Re: [squid-users] filter HTTP reply header
Ah, looks like that header is in the 'unknown' group. Do you build your own Squid? Yes, I build my squid from the latest 3.0 stable source. Matthias
Re: [squid-users] filter HTTP reply header
Matthias Teege wrote: Ah, looks like that header is in the 'unknown' group. Do you build your own Squid? Yes, I build my squid from the latest 3.0 stable source. Matthias Okay, in which case you can test out this: http://www.squid-cache.org/Versions/v3/HEAD/changesets/b9563.patch (should apply with patch -p0) Which adds that header to the 'known' list. I hope this is enough, anything more could be slightly tricky. Amos -- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13 Current Beta Squid 3.1.0.6
Re: [squid-users] filter HTTP reply header
http://www.squid-cache.org/Versions/v3/HEAD/changesets/b9563.patch (should apply with patch -p0) Which adds that header to the 'known' list. I hope this is enough, I applied the patch and it works for my problem. Many thanks Matthias
Re: [squid-users] Squid fails
Amos, I rebuilt squid: Squid Cache: Version 3.0.STABLE12 configure options: '--prefix=/usr/local/squid' '--sysconfdir=/etc/squid' '--enable-delay-pools' '--enable-kill-parent-hack' '--disable-htcp' '--enable-default-err-language=Spanish' '--enable-linux-netfilter' '--disable-ident-lookups' '--disable-internal-dns' '--localstatedir=/var/log/squid' '--enable-stacktraces' '--with-default-user=proxy' '--with-large-files' I added disable internal dns and squid has being working fine. Its being working for about 2 days without a crash where the previous built only worked for a couple of hours and then crash. Is it ok to run it like this even though is performing better than it was? Amos Jeffries wrote: Wilson Hernandez - f, S. A. wrote: Thank you Amos for your reply. I downloaded version 3.0 and here how I built it: Squid Cache: Version 3.0.STABLE12 configure options: '--prefix=/usr/local/squid' '--sysconfdir=/etc/squid' '--enable-delay-pools' '--enable-kill-parent-hack' '--disable-htcp' '--enable-default-err-language=Spanish' '--enable-linux-netfilter' '--localstatedir=/var/log/squid' '--enable-stacktraces' '--with-default-user=proxy' '--with-large-files' Amos Jeffries wrote: Wilson Hernandez - MSD, S. A. wrote: Hello once again. Here's my second problem I am experiencing with squid. Squid is running normally and after a while doesn't serve any pages it gives the user an error regarding dns I don't remember exactly but, it tells the user that it timed out trying to access the ip but, that page (google.com) is being used by many as home page. I don't know why is failing with some dns errors. I try doing ping to the same address and the dns server resolves the ip. What can be causing this to happen? It's a DNS failure. For better help we will need to know: * the version of squid you are using, * whether or not --disable-internal-dns was used to build it, * and what is the actual error page content given when things go wrong. Amos Okay those look normal enough. for further tracking try running Squid with flags -D -d 5 and see if you can grab what it produces on stderr during the system reboot. -D should stop it running DNS tests too early. -d 5 produces the debug before config has finished loading. Amos -- *Wilson Hernandez* Presidente 829.848.9595 809.766.0441 www.msdrd.com http://www.msdrd.com Conservando el medio ambiente
Re: [squid-users] Unsupported methods
Where I can find the type of extension_methods? You can add up to 20 additional request extension methods here for enabling Squid to allow access unknown methods But where can I find a list of these methods? Thanks. Chris Robertson wrote: Wilson Hernandez - MSD, S. A. wrote: Hello. I noticed a lot of unsupported method log in cache.log and is filling the log with those type of messages. What type of methods are these? Can someone please explain or guide me to where I can better understand the extension methods and or its types? and what they really are? So I can avoid having these type of logs: 2009/02/17 15:18:46| clientParseRequestMethod: Unsupported method attempted by 192.168.2.245: This is not a bug. see squid.conf extension_methods 2009/02/17 15:18:46| clientParseRequestMethod: Unsupported method in request 'NICK n[M-00-CRI-XP-14]___' 2009/02/21 20:36:29| clientParseRequestMethod: Unsupported method attempted by 192.168.2.241: This is not a bug. see squid.conf extension_methods 2009/02/21 20:36:29| clientParseRequestMethod: Unsupported method in request 'NICK [00|ESP|016294017]__' Thanks in advanced for your help. http://www.squid-cache.org/mail-archive/squid-users/200812/0313.html Chris -- *Wilson Hernandez* Presidente 829.848.9595 809.766.0441 www.msdrd.com http://www.msdrd.com Conservando el medio ambiente
[squid-users] squid 2.6 accelerator mode
I'm trying to get squid to work as a reverse proxy in front of a single web server which runs domain virtualhosts: http_port in:80 vhost cache_peer out parent 80 0 originserver 'in' is my input address, 'out' is the address of of the web server. The problem that I have is that each requests takes a considerable time to process (in which time squid is trying to resolve the Host: hostname and since I dont have a dns on the squid box, resolve never succeeds). Eventually the page is served, it just waits through some timeout on every request. Adding my vhosts to /etc/hosts on the squid box solves the issue. Can I have an accelerator for a single backend server with vhosts, without the need to resolve the Host: header (or if not possible, how to effectivly workaround it, adding all vhosts to /etc/hosts is not an option)?
