date:20091019

Ross Kovelman wrote:

From: Amos Jeffries squ...@treenet.co.nz
Date: Mon, 19 Oct 2009 18:14:33 +1300
Cc: squid-users@squid-cache.org squid-users@squid-cache.org
Subject: Re: [squid-users] High CPU Utilization

Ross Kovelman wrote:

Any reason why I would have high CPU utilization, avg around 90%?  I did
build it for PPC although I do have a large dstdomain list which contains
URL's that are not allowed on the network.  It is a Mac G4 dual 1.33.  This
is with no load, or I should say no users on the network.

Thanks

Could be a few things:

  * bug 2541 (except latest 3.0 and 3.1 releases)

  * lots of regex patterns

  * garbage collection of the various caches

  * UFS storage system catching up after a period of load

  * memory swapping

  * RAID

  * ... any combination of the above.

If you have the strace tool available you can look inside Squid and see.
  Or a use squid -k debug to toggle full debug on/off for a short
period and troll the cache.log afterwards.

Amos,

I am not using a raid, although my single drive performance might be slow?
Will need to check on the i/o.  When I do run squid or make any changes to
the config I do get a lot of :

2009/10/16 14:44:08| WARNING: You should probably remove 'xxx.com' from the
ACL named 'bad_url'
2009/10/16 14:44:08| WARNING: 'xxx.com' is a subdomain of 'xxx.com'
2009/10/16 14:44:08| WARNING: because of this 'xxx.com' is ignored to keep
splay tree searching predictable
2009/10/16 14:44:08| WARNING: You should probably remove 'xxx.com' from the
ACL named 'bad_url'

Would this by chance do it?  There is about 22,000 sites in the bad_url
file.

I don't think so. Those warnings are produced by Squid as it prunes them 
out of the ACL by itself.

You can get rid of the duplicates and sub-domains manually to reduce the 
warnings.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
  Current Beta Squid 3.1.0.14

[squid-users] squid centralized log

2009-10-19 Thread anti spamЯ

Hello all,
I have 4 different squid servers (three running squid-2.7.STABLE7 and
one squid-3.0.STABLE16) working on different subnets, and I'd like to
centralize their access.log entries to a remote log server.
I've read somewhere that using the syslog facility with huge amounts
of traffic causes log to be incomplete on the centralized log server.
So, please, can someone out there point me to a good and reliable solution?
I've found something about mysql, but not so sure the bandwidth
consumption would benefit..

Thanks in advance,
Marcos
(sorry for my english :)

[squid-users] Squid Logs

2009-10-19 Thread Nadeem Semaan

Hello,

I have configured named on the machine running squid to retrieve the forward 
and reverse zones from my DNS server (windows).  I also have squid configured 
to log the fqdn (log_fqdn on). I have also tries playing around with the 
dns_nameservers option, but I'm still getting IPs in my log files. Is there a 
way to only log the fqdn, do I need to change the dns expiry settings to less 
than one day?  Please help.

Nadeem.

Re: Res: [squid-users] Squid 3.0STABLE19 - performance

2009-10-19 Thread Matus UHLAR - fantomas

On 16.10.09 12:33, Marcos wrote:
 i think that you should :
 - at least double ram memory of your server to handle the amount of 
 connections.
 - increase cache_mem parameter
 - look at squid's logs
 - look at sysctl parameters of you S.O.

I think that he should first change from 'ufs' cache_dir type to 'aufs' or
'diskd' and also use separate drive for the cache (either new one or move
system logs and everything but the cache to new disk).

 The filesystem information is this:
 
 Filesystem   1K-blocks  Used Available Use% Mounted on
 /dev/sda2  5080828   4252116566452  89% /
 /dev/sda5141129204   2496448 131348084   2% /var
 /dev/sda1   101086 11303 84564  12% /boot
 tmpfs  1031764 0   1031764   0% /dev/shm
 
 The top output
 
 top - 09:50:08 up 3 days, 17:07,  1 user,  load average: 0.09, 0.06, 0.01
 Tasks:  88 total,   1 running,  87 sleeping,   0 stopped,   0 zombie
 Cpu(s):  0.5%us,  0.5%sy,  0.0%ni, 98.5%id,  0.0%wa,  0.2%hi,  0.3%si,  0.0%st
 Mem:   2063532k total,  2001504k used,62028k free,   199476k buffers
 Swap:  5245212k total,0k used,  5245212k free,  1415224k cached

according to this, he has still much of RAM unused by squid (use as system
cache is not an error!)

 acl mynet src /etc/squid/mynet ## allow over 400 Ips

Maybe you should specify CIDR ranges instead of IPs ?

 memory_replacement_policy lru
 cache_replacement_policy lru

heap policies (even heap lru) are much faster here.

 cache_dir ufs /var/spool/squid/cache 8 16 256 IOEngine=Blocking

 maximum_object_size 4194304 bytes

putting 4 MB would be much more readable here 

-- 
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
If Barbie is so popular, why do you have to buy her friends?

[squid-users] Squid Reverse Proxy help

2009-10-19 Thread Jones, Keven

Need help with finalizing my config. This config is not working for the 2nd 
server. Can
Anyone see what I'm missing or have configured incorreclty. 

 img01.cprpt.com is caching but img02.cprpt.com will not. I had orginiall 
forgotten the
 2nd cache_peer_access server_2 allow sites_server2 but this has been added and 
still  not working.

This url should work as the images and directories exist:

http://img02.cprpt.com/img/bvt/10002/ncrLogo_100909.gif


Thanks for looking at this for me!

---
Squid.conf:


http_port 80 accel defaultsite=img01.cprpt.com 
cache_peer 172.19.23.91 parent 80 0 no-query originserver name=myAccel 
cache_peer 172.19.23.92 parent 80 0 no-query originserver name=server_2

acl all src 0.0.0.0/0.0.0.0
acl our_sites dstdomain img01.cprpt.com
acl sites_server_2 dstdomain img02.cprpt.com 

http_access allow our_sites 
http_access allow sites_server_2 

cache_peer_access myAccel allow our_sites 
cache_peer_access server_2 allow sites_server_2 

cache_peer_access myAccel deny all 
cache_peer_access server_2 deny all


visible_hostname bv-ic01

cache_dir ufs /data/spool/squid 100 16 256

cache_access_log /data/log/squid/access.log

cache_log /data/log/squid/cache.log

cache_store_log /data/log/squid/store.log

[squid-users] Squid not caching some sites

2009-10-19 Thread ant2ne


My squid web cache proxy server is not caching sites such as...
http://www.netsmartz.org/resources/reallife.htm
http://www.netsmartz.org/stories/canttake.htm
http://www.nsteens.org/videos/social-networking/

These sites contain video that, when played, are choppy and cut out. I'm
certain that these videos aren't getting cached. And this is kind of the
point to the whole web cache project. I need for teachers to be able to
cache these kinds of things, so when the students try to access them they
play quicker and more smooth. How do I convince squid to cache these?

