudo ls -la /var/spool/squid/cache/swap.state -rw-r- 1 squid squid 5097456 Oct 23 11:44 /var/spool/squid/cache/swap.state ps -ef | grep -i squid root 26504 1 0 Oct03 ?00:00:00 /usr/local/squid/sbin/squid squid26506 26504 0 Oct03 ?00:00:00 (squid) root 25199 1 0 Oct17 ?00:00:00 /usr/local/squid/sbin/squid squid25201 25199 0 Oct17 ?00:12:34 (squid) squid25207 25201 0 Oct17 ?00:00:00 (unlinkd) squid12095 25201 0 Oct22 ?00:00:00 (ncsa_auth) /var/www/passwd/passwords squid12096 25201 0 Oct22 ?00:00:00 (ncsa_auth) /var/www/passwd/passwords squid12097 25201 0 Oct22 ?00:00:00 (ncsa_auth) /var/www/passwd/passwords squid12098 25201 0 Oct22 ?00:00:00 (ncsa_auth) /var/www/passwd/passwords squid12099 25201 0 Oct22 ?00:00:00 (ncsa_auth) /var/www/passwd/passwords babak26585 26554 0 11:59 pts/100:00:00 grep -i squid Quoting Adrian Chadd <[EMAIL PROTECTED]>: On Tue, Oct 23, 2007, [EMAIL PROTECTED] wrote: Hi we are using SQUID 2.6.STABLE13 we usually restarting squid by flushing it service squid restart service squid flush flush) $0 stop sleep 2 echo -n 'Flushing squid cache: ' echo "" > /var/spool/squid/cache/swap.state This line isn't flushing the cache and its probably creating a root-owned swap.state file thats causing your problem. Adrian
RE: [squid-users] IE versus firefox problems
On Mon, 22 Oct 2007, Amos Jeffries wrote: > >> Same here, bug in ie7, it seems to try to load an active x cause I can > >> get the top of the page then after it ffroze and seems to load and load > >> and load. > > > > thanks for confirming that for me. > > The site does working going directlyto it without a proxy, and it also > > works while using M$ ISA proxy. > > > > any tips on troubleshooting this for a newb is appreaciated. > > 1) try an upgrade to the latest available version of squid. > - BTW which version are you seeing the problem with? I have tried with squid-2.5.STABLE14, and now I am on squid-2.6.STABLE16, the fedora rpm. Both gave the same problem. > 2) find out exactly what URI is causing squid problems >- is the domain doing a 302 redirect or just loading an object? I have not been able to figure that out. I have tried copying the page locally and everything appears fine, but accessing it from the original server is not. I am at a bit of a loss for figuring out which URI is the causing the problem. I have turned up the debugging, but I dont see any evidence of any errors. > 3) try to locate what squids doing from cache.log and "debug_options ALL,5" > > 4) ask for help again given any new info you have gleaned in the above. >- others may see something in the log you missed. > > If its still occuring after (1) and the rest don't lead to a configuration > fix it should probably be brought up in squid-dev or reported as a bug. We > do want squid to work properly on every site. ok, well I will wait to see if anyone else has any comments, and then I guess I will escalate it to a bug report. --
[squid-users] TCP/IP multiplexing using BIGIP F5 load-balancer
Dear squid-users, -I have 2 squid 2.6.STABLE16 machines on linux -one loadbalancer of F5 (version 9) -one apache http server. The loadbalancer has the functionality of opening only 1 TCP connection to a certain squid wc. This means that the TCP connections of several HTTP clients are actually multiplexed over 1 and the same TCP session towards the squid. This feature is called Oneconnect at F5 or more in general TCP multiplexing. The big advantage is that the squid WC does not have to deal with opening/closing TCP connections for each HTTP connection. This however can only work if squid send connetion: Keep-alive back inside the returning http packets. I see that the squid always sends back connection: close. How can I make sure that squid sends back connection: keep-alive in stead of connection:close ? I noticed both "auth_param ntlm keep_alive on" and "auth_param negotiate keep_alive on" parameters, but these are only during authentication phases. How can I tell the squid to send connection:keep-alive for all the http requests so that the TCP session of the BIGIP will always remain open ? Note : My clients are HTTP1.1 users. Thanx in advance. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