Re: [squid-users] Unsupported methods
Where I can find the type of extension_methods? You can add up to 20 additional request extension methods here for enabling Squid to allow access unknown methods But where can I find a list of these methods? Applications which use non-standard HTTP methods should list them in their documentation. The alternative is checking cache.log for the methods name. It should be output somewhere near or in the message which tells you to use extension_methods option. One warning: SIP protocol methods (NICK REGISTER etc) may be seen and trigger this warning. However even adding them to the list of allowed methods they will still fail when going through Squid. It's built into the way SIP works, and the support to handle them properly still needs to be added to Squid. Amos Thanks. Chris Robertson wrote: Wilson Hernandez - MSD, S. A. wrote: Hello. I noticed a lot of unsupported method log in cache.log and is filling the log with those type of messages. What type of methods are these? Can someone please explain or guide me to where I can better understand the extension methods and or its types? and what they really are? So I can avoid having these type of logs: 2009/02/17 15:18:46| clientParseRequestMethod: Unsupported method attempted by 192.168.2.245: This is not a bug. see squid.conf extension_methods 2009/02/17 15:18:46| clientParseRequestMethod: Unsupported method in request 'NICK n[M-00-CRI-XP-14]___' 2009/02/21 20:36:29| clientParseRequestMethod: Unsupported method attempted by 192.168.2.241: This is not a bug. see squid.conf extension_methods 2009/02/21 20:36:29| clientParseRequestMethod: Unsupported method in request 'NICK [00|ESP|016294017]__' Thanks in advanced for your help. http://www.squid-cache.org/mail-archive/squid-users/200812/0313.html Chris -- *Wilson Hernandez* Presidente 829.848.9595 809.766.0441 www.msdrd.com http://www.msdrd.com Conservando el medio ambiente
Re: [squid-users] Squid fails
Amos, I rebuilt squid: Squid Cache: Version 3.0.STABLE12 configure options: '--prefix=/usr/local/squid' '--sysconfdir=/etc/squid' '--enable-delay-pools' '--enable-kill-parent-hack' '--disable-htcp' '--enable-default-err-language=Spanish' '--enable-linux-netfilter' '--disable-ident-lookups' '--disable-internal-dns' '--localstatedir=/var/log/squid' '--enable-stacktraces' '--with-default-user=proxy' '--with-large-files' I added disable internal dns and squid has being working fine. Its being working for about 2 days without a crash where the previous built only worked for a couple of hours and then crash. Is it ok to run it like this even though is performing better than it was? Depends on your use of Squid. Its okay to do that for something like a personal relay. But the blocking-lookup helper does not scale to any sort of reasonable production use. http://wiki.squid-cache.org/Features/Dnsserver You really should fix the DNS problem that squid was encountering. It is likely to be screwing up other software in your network as well. PS. you have yet to publish the error page squid is displaying so we can see what the problem is when it appears during regular use. Amos Amos Jeffries wrote: Wilson Hernandez - f, S. A. wrote: Thank you Amos for your reply. I downloaded version 3.0 and here how I built it: Squid Cache: Version 3.0.STABLE12 configure options: '--prefix=/usr/local/squid' '--sysconfdir=/etc/squid' '--enable-delay-pools' '--enable-kill-parent-hack' '--disable-htcp' '--enable-default-err-language=Spanish' '--enable-linux-netfilter' '--localstatedir=/var/log/squid' '--enable-stacktraces' '--with-default-user=proxy' '--with-large-files' Amos Jeffries wrote: Wilson Hernandez - MSD, S. A. wrote: Hello once again. Here's my second problem I am experiencing with squid. Squid is running normally and after a while doesn't serve any pages it gives the user an error regarding dns I don't remember exactly but, it tells the user that it timed out trying to access the ip but, that page (google.com) is being used by many as home page. I don't know why is failing with some dns errors. I try doing ping to the same address and the dns server resolves the ip. What can be causing this to happen? It's a DNS failure. For better help we will need to know: * the version of squid you are using, * whether or not --disable-internal-dns was used to build it, * and what is the actual error page content given when things go wrong. Amos Okay those look normal enough. for further tracking try running Squid with flags -D -d 5 and see if you can grab what it produces on stderr during the system reboot. -D should stop it running DNS tests too early. -d 5 produces the debug before config has finished loading. Amos -- *Wilson Hernandez* Presidente 829.848.9595 809.766.0441 www.msdrd.com http://www.msdrd.com Conservando el medio ambiente
Re: [squid-users] squid 2.6 accelerator mode
I'm trying to get squid to work as a reverse proxy in front of a single web server which runs domain virtualhosts: http_port in:80 vhost cache_peer outparent80 0 originserver 'in' is my input address, 'out' is the address of of the web server. The problem that I have is that each requests takes a considerable time to process (in which time squid is trying to resolve the Host: hostname and since I dont have a dns on the squid box, resolve never succeeds). Eventually the page is served, it just waits through some timeout on every request. Adding my vhosts to /etc/hosts on the squid box solves the issue. Can I have an accelerator for a single backend server with vhosts, without the need to resolve the Host: header (or if not possible, how to effectivly workaround it, adding all vhosts to /etc/hosts is not an option)? The recommended reverse-proxy accelerator setup does not require DNS in any form. http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator It is possible to direct cache_peer_access blah allow all to the web server if you only have one backend and all domains go to it. Just note that this removes any false-domain restrictions squid might otherwise provide, and only works with a single back-end. Amos