Here is my current squid.conf

http_port 3128
acl QUERY urlpath_regex cgi-bin \?
cache_mem 512 MB# May need to set lower if I run low on RAM
maximum_object_size_in_memory 2048 KB
# May need to set lower if I run low on RAM
maximum_object_size 1 GB
cache_dir aufs /cache 50 256 256
redirect_rewrites_host_header off
cache_replacement_policy lru
acl all src all
acl localnet src 10.80.0.0/255.255.0.0
acl localhost src 127.0.0.1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/8
acl Safe_ports port 80 443 210 119 70 21 1025-65535
acl SSL_Ports port 443
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_Ports
http_access allow localnet
http_access allow localhost
http_access deny all
icp_port 0
refresh_pattern \.jpg$ 3600 50% 60
refresh_pattern \.gif$ 3600 50% 60
refresh_pattern \.css$ 3600 50% 60
refresh_pattern \.js$ 3600 50% 60
refresh_pattern \.html$ 300 50% 10
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
access_log /var/log/squid/access.log squid
visible_hostname AMSPX01

-- 
View this message in context: 
http://www.nabble.com/Squid-not-caching-some-sites-tp25962650p25962650.html
Sent from the Squid - Users mailing list archive at Nabble.com.

Re: [squid-users] How To Allow Different Sites at Different Times

mån 2009-10-19 klockan 14:44 +1300 skrev Amos Jeffries:

  http_access allow timothy timothys_schooltime whitelist_sos

  http_access deny timothy all
  
 
 The final line there does not permit Squid to challenge for 
 authentication. I assume you have some other way to make the browser 
 send it later on?

Amos, Squid challenges on the first auth related ACL encountered in
http_access processing.

What the above configuration do not is to rechallenge to allow timothy
once authenticated to try to log in as someone else when trying to
access something timothy is not allowed to access.

Regards
Henrik

Re: [squid-users] squid centralized log

2009-10-19 Thread Leonardo Rodrigues


anti spamЯ escreveu:

Hello all,
I have 4 different squid servers (three running squid-2.7.STABLE7 and
one squid-3.0.STABLE16) working on different subnets, and I'd like to
centralize their access.log entries to a remote log server.
I've read somewhere that using the syslog facility with huge amounts
of traffic causes log to be incomplete on the centralized log server.
So, please, can someone out there point me to a good and reliable solution?
I've found something about mysql, but not so sure the bandwidth
consumption would benefit..

  


do you need logs in realtime on the centralized server ???

i ask that because most of people need logs for some scheduled log 
processing, like once a day or once a week. For those, some log rotation 
procedure and some rsync, correctly timed, would be enough to getting 
logs to some centralized server and, after that, do the log analyzing. 
Just do the rotation and syncing before the log analyzing schedule runs 
and you should be OK.


if you need them in realtime, then you'll have to look syslog/mysql or 
something related  subject in which i cant give any kind of advice 
because i've never used that.


but log rotation/rsyncing works just fine, i use that in lots of situations.


--


Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br

Minha armadilha de SPAM, NÃO mandem email
gertru...@solutti.com.br
My SPAMTRAP, do not email it

Re: [squid-users] High CPU Utilization

 From: Amos Jeffries squ...@treenet.co.nz
 Date: Tue, 20 Oct 2009 00:14:58 +1300
 To: Ross Kovelman rkovel...@gruskingroup.com
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] High CPU Utilization

 Ross Kovelman wrote:
 From: Amos Jeffries squ...@treenet.co.nz
 Date: Mon, 19 Oct 2009 18:14:33 +1300
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] High CPU Utilization

 Ross Kovelman wrote:
 Any reason why I would have high CPU utilization, avg around 90%?  I did
 build it for PPC although I do have a large dstdomain list which contains
 URL's that are not allowed on the network.  It is a Mac G4 dual 1.33.  This
 is with no load, or I should say no users on the network.

 Thanks

 Could be a few things:

   * bug 2541 (except latest 3.0 and 3.1 releases)

   * lots of regex patterns

   * garbage collection of the various caches

   * UFS storage system catching up after a period of load

   * memory swapping

   * RAID

   * ... any combination of the above.

 If you have the strace tool available you can look inside Squid and see.
   Or a use squid -k debug to toggle full debug on/off for a short
 period and troll the cache.log afterwards.

 Amos,

 I am not using a raid, although my single drive performance might be slow?
 Will need to check on the i/o.  When I do run squid or make any changes to
 the config I do get a lot of :

 2009/10/16 14:44:08| WARNING: You should probably remove 'xxx.com' from the
 ACL named 'bad_url'
 2009/10/16 14:44:08| WARNING: 'xxx.com' is a subdomain of 'xxx.com'
 2009/10/16 14:44:08| WARNING: because of this 'xxx.com' is ignored to keep
 splay tree searching predictable
 2009/10/16 14:44:08| WARNING: You should probably remove 'xxx.com' from the
 ACL named 'bad_url'

 Would this by chance do it?  There is about 22,000 sites in the bad_url
 file.

 I don't think so. Those warnings are produced by Squid as it prunes them
 out of the ACL by itself.

 You can get rid of the duplicates and sub-domains manually to reduce the
 warnings.

 Amos
 -- 
 Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.14

Amos,

Looked to be a permission issue as Squid would crash and restart.

Thanks

smime.p7s
Description: S/MIME cryptographic signature

Re: [squid-users] WCCP

 From: Amos Jeffries squ...@treenet.co.nz
 Date: Mon, 19 Oct 2009 17:05:15 +1300
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 Ross Kovelman wrote:
 From: Amos Jeffries squ...@treenet.co.nz
 Date: Mon, 19 Oct 2009 14:32:17 +1300
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 Ross Kovelman wrote:
 I am going to be using WCCP.  I did another reconfigure with the --enable
 WCCP option.  How can I check that it is on and running?  The next step I
 need to do is upgrade to version 2 since the Cisco only communicates on
 version 2.  I tried to do the patch  upgrade patch but then I get a
 response with path to upgrade and I am not sure where the file is I need
 patch.
 There is zero need to patch for support WCCPv2. It's been built into
 Squid for many years now.