RE: [squid-users] Cache dir problem with LVM
I'm running selinux. Weird thing is that it failed only when I mount the lvm, if I put it anywhere else, it work. JS -Message d'origine- De : Colin Campbell [mailto:[EMAIL PROTECTED] Envoyé : 22 octobre 2007 20:56 À : Amos Jeffries Cc : [EMAIL PROTECTED]; Frenette, Jean-Sébastien; squid-users@squid-cache.org Objet : RE: [squid-users] Cache dir problem with LVM Hi, All the permissions look okay. Are you running selinux or similar? Colin On Tue, 2007-10-23 at 12:08 +1300, Amos Jeffries wrote: > Just a thought: > > What path does squid.conf have for all *_log and cache_dir settings? > (and any other that require filenames) > > Amos > > > > umount > > # ls -ld /var/spool/squid > > drwxr-x--- 2 squid squid 4096 oct 17 13:43 /var/spool/squid > > > > mount > > ls -ld /var/spool/squid > > drwxr-x--- 20 squid squid 4096 oct 22 10:04 /var/spool/squid > > > > It's the same. > > > > mount > > ls -l /var/spool/squid > > total 152 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 00 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 01 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 02 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 03 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 04 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 05 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 06 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 07 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 08 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 09 > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0A > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0B > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0C > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0D > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0E > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0F > > drwxr-x--- 18 squid squid 4096 oct 19 05:47 1 > > drwxr-x--- 2 squid squid 16384 oct 15 14:45 lost+found > > > > Here's what was created after squid -z ran. > > > > Jean-Sébastien Frenette > > Technicien Informatique > > Centre d'Assistance Technique > > Département Informatique > > Collège Montmorency > > (450) 975-6100 poste 6108 > >  > > [EMAIL PROTECTED] > > > > > > -Message d'origine- > > De : Colin Campbell [mailto:[EMAIL PROTECTED] > > Envoyé : 21 octobre 2007 19:17 > > À : Frenette, Jean-Sébastien > > Cc : squid-users@squid-cache.org > > Objet : RE: [squid-users] Cache dir problem with LVM > > > > Hi, > > > > Can you show us the following. > > > > 1. Unmount /var/spool/squid > > ls -ld /var/spool/squid > > > > 2. Mount /var/spool/squid > > ls -ld /var/spool/squid > > > > Colin > > > >> On Fri, 2007-10-19 at 09:52 -0400, Frenette, Jean-Sébastien wrote: > >> I only have 1 squid. Before I did squid -z, the only thing that was in > >> the LVM is lost+found, which is normal. Then, when starting squid, I had > >> an error to the swap too, same error saying permission is denied. Then, > >> I saw the squid -z command and ran it. It created the swap and all the > >> 00 01 02 03... folders. Since then, no more swap error but the cache dir > >> error still happen > >> > >> Jean-Sébastien Frenette > >> Technicien Informatique > >> Centre d'Assistance Technique > >> Département Informatique > >> Collège Montmorency > >> (450) 975-6100 poste 6108 > >> > >> [EMAIL PROTECTED] > >> > >> -Message d'origine- > >> De : Amos Jeffries [mailto:[EMAIL PROTECTED] > >> Envoyé : 18 octobre 2007 21:53 > >> À : [EMAIL PROTECTED]; Frenette, Jean-Sébastien > >> Cc : squid-users@squid-cache.org > >> Objet : RE: [squid-users] Cache dir problem with LVM > >> > >> > Hello, > >> > > >> > I already did chown and chmod like stated in my last email, problem > >> isn't > >> > perm setting on folder since even if I log in squid, I can write in > >> those > >> > folder. > >> > > >> > JSF > >> > > >> > >> You say you had the same problem in swap until you ran squid -z for > >> that. > >> But have not indicated whether you used squid -z to create the LVM > >> structure too? > >> It may be a matter of erasing the cache in LVM, mounting the clean > >> folder > >> and running squid -z. > >> > >> Also, note that each squid needs a unique cache, no sharing is possible > >> yet. > >> > >> Amos > >> > >> > -Message d'origine- > >> > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de > >> > Alexandre Correa > >> > Envoyé : 17 octobre 2007 21:43 > >> > À : squid-users@squid-cache.org > >> > Cc : Frenette, Jean-Sébastien > >> > Objet : Re: [squid-users] Cache dir problem with LVM > >> > > >> > try this, > >> > whit lvm mounted on /var/spool/squid > >> > > >> > chown squid:squid /var/spool/squid > >> > chown squid:squid -R /var/spool/squid/* > >> > > >> > chmod 744 /var/spool/squid > >> > chmod 744 -R /var/spool/squid/* > >> > > >> > maybe this can work :) > >> > > >> > regards, > >> > > >> > AlexandrE > >> > > >> > On 10/17/07, Frenette, Jean-Sébastien > >> <[EMAIL PROTECTED]> > >> > wrote: > >> >> Hi everyone, > >> >>
RE: [squid-users] Cache dir problem with LVM
Default conf, didn't change that so it's /var/log/squid -Message d'origine- De : Amos Jeffries [mailto:[EMAIL PROTECTED] Envoyé : 22 octobre 2007 19:08 À : [EMAIL PROTECTED]; Frenette, Jean-Sébastien Cc : Colin Campbell; squid-users@squid-cache.org Objet : RE: [squid-users] Cache dir problem with LVM Just a thought: What path does squid.conf have for all *_log and cache_dir settings? (and any other that require filenames) Amos > umount > # ls -ld /var/spool/squid > drwxr-x--- 2 squid squid 4096 oct 17 13:43 /var/spool/squid > > mount > ls -ld /var/spool/squid > drwxr-x--- 20 squid squid 4096 oct 22 10:04 /var/spool/squid > > It's the same. > > mount > ls -l /var/spool/squid > total 152 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 00 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 01 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 02 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 03 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 04 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 05 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 06 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 07 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 08 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 09 > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0A > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0B > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0C > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0D > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0E > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0F > drwxr-x--- 18 squid squid 4096 oct 19 05:47 1 > drwxr-x--- 2 squid squid 16384 oct 15 14:45 lost+found > > Here's what was created after squid -z ran. > > Jean-Sébastien Frenette > Technicien Informatique > Centre d'Assistance Technique > Département Informatique > Collège Montmorency > (450) 975-6100 poste 6108 >  > [EMAIL PROTECTED] > > > -Message d'origine- > De : Colin Campbell [mailto:[EMAIL PROTECTED] > Envoyé : 21 octobre 2007 19:17 > À : Frenette, Jean-Sébastien > Cc : squid-users@squid-cache.org > Objet : RE: [squid-users] Cache dir problem with LVM > > Hi, > > Can you show us the following. > > 1. Unmount /var/spool/squid > ls -ld /var/spool/squid > > 2. Mount /var/spool/squid > ls -ld /var/spool/squid > > Colin > >> On Fri, 2007-10-19 at 09:52 -0400, Frenette, Jean-Sébastien wrote: >> I only have 1 squid. Before I did squid -z, the only thing that was in >> the LVM is lost+found, which is normal. Then, when starting squid, I had >> an error to the swap too, same error saying permission is denied. Then, >> I saw the squid -z command and ran it. It created the swap and all the >> 00 01 02 03... folders. Since then, no more swap error but the cache dir >> error still happen >> >> Jean-Sébastien Frenette >> Technicien Informatique >> Centre d'Assistance Technique >> Département Informatique >> Collège Montmorency >> (450) 975-6100 poste 6108 >> >> [EMAIL PROTECTED] >> >> -Message d'origine- >> De : Amos Jeffries [mailto:[EMAIL PROTECTED] >> Envoyé : 18 octobre 2007 21:53 >> À : [EMAIL PROTECTED]; Frenette, Jean-Sébastien >> Cc : squid-users@squid-cache.org >> Objet : RE: [squid-users] Cache dir problem with LVM >> >> > Hello, >> > >> > I already did chown and chmod like stated in my last email, problem >> isn't >> > perm setting on folder since even if I log in squid, I can write in >> those >> > folder. >> > >> > JSF >> > >> >> You say you had the same problem in swap until you ran squid -z for >> that. >> But have not indicated whether you used squid -z to create the LVM >> structure too? >> It may be a matter of erasing the cache in LVM, mounting the clean >> folder >> and running squid -z. >> >> Also, note that each squid needs a unique cache, no sharing is possible >> yet. >> >> Amos >> >> > -Message d'origine- >> > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de >> > Alexandre Correa >> > Envoyé : 17 octobre 2007 21:43 >> > À : squid-users@squid-cache.org >> > Cc : Frenette, Jean-Sébastien >> > Objet : Re: [squid-users] Cache dir problem with LVM >> > >> > try this, >> > whit lvm mounted on /var/spool/squid >> > >> > chown squid:squid /var/spool/squid >> > chown squid:squid -R /var/spool/squid/* >> > >> > chmod 744 /var/spool/squid >> > chmod 744 -R /var/spool/squid/* >> > >> > maybe this can work :) >> > >> > regards, >> > >> > AlexandrE >> > >> > On 10/17/07, Frenette, Jean-Sébastien >> <[EMAIL PROTECTED]> >> > wrote: >> >> Hi everyone, >> >> >> >> I have a little problem. For my squid cache folder, I've set a Raid >> >> (LVM) volume name « VolGroup00-LogVolSquidCache1 » that I mount to >> >> /var/spool/squid/ (this is where my cache folder point to). >> >> >> >> Now, when I start squid, I get: >> >> FATAL: cache_dir /var/spool/squid/1/: (13) Permission denied Squid >> Cache >> >> (Version 2.6.STABLE13): Terminated abnormally. >> >> CPU Usage: 0.012 seconds = 0.008 user + 0.004 sys Maximum Resident >> Size: >> >> 0 KB Pag
[squid-users] Squid as a SOCKS Proxy
Hi all, Please let me know whether Squid can be used as a SOCKS Proxy... I found an article in unix.org, kindly let me know whether the below given information was true... Can I use Squid as s SOCKS Proxy server? Reference: URL: http://www.unix.org.ua/squid/FAQ-4.html 4.10 Does Squid support Socks? We would like to use Squid, but we need it to use socks to connect to the world outside our firewall. No changes are necessary to use Squid with socks5. Simply add the usual -Dbind=SOCKSbind etc., to the compile line and -lsocks to the link line. --- Carson Gaspar ([EMAIL PROTECTED]) Regards, Sathyan Arjunan Unix Support | +1 408-962-2500 Extn : 22824
RE: [squid-users] Cache dir problem with LVM
Hi, On Tue, 2007-10-23 at 16:57 -0400, Frenette, Jean-Sébastien wrote: > I'm running selinux. Weird thing is that it failed only when I mount the lvm, > if I put it anywhere else, it work. In that case you need to do one of the following: a) turn selinux off or b) set selinux to permissive or c) configure selinux to allow what you're trying to do - read up on "audit2allow". It's behaviour varies with OS release (eg RHEL4 is very different to RHEL5) so I can't give you instructions without knowing your OS. Colin > > JS > > > -Message d'origine- > De : Colin Campbell [mailto:[EMAIL PROTECTED] > Envoyé : 22 octobre 2007 20:56 > À : Amos Jeffries > Cc : [EMAIL PROTECTED]; Frenette, Jean-Sébastien; squid-users@squid-cache.org > Objet : RE: [squid-users] Cache dir problem with LVM > > Hi, > > All the permissions look okay. Are you running selinux or similar? > > Colin > > On Tue, 2007-10-23 at 12:08 +1300, Amos Jeffries wrote: > > Just a thought: > > > > What path does squid.conf have for all *_log and cache_dir settings? > > (and any other that require filenames) > > > > Amos > > > > > > > umount > > > # ls -ld /var/spool/squid > > > drwxr-x--- 2 squid squid 4096 oct 17 13:43 /var/spool/squid > > > > > > mount > > > ls -ld /var/spool/squid > > > drwxr-x--- 20 squid squid 4096 oct 22 10:04 /var/spool/squid > > > > > > It's the same. > > > > > > mount > > > ls -l /var/spool/squid > > > total 152 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 00 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 01 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 02 