 Run ./configure --help.
   * If it lists --disable-wccpv2 there is no need to do anything.
   * If it lists --enable-wccpv2 , add that to your build options.
   * If it does not mention wccpv2 at all upgrade your Squid version.

 Then setup squid.conf with the relevant wccp2_* options.

 http://www.squid-cache.org/Doc/config/ or the wiki example configs have
 details on those.

 Amos
 -- 
 Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.14

 Amos,

 Thanks again.  
 Running the ./configure --help only says this:
  --disable-wccp  Disable Web Cache Coordination V1 Protocol
  --disable-wccpv2Disable Web Cache Coordination V2 Protocol

 When I did the install I ran the ./configure --enable wccp option. I didn't
 say --enable-wccpv2, does this matter?  I also have this in the config:
 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 I am running Squid Web Proxy 2.7.STABLE5.

 Okay. Thats fine.

 The ./configure results mean that both WCCP versions are built into
 Squid by default unless you explicitly say --disable. Nothing extra
 needed to build them.

 The config options you have there are already WCCPv2-only options for
 Cisco. Nothing new needed there either.

 If thats not working its a config error somewhere.

 Amos
 -- 
 Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.14

Amos,

I am getting this in my cache log:

Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 20.
commBind: Cannot bind socket FD 21 to *:3128: (48) Address already in use
Accepting proxy HTTP connections at 0.0.0.0, port 80, FD 21.
commBind: Cannot bind socket FD 22 to *:80: (48) Address already in use
Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
WCCP Disabled.
Accepting WCCPv2 messages on port 2048, FD 23.
Initialising all WCCPv2 lists

As from my other posting I need WCCP enabled but it is showing disabled.
Any reason why?  How can I resolve this.  Below is my lines in config

wccp2_router 192.168.16.1
wccp2_forwarding_method 1
wccp2_return_method 1

smime.p7s
Description: S/MIME cryptographic signature

Re: [squid-users] Squid-2.6.5 SSL reverse proxy ?

mån 2009-10-19 klockan 20:33 +1100 skrev Stonie:

 https_port 443 cert=/root/mysslsite.crt key=/root/mysslsite.key
 defaultsite=www.mysslsite.com.au vhost vport

That should probably be

https_port you.external.ip:443

Re: [squid-users] squid centralized log

mån 2009-10-19 klockan 14:26 +0200 skrev anti spamЯ:

 I have 4 different squid servers (three running squid-2.7.STABLE7 and
 one squid-3.0.STABLE16) working on different subnets, and I'd like to
 centralize their access.log entries to a remote log server.

My recommendation would be to log to file, rotate the logs fairly
frequently (number of times a day) using logrotate with timestamped logs
(using date + time, not numbered), and poll the logs with rsync over ssh
to the central location. This way the proxy servers operation is fully
independent of the log server, and you won't loose any log records
unless the log server is down for longer than the interval kept locally
on the proxy servers by logrotate.

 I've read somewhere that using the syslog facility with huge amounts
 of traffic causes log to be incomplete on the centralized log server.

Yes, at least for syslog-over-UDP communication which is the default
syslog network protocol.

syslog-ng and some other syslog servers can also log over TCP which is
not as sensitive, but it's still a little fragile as syslog is only
best-effort and do not keep track of what log entries have actually
reached the central server, so if there is even a temporary
communication glitch then log entries will be lost.

Regards
Henrik

Re: [squid-users] Squid Logs

mån 2009-10-19 klockan 06:24 -0700 skrev Nadeem Semaan:

 I have configured named on the machine running squid to retrieve the
 forward and reverse zones from my DNS server (windows).  I also have
 squid configured to log the fqdn (log_fqdn on). I have also tries
 playing around with the dns_nameservers option, but I'm still getting
 IPs in my log files. Is there a way to only log the fqdn, do I need to
 change the dns expiry settings to less than one day?  Please help.

If log_fqdn is on then Squid will log the host name, provided the DNS
server responds in a reasonable time.

Can you resolve the IP addresses from the Squid server?

  dig -x ip.of.client.station

or alternatively

  dig -x ip.of.client.station @selected.nameserver.address

Regards
Henrik

Re: [squid-users] WCCP

 From: Ross Kovelman rkovel...@gruskingroup.com
 Date: Mon, 19 Oct 2009 14:21:44 -0400
 To: Amos Jeffries squ...@treenet.co.nz
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 From: Amos Jeffries squ...@treenet.co.nz
 Date: Mon, 19 Oct 2009 17:05:15 +1300
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 Ross Kovelman wrote:
 From: Amos Jeffries squ...@treenet.co.nz
 Date: Mon, 19 Oct 2009 14:32:17 +1300
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 Ross Kovelman wrote:
 I am going to be using WCCP.  I did another reconfigure with the --enable
 WCCP option.  How can I check that it is on and running?  The next step I
 need to do is upgrade to version 2 since the Cisco only communicates on
 version 2.  I tried to do the patch  upgrade patch but then I get a
 response with path to upgrade and I am not sure where the file is I need
 patch.
 There is zero need to patch for support WCCPv2. It's been built into
 Squid for many years now.

 Run ./configure --help.
   * If it lists --disable-wccpv2 there is no need to do anything.
   * If it lists --enable-wccpv2 , add that to your build options.
   * If it does not mention wccpv2 at all upgrade your Squid version.

 Then setup squid.conf with the relevant wccp2_* options.

 http://www.squid-cache.org/Doc/config/ or the wiki example configs have
 details on those.

 Amos
 -- 
 Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.14

 Amos,

 Thanks again.  
 Running the ./configure --help only says this:
  --disable-wccp  Disable Web Cache Coordination V1 Protocol
  --disable-wccpv2Disable Web Cache Coordination V2 Protocol

 When I did the install I ran the ./configure --enable wccp option. I didn't
 say --enable-wccpv2, does this matter?  I also have this in the config:
 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 I am running Squid Web Proxy 2.7.STABLE5.

 Okay. Thats fine.

 The ./configure results mean that both WCCP versions are built into
 Squid by default unless you explicitly say --disable. Nothing extra
 needed to build them.