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 03 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 04 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 05 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 06 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 07 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 08 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 09 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0A > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0B > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0C > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0D > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0E > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0F > > > drwxr-x--- 18 squid squid 4096 oct 19 05:47 1 > > > drwxr-x--- 2 squid squid 16384 oct 15 14:45 lost+found > > > > > > Here's what was created after squid -z ran. > > > > > > Jean-Sébastien Frenette > > > Technicien Informatique > > > Centre d'Assistance Technique > > > Département Informatique > > > Collège Montmorency > > > (450) 975-6100 poste 6108 > > >  > > > [EMAIL PROTECTED] > > > > > > > > > -Message d'origine- > > > De : Colin Campbell [mailto:[EMAIL PROTECTED] > > > Envoyé : 21 octobre 2007 19:17 > > > À : Frenette, Jean-Sébastien > > > Cc : squid-users@squid-cache.org > > > Objet : RE: [squid-users] Cache dir problem with LVM > > > > > > Hi, > > > > > > Can you show us the following. > > > > > > 1. Unmount /var/spool/squid > > > ls -ld /var/spool/squid > > > > > > 2. Mount /var/spool/squid > > > ls -ld /var/spool/squid > > > > > > Colin > > > > > >> On Fri, 2007-10-19 at 09:52 -0400, Frenette, Jean-Sébastien wrote: > > >> I only have 1 squid. Before I did squid -z, the only thing that was in > > >> the LVM is lost+found, which is normal. Then, when starting squid, I had > > >> an error to the swap too, same error saying permission is denied. Then, > > >> I saw the squid -z command and ran it. It created the swap and all the > > >> 00 01 02 03... folders. Since then, no more swap error but the cache dir > > >> error still happen > > >> > > >> Jean-Sébastien Frenette > > >> Technicien Informatique > > >> Centre d'Assistance Technique > > >> Département Informatique > > >> Collège Montmorency > > >> (450) 975-6100 poste 6108 > > >> > > >> [EMAIL PROTECTED] > > >> > > >> -Message d'origine- > > >> De : Amos Jeffries [mailto:[EMAIL PROTECTED] > > >> Envoyé : 18 octobre 2007 21:53 > > >> À : [EMAIL PROTECTED]; Frenette, Jean-Sébastien > > >> Cc : squid-users@squid-cache.org > > >> Objet : RE: [squid-users] Cache dir problem with LVM > > >> > > >> > Hello, > > >> > > > >> > I already did chown and chmod like stated in my last email, problem > > >> isn't > > >> > perm setting on folder since even if I log in squid, I can write in > > >> those > > >> > folder. > > >> > > > >> > JSF > > >> > > > >> > > >> You say you had the same problem in swap until you ran squid -z for > > >> that. > > >> But have not indicated whether you used squid -z to create the LVM > > >> structure too? > > >> It may be a matter of erasing the cache in LVM, mounting the clean > > >> folder > > >> and running squid -z. > > >> > > >> Also, note that each squid needs a unique cache, no sharing is possible > > >> yet. > > >> > > >> Amos > > >> > > >> > -Message d'origine- > > >> > De : [EMAIL PROTECTED] [ma
RE: [squid-users] Cache dir problem with LVM
I'm running fedora core 6. I already put squid so it can connect to any port in selinux, but it seems it's not the same conf as you are saying. What I di dis: setsebool -P squid_connect_any=1 -Message d'origine- De : Colin Campbell [mailto:[EMAIL PROTECTED] Envoyé : 23 octobre 2007 18:56 À : Frenette, Jean-Sébastien Cc : squid-users@squid-cache.org Objet : RE: [squid-users] Cache dir problem with LVM Hi, On Tue, 2007-10-23 at 16:57 -0400, Frenette, Jean-Sébastien wrote: > I'm running selinux. Weird thing is that it failed only when I mount the lvm, > if I put it anywhere else, it work. In that case you need to do one of the following: a) turn selinux off or b) set selinux to permissive or c) configure selinux to allow what you're trying to do - read up on "audit2allow". It's behaviour varies with OS release (eg RHEL4 is very different to RHEL5) so I can't give you instructions without knowing your OS. Colin > > JS > > > -Message d'origine- > De : Colin Campbell [mailto:[EMAIL PROTECTED] > Envoyé : 22 octobre 2007 20:56 > À : Amos Jeffries > Cc : [EMAIL PROTECTED]; Frenette, Jean-Sébastien; squid-users@squid-cache.org > Objet : RE: [squid-users] Cache dir problem with LVM > > Hi, > > All the permissions look okay. Are you running selinux or similar? > > Colin > > On Tue, 2007-10-23 at 12:08 +1300, Amos Jeffries wrote: > > Just a thought: > > > > What path does squid.conf have for all *_log and cache_dir settings? > > (and any other that require filenames) > > > > Amos > > > > > > > umount > > > # ls -ld /var/spool/squid > > > drwxr-x--- 2 squid squid 4096 oct 17 13:43 /var/spool/squid > > > > > > mount > > > ls -ld /var/spool/squid > > > drwxr-x--- 20 squid squid 4096 oct 22 10:04 /var/spool/squid > > > > > > It's the same. > > > > > > mount > > > ls -l /var/spool/squid > > > total 152 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 00 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 01 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 02 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 03 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 04 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 05 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 06 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 07 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 08 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 09 > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0A > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0B > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0C > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0D > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0E > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0F > > > drwxr-x--- 18 squid squid 4096 oct 19 05:47 1 > > > drwxr-x--- 2 squid squid 16384 oct 15 14:45 lost+found > > > > > > Here's what was created after squid -z ran. > > > > > > Jean-Sébastien Frenette > > > Technicien Informatique > > > Centre d'Assistance Technique > > > Département Informatique > > > Collège Montmorency > > > (450) 975-6100 poste 6108 > > >  > > > [EMAIL PROTECTED] > > > > > > > > > -Message d'origine- > > > De : Colin Campbell [mailto:[EMAIL PROTECTED] > > > Envoyé : 21 octobre 2007 19:17 > > > À : Frenette, Jean-Sébastien > > > Cc : squid-users@squid-cache.org > > > Objet : RE: [squid-users] Cache dir problem with LVM > > > > > > Hi, > > > > > > Can you show us the following. > > > > > > 1. Unmount /var/spool/squid > > > ls -ld /var/spool/squid > > > > > > 2. Mount /var/spool/squid > > > ls -ld /var/spool/squid > > > > > > Colin > > > > > >> On Fri, 2007-10-19 at 09:52 -0400, Frenette, Jean-Sébastien wrote: > > >> I only have 1 squid. Before I did squid -z, the only thing that was in > > >> the LVM is lost+found, which is normal. Then, when starting squid, I had > > >> an error to the swap too, same error saying permission is denied. Then, > > >> I saw the squid -z command and ran it. It created the swap and all the > > >> 00 01 02 03... folders. Since then, no more swap error but the cache dir > > >> error still happen > > >> > > >> Jean-Sébastien Frenette > > >> Technicien Informatique > > >> Centre d'Assistance Technique > > >> Département Informatique > > >> Collège Montmorency > > >> (450) 975-6100 poste 6108 > > >> > > >> [EMAIL PROTECTED] > > >> > > >> -Message d'origine- > > >> De : Amos Jeffries [mailto:[EMAIL PROTECTED] > > >> Envoyé : 18 octobre 2007 21:53 > > >> À : [EMAIL PROTECTED]; Frenette, Jean-Sébastien > > >> Cc : squid-users@squid-cache.org > > >> Objet : RE: [squid-users] Cache dir problem with LVM > > >> > > >> > Hello, > > >> > > > >> > I already did chown and chmod like stated in my last email, problem > > >> isn't > > >> > perm setting on folder since even if I log in squid, I can write in > > >> those > > >> > folder. > > >> > > > >> > JSF > > >> > > > >> > > >> You say you had the same problem in swap until you ran squid -z for > >