 The config options you have there are already WCCPv2-only options for
 Cisco. Nothing new needed there either.

 If thats not working its a config error somewhere.

 Amos
 -- 
 Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE19
Current Beta Squid 3.1.0.14

 Amos,

 I am getting this in my cache log:

 Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 20.
 commBind: Cannot bind socket FD 21 to *:3128: (48) Address already in use
 Accepting proxy HTTP connections at 0.0.0.0, port 80, FD 21.
 commBind: Cannot bind socket FD 22 to *:80: (48) Address already in use
 Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
 WCCP Disabled.
 Accepting WCCPv2 messages on port 2048, FD 23.
 Initialising all WCCPv2 lists

 As from my other posting I need WCCP enabled but it is showing disabled.
 Any reason why?  How can I resolve this.  Below is my lines in config

 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

Issue now is
Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128, FD
21.
Accepting transparently proxied HTTP connections at 0.0.0.0, port 80, FD 22.
Accepting ICP messages at 0.0.0.0, port 3130, FD 23.
WCCP Disabled.
Accepting WCCPv2 messages on port 2048, FD 24.
Initialising all WCCPv2 lists
Ready to serve requests.

Why would it be disabled?  Or is it not?

Thanks

smime.p7s
Description: S/MIME cryptographic signature

Re: [squid-users] Squid-2.6.5 SSL reverse proxy ?

2009-10-19 Thread Stonie

Thanks for the reply Henrik,

I still have the same symptoms with those settings.

I have tried both:

https_port my.external.ip:443
https_port my.external.ip:443 cert=/root/mysslsite.crt
key=/root/mysslsite.key defaultsite=www.mysslsite.com.au vhost vport

The first fails with a cant find cert on startup, and the second has
the same symptoms as with my original config.

Any ideas?

Cheers,
Stonie.


On Tue, Oct 20, 2009 at 5:40 AM, Henrik Nordstrom
hen...@henriknordstrom.net wrote:

 mån 2009-10-19 klockan 20:33 +1100 skrev Stonie:

  https_port 443 cert=/root/mysslsite.crt key=/root/mysslsite.key
  defaultsite=www.mysslsite.com.au vhost vport

 That should probably be

 https_port you.external.ip:443 






--

Interested in purchasing Australian produced carbon offsets?  Visit
www.fairgocarbon.com.au

Please consider the environment before printing this email.

Re: [squid-users] WCCP

On Mon, 19 Oct 2009 14:21:44 -0400, Ross Kovelman wrote:
From: Amos Jeffries

Ross Kovelman wrote:
From: Amos Jeffries:

Ross Kovelman wrote:
I am going to be using WCCP. I did another reconfigure with the
--enable
WCCP option. How can I check that it is on and running? The next
step I
need to do is upgrade to version 2 since the Cisco only communicates
on
version 2. I tried to do the patch upgrade patch but then I get a
response with path to upgrade and I am not sure where the file is I
need
patch.
There is zero need to patch for support WCCPv2. It's been built into
Squid for many years now.

Run ./configure --help.
* If it lists --disable-wccpv2 there is no need to do anything.
* If it lists --enable-wccpv2 , add that to your build options.
* If it does not mention wccpv2 at all upgrade your Squid
version.

Then setup squid.conf with the relevant wccp2_* options.

http://www.squid-cache.org/Doc/config/ or the wiki example configs
have
details on those.

Thanks again.
Running the ./configure --help only says this:
--disable-wccp Disable Web Cache Coordination V1 Protocol
--disable-wccpv2Disable Web Cache Coordination V2 Protocol

When I did the install I ran the ./configure --enable wccp option. I
didn't
say --enable-wccpv2, does this matter? I also have this in the
config:
wccp2_router 192.168.16.1
wccp2_forwarding_method 1
wccp2_return_method 1

I am running Squid Web Proxy 2.7.STABLE5.

Okay. Thats fine.

The ./configure results mean that both WCCP versions are built into
Squid by default unless you explicitly say --disable. Nothing extra
needed to build them.

The config options you have there are already WCCPv2-only options for
Cisco. Nothing new needed there either.

If thats not working its a config error somewhere.

I am getting this in my cache log:

Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 20.
commBind: Cannot bind socket FD 21 to *:3128: (48) Address already in
use
Accepting proxy HTTP connections at 0.0.0.0, port 80, FD 21.
commBind: Cannot bind socket FD 22 to *:80: (48) Address already in use

http://wiki.squid-cache.org/SquidFaq/TroubleShooting#Cannot_bind_socket_FD_NN_to_.2A:8080_.28125.29_Address_already_in_use

I would suspect this as part of the problem. The WCCP router will be
trying to contact whatever software is already running on port 3128, not
the Squid you are starting with WCCP config.

Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
WCCP Disabled.
Accepting WCCPv2 messages on port 2048, FD 23.
Initialising all WCCPv2 lists

As from my other posting I need WCCP enabled but it is showing disabled.
Any reason why? How can I resolve this. Below is my lines in config

wccp2_router 192.168.16.1
wccp2_forwarding_method 1
wccp2_return_method 1

The above are only the config of how squid sends packets to the Cisco.
WCCP requires configuration Cisco, the squid box OS and firewall, and
routing tables. Any one of which could be the problem.
The tutorials and troubleshooting info we have at present is a little
spread out and disjointed. What how-to are you working from?

Amos

Re: [squid-users] WCCP

 From: Amos Jeffries squ...@treenet.co.nz
 Date: Tue, 20 Oct 2009 11:04:42 +1300
 To: Ross Kovelman rkovel...@gruskingroup.com
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 On Mon, 19 Oct 2009 14:21:44 -0400, Ross Kovelman wrote:
 From: Amos Jeffries

 Ross Kovelman wrote:
 From: Amos Jeffries:

 Ross Kovelman wrote:
 I am going to be using WCCP.  I did another reconfigure with the
 --enable
 WCCP option.  How can I check that it is on and running?  The next
 step I
 need to do is upgrade to version 2 since the Cisco only communicates
 on
 version 2.  I tried to do the patch  upgrade patch but then I get a
 response with path to upgrade and I am not sure where the file is I
 need
 patch.
 There is zero need to patch for support WCCPv2. It's been built into
 Squid for many years now.

 Run ./configure --help.
   * If it lists --disable-wccpv2 there is no need to do anything.
   * If it lists --enable-wccpv2 , add that to your build options.
   * If it does not mention wccpv2 at all upgrade your Squid
 version.

 Then setup squid.conf with the relevant wccp2_* options.

 http://www.squid-cache.org/Doc/config/ or the wiki example configs
 have
 details on those.

 Thanks again. 
 Running the ./configure --help only says this:
  --disable-wccp  Disable Web Cache Coordination V1 Protocol
  --disable-wccpv2Disable Web Cache Coordination V2 Protocol

 When I did the install I ran the ./configure --enable wccp option. I
 didn't
 say --enable-wccpv2, does this matter?  I also have this in the
 config:
 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 I am running Squid Web Proxy 2.7.STABLE5.

 Okay. Thats fine.

 The ./configure results mean that both WCCP versions are built into
 Squid by default unless you explicitly say --disable. Nothing extra
 needed to build them.

 The config options you have there are already WCCPv2-only options for
 Cisco. Nothing new needed there either.

 If thats not working its a config error somewhere.

 I am getting this in my cache log:

 Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 20.
 commBind: Cannot bind socket FD 21 to *:3128: (48) Address already in
 use
 Accepting proxy HTTP connections at 0.0.0.0, port 80, FD 21.
 commBind: Cannot bind socket FD 22 to *:80: (48) Address already in use

 http://wiki.squid-cache.org/SquidFaq/TroubleShooting#Cannot_bind_socket_FD_NN_
 to_.2A:8080_.28125.29_Address_already_in_use

 I would suspect this as part of the problem. The WCCP router will be
 trying to contact whatever software is already running on port 3128, not
 the Squid you are starting with WCCP config.

 Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
 WCCP Disabled.
 Accepting WCCPv2 messages on port 2048, FD 23.
 Initialising all WCCPv2 lists

 As from my other posting I need WCCP enabled but it is showing disabled.
 Any reason why?  How can I resolve this.  Below is my lines in config

 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 The above are only the config of how squid sends packets to the Cisco.
 WCCP requires configuration Cisco, the squid box OS and firewall, and
 routing tables. Any one of which could be the problem.
 The tutorials and troubleshooting info we have at present is a little
 spread out and disjointed. What how-to are you working from?

 Amos

Amos,
I just did a TCP dump and I think my problem is the GRE packet.  It is being
listed I think as unknown.  Shouldn't squid be able to pick the packet up
and open it?  The Cisco sees squid and relays the information good but it is
stopping at the squid box. Any ideas?  I am just google'ing around no set
how to.

Thanks

Re: [squid-users] Squid-2.6.5 SSL reverse proxy ?

tis 2009-10-20 klockan 07:45 +1100 skrev Stonie:
 Thanks for the reply Henrik,
 
 Still the same symptoms with those settings. 
 
 I have tried both 
 
 https_port my.external.ip:443
 https_port my.external.ip:443 cert=/root/mysslsite.crt
 key=/root/mysslsite.key defaultsite=www.mysslsite.com.au vhost vport

I meant the second (hence the  dots).

 the first fails with a cant find cert on startup, and the second has
 the same symptoms as with my original config. 

And no significant errors logged at startup or in cache.log?

Regards
Henrik

Re: [squid-users] WCCP

On Mon, 19 Oct 2009 18:26:18 -0400, Ross Kovelman
rkovel...@gruskingroup.com wrote:
From: Amos Jeffries squ...@treenet.co.nz
Date: Tue, 20 Oct 2009 11:04:42 +1300
To: Ross Kovelman rkovel...@gruskingroup.com
Cc: squid-users@squid-cache.org squid-users@squid-cache.org
Subject: Re: [squid-users] WCCP

On Mon, 19 Oct 2009 14:21:44 -0400, Ross Kovelman wrote:
From: Amos Jeffries

Ross Kovelman wrote:
From: Amos Jeffries:

Ross Kovelman wrote:
I am going to be using WCCP. I did another reconfigure with the
--enable
WCCP option. How can I check that it is on and running? The next
step I
need to do is upgrade to version 2 since the Cisco only
communicates
on
version 2. I tried to do the patch upgrade patch but then I get
a
response with path to upgrade and I am not sure where the file is
I
need
patch.
There is zero need to patch for support WCCPv2. It's been built
into
Squid for many years now.

Then setup squid.conf with the relevant wccp2_* options.

http://www.squid-cache.org/Doc/config/ or the wiki example configs
have
details on those.

Thanks again.
Running the ./configure --help only says this:
--disable-wccp Disable Web Cache Coordination V1 Protocol
--disable-wccpv2Disable Web Cache Coordination V2 Protocol

I am running Squid Web Proxy 2.7.STABLE5.

Okay. Thats fine.

The ./configure results mean that both WCCP versions are built into
Squid by default unless you explicitly say --disable. Nothing extra
needed to build them.

The config options you have there are already WCCPv2-only options for
Cisco. Nothing new needed there either.

If thats not working its a config error somewhere.

I am getting this in my cache log:

http://wiki.squid-cache.org/SquidFaq/TroubleShooting#Cannot_bind_socket_FD_NN_
to_.2A:8080_.28125.29_Address_already_in_use

I would suspect this as part of the problem. The WCCP router will be
trying to contact whatever software is already running on port 3128,
not
the Squid you are starting with WCCP config.

Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
WCCP Disabled.
Accepting WCCPv2 messages on port 2048, FD 23.

To answer your earlier question:
the above two lines means WCCPv1 is disabled, WCCPv2 is being used.

Initialising all WCCPv2 lists

As from my other posting I need WCCP enabled but it is showing
disabled.
Any reason why? How can I resolve this. Below is my lines in config

wccp2_router 192.168.16.1
wccp2_forwarding_method 1
wccp2_return_method 1

Amos

Amos,
I just did a TCP dump and I think my problem is the GRE packet. It is
being
listed I think as unknown. Shouldn't squid be able to pick the packet
up
and open it? The Cisco sees squid and relays the information good but
it
is
stopping at the squid box. Any ideas? I am just google'ing around no
set
how to.

Okay. I've polished up our exemplar configs a little:
http://wiki.squid-cache.org/Features/Wccp2
(some way to go though).