RE: [squid-users] Cache dir problem with LVM
Hi, On Tue, 2007-10-23 at 19:28 -0400, Frenette, Jean-Sébastien wrote: > I'm running fedora core 6. > > I already put squid so it can connect to any port in selinux, but it seems > it's not the same conf as you are saying. > > What I di dis: > > setsebool -P squid_connect_any=1 You're probably running into all sorts of issues with selinux. I'm no expert on it but you might need to investigate "fixfiles". It could be that the new filesystem isn't properly configured as far as selinux is concerned to allwo squid to use it. Using "audit2allow" will soon let you know if that's the case. Here's a script I use for "fixing" my local policy. -8<-- #! /bin/sh audit2allow -m local -l -i /var/log/messages || exit /bin/echo -n "Continue? [Y|n]: " read yorn if [ "$yorn" = "n" -o "$yorn" = "N" ]; then : else cd /root/selinux audit2allow -m local -l -i /var/log/messages >> local.te vi local.te /bin/echo -n "Load policy? [Y|n]: " read yorn if [ "$yorn" = "n" -o "$yorn" = "N" ]; then : else checkmodule -M -m -o local.mod local.te semodule_package -o local.pp -m local.mod semodule -i local.pp fi fi echo Done. -8<-- Bear in mind you usually need to run it quite a few times before something will work. That's because you can find things like: - start some program - file creation being blocked - fix selinux policy - start some program - file read being blocked - fix selinux policy - start some program - file write being blocked - fix selinux policy . Alternatively just set selinux to permissive, get things working and check the logs. Then you can fix everything for selinux and then change it to enforcing. Colin > > -Message d'origine- > De : Colin Campbell [mailto:[EMAIL PROTECTED] > Envoyé : 23 octobre 2007 18:56 > À : Frenette, Jean-Sébastien > Cc : squid-users@squid-cache.org > Objet : RE: [squid-users] Cache dir problem with LVM > > Hi, > > On Tue, 2007-10-23 at 16:57 -0400, Frenette, Jean-Sébastien wrote: > > I'm running selinux. Weird thing is that it failed only when I mount the > > lvm, if I put it anywhere else, it work. > > In that case you need to do one of the following: > > a) turn selinux off or > b) set selinux to permissive or > c) configure selinux to allow what you're trying to do - read up on > "audit2allow". It's behaviour varies with OS release (eg RHEL4 is very > different to RHEL5) so I can't give you instructions without knowing > your OS. > > Colin > > > > > JS > > > > > > -Message d'origine- > > De : Colin Campbell [mailto:[EMAIL PROTECTED] > > Envoyé : 22 octobre 2007 20:56 > > À : Amos Jeffries > > Cc : [EMAIL PROTECTED]; Frenette, Jean-Sébastien; > > squid-users@squid-cache.org > > Objet : RE: [squid-users] Cache dir problem with LVM > > > > Hi, > > > > All the permissions look okay. Are you running selinux or similar? > > > > Colin > > > > On Tue, 2007-10-23 at 12:08 +1300, Amos Jeffries wrote: > > > Just a thought: > > > > > > What path does squid.conf have for all *_log and cache_dir settings? > > > (and any other that require filenames) > > > > > > Amos > > > > > > > > > > umount > > > > # ls -ld /var/spool/squid > > > > drwxr-x--- 2 squid squid 4096 oct 17 13:43 /var/spool/squid > > > > > > > > mount > > > > ls -ld /var/spool/squid > > > > drwxr-x--- 20 squid squid 4096 oct 22 10:04 /var/spool/squid > > > > > > > > It's the same. > > > > > > > > mount > > > > ls -l /var/spool/squid > > > > total 152 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 00 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 01 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 02 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 03 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 04 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 05 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 06 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 07 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 08 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 09 > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0A > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0B > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0C > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0D > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0E > > > > drwxr-x--- 258 squid squid 4096 oct 22 10:04 0F > > > > drwxr-x--- 18 squid squid 4096 oct 19 05:47 1 > > > > drwxr-x--- 2 squid squid 16384 oct 15 14:45 lost+found > > > > > > > > Here's what was created after squid -z ran. > > > > > > > > Jean-Sébastien Frenette > > > > Technicien Informatique > > > > Centre d'Assistance Technique > > > > Département Informatique > > > > Collège Montmorency > > > > (450) 975-6100 poste 61