There are four parts to WCCP systems:

1) WCCP capture and redirect

2) gre tunnel between the Cisco and Squid boxes

3) squid box firewall settings and NAT capture of received gre packets

http://wiki.squid-cache.org/ConfigExamples/Intercept#Traffic_Interception_capture_into_Squid

4) squid.conf settings to make Squid contact the cisco router

Amos

Re: [squid-users] Squid not caching some sites

On Mon, 19 Oct 2009 10:51:03 -0700 (PDT), ant2ne tcy...@altonschools.org
wrote:
 My squid web cache proxy server is not caching sites such as...
 http://www.netsmartz.org/resources/reallife.htm
 http://www.netsmartz.org/stories/canttake.htm
 http://www.nsteens.org/videos/social-networking/
 
 These sites contain video that, when played, are choppy and cut out. I'm
 certain that these videos aren't getting cached. And this is kind of the
 point to the whole web cache project. I need for teachers to be able to
 cache these kinds of things, so when the students try to access them
they
 play quicker and more smooth. How do I convince squid to cache these?

Depends on why.
Enter the page URLs at www.redbot.org to get a report about the page (the
check links sub-report will cover details of the embeded videos, images
etc)

 
 Here is my current squid.conf
 
 http_port 3128
 acl QUERY urlpath_regex cgi-bin \?

Delete the above line.

 cache_mem 512 MB# May need to set lower if I run low on RAM
 maximum_object_size_in_memory 2048 KB

The above will kill any videos 2MB as they are forced to storage on disk
before sending to the browsers.

 # May need to set lower if I run low on RAM
 maximum_object_size 1 GB
 cache_dir aufs /cache 50 256 256
 redirect_rewrites_host_header off
 cache_replacement_policy lru
 acl all src all
 acl localnet src 10.80.0.0/255.255.0.0

or in CIDR...
  acl localnet src 10.80.0.0/16

 acl localhost src 127.0.0.1
 acl to_localhost dst 127.0.0.0/8 0.0.0.0/8
 acl Safe_ports port 80 443 210 119 70 21 1025-65535
 acl SSL_Ports port 443
 acl CONNECT method CONNECT
 http_access deny !Safe_ports
 http_access deny CONNECT !SSL_Ports
 http_access allow localnet
 http_access allow localhost
 http_access deny all
 icp_port 0
 refresh_pattern \.jpg$ 3600 50% 60
 refresh_pattern \.gif$ 3600 50% 60
 refresh_pattern \.css$ 3600 50% 60
 refresh_pattern \.js$ 3600 50% 60
 refresh_pattern \.html$ 300 50% 10
 refresh_pattern ^ftp: 1440 20% 10080
 refresh_pattern ^gopher: 1440 0% 1440
 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
 refresh_pattern . 0 20% 4320
 access_log /var/log/squid/access.log squid
 visible_hostname AMSPX01


Amos

Re: [squid-users] Squid Reverse Proxy help

On Mon, 19 Oct 2009 11:23:58 -0400, Jones, Keven keven.jo...@ncr.com
wrote:
 Need help with finalizing my config. This config is not working for the
 2nd server. Can
 Anyone see what I'm missing or have configured incorreclty. 
 
  img01.cprpt.com is caching but img02.cprpt.com will not. I had
orginiall
  forgotten the
  2nd cache_peer_access server_2 allow sites_server2 but this has been
  added and still  not working.
 
 This url should work as the images and directories exist:
 
 http://img02.cprpt.com/img/bvt/10002/ncrLogo_100909.gif
 
 
 Thanks for looking at this for me!
 
 ---
 Squid.conf:
 
 
 http_port 80 accel defaultsite=img01.cprpt.com 

For multiple domains (virtual hosting) the vhost option is required
here.
Without it squid will assume everything is under the defaultsite.

 cache_peer 172.19.23.91 parent 80 0 no-query originserver name=myAccel 
 cache_peer 172.19.23.92 parent 80 0 no-query originserver name=server_2
 
 acl all src 0.0.0.0/0.0.0.0
 acl our_sites dstdomain img01.cprpt.com
 acl sites_server_2 dstdomain img02.cprpt.com 
 
 http_access allow our_sites 
 http_access allow sites_server_2 
 
 cache_peer_access myAccel allow our_sites 
 cache_peer_access server_2 allow sites_server_2 
 
 cache_peer_access myAccel deny all 
 cache_peer_access server_2 deny all
 
 
 visible_hostname bv-ic01
 
 cache_dir ufs /data/spool/squid 100 16 256
 
 cache_access_log /data/log/squid/access.log
 
 cache_log /data/log/squid/cache.log
 
 cache_store_log /data/log/squid/store.log

Re: [squid-users] WCCP

 From: Amos Jeffries squ...@treenet.co.nz
 Date: Tue, 20 Oct 2009 12:40:02 +1300
 To: Ross Kovelman rkovel...@gruskingroup.com
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 On Mon, 19 Oct 2009 18:26:18 -0400, Ross Kovelman
 rkovel...@gruskingroup.com wrote:
 From: Amos Jeffries squ...@treenet.co.nz
 Date: Tue, 20 Oct 2009 11:04:42 +1300
 To: Ross Kovelman rkovel...@gruskingroup.com
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 On Mon, 19 Oct 2009 14:21:44 -0400, Ross Kovelman wrote:
 From: Amos Jeffries

 Ross Kovelman wrote:
 From: Amos Jeffries:

 Ross Kovelman wrote:
 I am going to be using WCCP.  I did another reconfigure with the
 --enable
 WCCP option.  How can I check that it is on and running?  The next
 step I
 need to do is upgrade to version 2 since the Cisco only
 communicates
 on
 version 2.  I tried to do the patch  upgrade patch but then I get
 a
 response with path to upgrade and I am not sure where the file is
 I
 need
 patch.
 There is zero need to patch for support WCCPv2. It's been built
 into
 Squid for many years now.

 Run ./configure --help.
   * If it lists --disable-wccpv2 there is no need to do anything.
   * If it lists --enable-wccpv2 , add that to your build options.
   * If it does not mention wccpv2 at all upgrade your Squid
 version.

 Then setup squid.conf with the relevant wccp2_* options.

 http://www.squid-cache.org/Doc/config/ or the wiki example configs
 have
 details on those.

 Thanks again.
 Running the ./configure --help only says this:
  --disable-wccp  Disable Web Cache Coordination V1 Protocol
  --disable-wccpv2Disable Web Cache Coordination V2 Protocol

 When I did the install I ran the ./configure --enable wccp option. I
 didn't
 say --enable-wccpv2, does this matter?  I also have this in the
 config:
 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 I am running Squid Web Proxy 2.7.STABLE5.

 Okay. Thats fine.

 The ./configure results mean that both WCCP versions are built into
 Squid by default unless you explicitly say --disable. Nothing extra
 needed to build them.

 The config options you have there are already WCCPv2-only options for
 Cisco. Nothing new needed there either.

 If thats not working its a config error somewhere.

 I am getting this in my cache log:

 Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 20.
 commBind: Cannot bind socket FD 21 to *:3128: (48) Address already in
 use
 Accepting proxy HTTP connections at 0.0.0.0, port 80, FD 21.
 commBind: Cannot bind socket FD 22 to *:80: (48) Address already in
 use

 http://wiki.squid-cache.org/SquidFaq/TroubleShooting#Cannot_bind_socket_FD_NN_
 to_.2A:8080_.28125.29_Address_already_in_use

 I would suspect this as part of the problem. The WCCP router will be
 trying to contact whatever software is already running on port 3128,
 not
 the Squid you are starting with WCCP config.

 Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
 WCCP Disabled.
 Accepting WCCPv2 messages on port 2048, FD 23.

 To answer your earlier question:
   the above two lines means WCCPv1 is disabled, WCCPv2 is being used.

 Initialising all WCCPv2 lists

 As from my other posting I need WCCP enabled but it is showing
 disabled.
 Any reason why?  How can I resolve this.  Below is my lines in config

 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 The above are only the config of how squid sends packets to the Cisco.
 WCCP requires configuration Cisco, the squid box OS and firewall, and
 routing tables. Any one of which could be the problem.
 The tutorials and troubleshooting info we have at present is a little
 spread out and disjointed. What how-to are you working from?

 Amos

 Amos,
 I just did a TCP dump and I think my problem is the GRE packet.  It is
 being
 listed I think as unknown.  Shouldn't squid be able to pick the packet
 up
 and open it?  The Cisco sees squid and relays the information good but
 it
 is
 stopping at the squid box. Any ideas?  I am just google'ing around no
 set
 how to.

 Okay. I've polished up our exemplar configs a little:
  http://wiki.squid-cache.org/Features/Wccp2
 (some way to go though).

 There are four parts to WCCP systems:

  1) WCCP capture and redirect

  2) gre tunnel between the Cisco and Squid boxes

  3) squid box firewall settings and NAT capture of received gre packets

 http://wiki.squid-cache.org/ConfigExamples/Intercept#Traffic_Interception_capt
 ure_into_Squid

  4) squid.conf settings to make Squid contact the cisco router

 Amos

From what I have read and what you show only for the PIX and ASA should be
the same.  The Pix is actually correct for the ASA, although that is what
Cisco told me to do.

As far as:
wccp2_router - My cisco router address
wccp2_forwarding_method - I took this out of my config as GRE is default
wccp2_return_method

Re: [squid-users] WCCP

On Mon, 19 Oct 2009 20:06:55 -0400, Ross Kovelman
rkovel...@gruskingroup.com wrote:
 From: Amos Jeffries squ...@treenet.co.nz
 Date: Tue, 20 Oct 2009 12:40:02 +1300
 To: Ross Kovelman rkovel...@gruskingroup.com
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 On Mon, 19 Oct 2009 18:26:18 -0400, Ross Kovelman
 rkovel...@gruskingroup.com wrote:
 From: Amos Jeffries squ...@treenet.co.nz
 Date: Tue, 20 Oct 2009 11:04:42 +1300
 To: Ross Kovelman rkovel...@gruskingroup.com
 Cc: squid-users@squid-cache.org squid-users@squid-cache.org
 Subject: Re: [squid-users] WCCP

 On Mon, 19 Oct 2009 14:21:44 -0400, Ross Kovelman wrote:
 From: Amos Jeffries

 Ross Kovelman wrote:
 From: Amos Jeffries:

 Ross Kovelman wrote:
 I am going to be using WCCP.  I did another reconfigure with the
 --enable
 WCCP option.  How can I check that it is on and running?  The
next
 step I
 need to do is upgrade to version 2 since the Cisco only
 communicates
 on
 version 2.  I tried to do the patch  upgrade patch but then I
get
 a
 response with path to upgrade and I am not sure where the file
is
 I
 need
 patch.
 There is zero need to patch for support WCCPv2. It's been built
 into
 Squid for many years now.

 Run ./configure --help.
   * If it lists --disable-wccpv2 there is no need to do
anything.
   * If it lists --enable-wccpv2 , add that to your build
options.
   * If it does not mention wccpv2 at all upgrade your Squid
 version.

 Then setup squid.conf with the relevant wccp2_* options.

 http://www.squid-cache.org/Doc/config/ or the wiki example
configs
 have
 details on those.

 Thanks again.
 Running the ./configure --help only says this:
  --disable-wccp  Disable Web Cache Coordination V1
Protocol
  --disable-wccpv2Disable Web Cache Coordination V2
Protocol

 When I did the install I ran the ./configure --enable wccp option.
I
 didn't
 say --enable-wccpv2, does this matter?  I also have this in the
 config:
 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 I am running Squid Web Proxy 2.7.STABLE5.

 Okay. Thats fine.

 The ./configure results mean that both WCCP versions are built into
 Squid by default unless you explicitly say --disable. Nothing extra
 needed to build them.

 The config options you have there are already WCCPv2-only options
for
 Cisco. Nothing new needed there either.

 If thats not working its a config error somewhere.

 I am getting this in my cache log:

 Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 20.
 commBind: Cannot bind socket FD 21 to *:3128: (48) Address already
in
 use
 Accepting proxy HTTP connections at 0.0.0.0, port 80, FD 21.
 commBind: Cannot bind socket FD 22 to *:80: (48) Address already in
 use

http://wiki.squid-cache.org/SquidFaq/TroubleShooting#Cannot_bind_socket_FD_NN_
 to_.2A:8080_.28125.29_Address_already_in_use

 I would suspect this as part of the problem. The WCCP router will be
 trying to contact whatever software is already running on port 3128,
 not
 the Squid you are starting with WCCP config.

 Accepting ICP messages at 0.0.0.0, port 3130, FD 22.
 WCCP Disabled.
 Accepting WCCPv2 messages on port 2048, FD 23.

 To answer your earlier question:
   the above two lines means WCCPv1 is disabled, WCCPv2 is being used.