Re: [squid-users] unlinked squid process
> Thanks, > > that is very interesting, > the ownership of swap.state on all servers are squid, > because it is pipe the echo output so it shouldn't change > the permission. > > however was wondering if clearing swap.state is the way of > clearing cache > > I was checking the squid that comes with Centos, > it does not have any flush option, probably flush is a > bad idea ? Yes. Its not possible yet without destroying and rebuilding the entire fs. http://wiki.squid-cache.org/SquidFaq/OperatingSquid#head-997ff43f2b62743af566fb32f62e8ed512f49be2 > > Quoting Adrian Chadd <[EMAIL PROTECTED]>: > >> On Tue, Oct 23, 2007, [EMAIL PROTECTED] wrote: >>> Hi >>> >>> we are using SQUID 2.6.STABLE13 >>> >>> we usually restarting squid by flushing it >>> service squid restart >>> service squid flush >>> >>> flush) >>> $0 stop >>> sleep 2 >>> echo -n 'Flushing squid cache: ' >> >>> echo "" > /var/spool/squid/cache/swap.state >> >> This line isn't flushing the cache and its probably creating a >> root-owned >> swap.state file thats causing your problem. >> Seeing as how badly that was treating squid. Please include the rest of the script, so we can check the other operations. Amos
Re: [squid-users] Squid as a SOCKS Proxy
On Tue, Oct 23, 2007, Sathyan, Arjonan wrote: > > Hi all, > > Please let me know whether Squid can be used as a SOCKS Proxy... I found > an article in unix.org, kindly let me know whether the below given > information was true... Can I use Squid as s SOCKS Proxy server? No. > Reference: > > URL: http://www.unix.org.ua/squid/FAQ-4.html > > 4.10 Does Squid support Socks? > We would like to use Squid, but we need it to use socks to connect to > the world outside our firewall. > > No changes are necessary to use Squid with socks5. Simply add the usual > -Dbind=SOCKSbind etc., to the compile line and -lsocks to the link line. Thats for having Squid use a SOCKS proxy for its internet access. Just run a normal SOCKS proxy on the same box you run Squid; they'll coexist fine. Adrian -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level bandwidth-capped VPSes available in WA -
Re: [squid-users] Squid as a SOCKS Proxy
> > Hi all, > > Please let me know whether Squid can be used as a SOCKS Proxy... I found > an article in unix.org, kindly let me know whether the below given > information was true... Can I use Squid as s SOCKS Proxy server? No. Squid is an HTTP proxy, it does not receive SOCKS requests. > Reference: > > URL: http://www.unix.org.ua/squid/FAQ-4.html > > 4.10 Does Squid support Socks? > We would like to use Squid, but we need it to use socks to connect to > the world outside our firewall. > > No changes are necessary to use Squid with socks5. Simply add the usual > -Dbind=SOCKSbind etc., to the compile line and -lsocks to the link line. > > --- Carson Gaspar ([EMAIL PROTECTED]) > That FAQ appears to be relating info for squid 1.1 The current FAQ is at http://wiki.squid-cache.org/SquidFaq Amos
Re: [squid-users] IE versus firefox problems
On Tue, Oct 23, 2007, Robin Mordasiewicz wrote: > I have tried with squid-2.5.STABLE14, and now I am on squid-2.6.STABLE16, > the fedora rpm. > Both gave the same problem. Then I suggest installing wireshark and grabbing packet traces from proxied and non-proxied session. That'll be a great place to start debugging this issue. Adrian
[squid-users] Re: block spyware with squid
Hi, I want to block spyware while users browse internet. Are there any ACLs to block this ? Have you done this before? -- Thank you Indunil Jayasooriya