 Initialising all WCCPv2 lists

 As from my other posting I need WCCP enabled but it is showing
 disabled.
 Any reason why?  How can I resolve this.  Below is my lines in
config

 wccp2_router 192.168.16.1
 wccp2_forwarding_method 1
 wccp2_return_method 1

 The above are only the config of how squid sends packets to the
Cisco.
 WCCP requires configuration Cisco, the squid box OS and firewall, and
 routing tables. Any one of which could be the problem.
 The tutorials and troubleshooting info we have at present is a little
 spread out and disjointed. What how-to are you working from?

 Amos

 Amos,
 I just did a TCP dump and I think my problem is the GRE packet.  It is
 being
 listed I think as unknown.  Shouldn't squid be able to pick the packet
 up
 and open it?  The Cisco sees squid and relays the information good but
 it
 is
 stopping at the squid box. Any ideas?  I am just google'ing around no
 set
 how to.

 Okay. I've polished up our exemplar configs a little:
  http://wiki.squid-cache.org/Features/Wccp2
 (some way to go though).

 There are four parts to WCCP systems:

  1) WCCP capture and redirect

  2) gre tunnel between the Cisco and Squid boxes

  3) squid box firewall settings and NAT capture of received gre packets

http://wiki.squid-cache.org/ConfigExamples/Intercept#Traffic_Interception_capt
 ure_into_Squid

  4) squid.conf settings to make Squid contact the cisco router

 Amos

 From what I have read and what you show only for the PIX and ASA should
be
 the same.  The Pix is actually correct for the ASA, although that is
what
 Cisco told me to do.

 As far as:
 wccp2_router - My cisco router address

[squid-users] Compiling squid 3.0 on AIX

2009-10-19 Thread Perry Smith


Hi,

I'm trying to build squid 3.0 on AIX 5.3 using GCC 4.3.1.  It appears  
to forget to build many files.  One example is src/cbdata.o


My link fails with:

g++ -Werror -Wall -Wpointer-arith -Wwrite-strings -Wcomments -g -O2 -g  
-o cf_gen cf_gen.o debug.o time.o globals.o  ./.libs/ 
libsquid.a ./.libs/libauth.a -L/usr/local/lib -lstdc++ -L/usr/local/ 
build/squid-3.0.S
TABLE19/lib -lmiscutil -lm -lbind -lnsl   -Wl,-blibpath:/usr/local/ 
lib:/usr/local/lib/gcc/powerpc-ibm-aix5.3.0.0/4.3.1:/usr/local/lib/gcc/ 
powerpc-ibm-aix5.3.0.0/4.3.1/../../..:/usr/lib:/lib

ld: 0711-317 ERROR: Undefined symbol: .cbdataInternalLock(void const*)
ld: 0711-317 ERROR: Undefined symbol: .cbdataInternalUnlock(void const*)
ld: 0711-317 ERROR: Undefined symbol: .cbdataInternalFree(void*)
ld: 0711-317 ERROR: Undefined symbol: .cbdataReferenceValid(void const*)
ld: 0711-317 ERROR: Undefined  
symbol: .cbdataInternalAddType(cbdata_type, char const*, int, void (*) 
(void*))

ld: 0711-317 ERROR: Undefined symbol: .cbdataInternalAlloc(cbdata_type)
ld: 0711-317 ERROR: Undefined symbol: .eventAdd(char const*, void (*) 
(void*), void*, double, int, bool)

ld: 0711-317 ERROR: Undefined symbol: .commSetSelect
ld: 0711-317 ERROR: Undefined symbol: .fd_close
ld: 0711-317 ERROR: Undefined symbol: .fd_open
ld: 0711-317 ERROR: Undefined symbol: .ipcache_nbgethostbyname
ld: 0711-317 ERROR: Undefined symbol: .dlinkDelete
ld: 0711-317 ERROR: Undefined symbol: .dlinkAddTail
ld: 0711-317 ERROR: Undefined symbol: .fatalf
ld: 0711-317 ERROR: Undefined symbol: .MemBuf::freeFunc()
ld: 0711-317 ERROR: Undefined  
symbol: .cbdataInternalReferenceDoneValid(void**, void**)

ld: 0711-317 ERROR: Undefined symbol: .fd_bytes
ld: 0711-317 ERROR: Undefined symbol: .fdNFree
ld: 0711-317 ERROR: Undefined symbol: .PconnPool::count(int)
ld: 0711-317 ERROR: Undefined symbol: .comm_select
ld: 0711-317 ERROR: Undefined symbol: .fatal_dump
ld: 0711-317 ERROR: Undefined symbol: .fdAdjustReserved
ld: 0711-317 ERROR: Undefined symbol: .commResetSelect
ld: 0711-317 ERROR: Undefined symbol: .ipcacheMarkBadAddr
ld: 0711-317 ERROR: Undefined symbol: .ipcacheMarkGoodAddr
ld: 0711-317 ERROR: Undefined symbol: .netdbDeleteAddrNetwork
ld: 0711-317 ERROR: Undefined symbol: .ipcacheCycleAddr
ld: 0711-317 ERROR: Undefined symbol: .fatal
ld: 0711-317 ERROR: Undefined  
symbol: .AuthUserHashPointer::AuthUserHashPointer(AuthUser*)

ld: 0711-317 ERROR: Undefined symbol: .AuthUserHashPointer::user() const
ld: 0711-317 ERROR: Undefined symbol: .aclCacheMatchFlush
ld: 0711-317 ERROR: Undefined symbol: .dlinkNodeDelete
ld: 0711-317 ERROR: Undefined  
symbol: .authenticateAuthUserInuse(AuthUser*)
ld: 0711-317 ERROR: Undefined  
symbol: .HttpHeader::getStr(http_hdr_type) const
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more  
information.


If I compile src/cbdata by hand and add it to the link line, the first  
few symbols become defined.  It appears as if many files (cbdata being  
one of them) are not being compiled at all.


Often with AIX, that can be caused by AIX's sed.  I am using GNU's sed  
and GNU's make.  And GNU's bash to process the configure.


I'm fairly good at tracking this sort of thing down but I thought I  
would ask for any suggestions first.


Thank you,
Perry Smith
Ease Software, Inc. ( http://www.easesoftware.com )

Low cost SATA Disk Systems for IBMs p5, pSeries, and RS/6000 AIX systems

Re: [squid-users] WCCP