[squid-users] Re: Squid and Splash page
when I compiled 3.1.17 on ubuntu 10.04 64bit, I got the following error. is it a known issue? g++ -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\/usr/local/squid/etc/squid.conf\ -DDEFAULT_SQUID_DATA_DIR=\/usr/local/squid/share\ -DDEFAULT_SQUID_CONFIG_DIR=\/usr/local/squid/etc\ -I.. -I../include -I../src -I../include -I../src -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -D_REENTRANT -g -O2 -MT fqdncache.o -MD -MP -MF $depbase.Tpo -c -o fqdncache.o fqdncache.cc \ mv -f $depbase.Tpo $depbase.Po depbase=`echo ftp.o | sed 's|[^/]*$|.deps/|;s|\.o$||'`;\ g++ -DHAVE_CONFIG_H -DDEFAULT_CONFIG_FILE=\/usr/local/squid/etc/squid.conf\ -DDEFAULT_SQUID_DATA_DIR=\/usr/local/squid/share\ -DDEFAULT_SQUID_CONFIG_DIR=\/usr/local/squid/etc\ -I.. -I../include -I../src -I../include -I../src -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Werror -D_REENTRANT -g -O2 -MT ftp.o -MD -MP -MF $depbase.Tpo -c -o ftp.o ftp.cc \ mv -f $depbase.Tpo $depbase.Po ftp.cc: In member function ‘void FtpStateData::ftpAcceptDataConnection(const CommAcceptCbParams)’: ftp.cc:3124: error: redeclaration of ‘char ntoapeer [75]’ ftp.cc:3076: error: ‘char ntoapeer [75]’ previously declared here make[3]: *** [ftp.o] Error 1 make[3]: Leaving directory `/home/ubuntu/squid-3.1.17/src' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/ubuntu/squid-3.1.17/src' make[1]: *** [all] Error 2 make[1]: Leaving directory `/home/ubuntu/squid-3.1.17/src' make: *** [all-recursive] Error 1 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-and-Splash-page-tp3473302p4247868.html Sent from the Squid - Users mailing list archive at Nabble.com.
[squid-users] HELP: UPDATE
Ok, I rm -rf`d all directories named squid from my box thinking that attempting to do a fresh install after would fix everything NOPE, and wtf, apparently the install binary wont recreate the directories now, yay! wtf symlink madness any suggestions how to just get squid to reinstall from apt would be, so awesome. I removed squid due to a botched attempt to build and isntall from source, ok, then when I reinstalled squid after doing a make uninstall, squid was complaining about the error pages missing, it was looking for them in a new dir that it should not have been. rm -rf /usr/share/squid3/ --squid3.1.6 SHOULD be looking here rm -rf /usr/share/squid-langpack ---but,squid keeps looking for them here deviant:/# apt-get install squid3 Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: squidclient squid-cgi resolvconf The following NEW packages will be installed: squid3 0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded. Need to get 0 B/1,445 kB of archives. After this operation, 3,666 kB of additional disk space will be used. Selecting previously deselected package squid3. (Reading database ... 249217 files and directories currently installed.) Unpacking squid3 (from .../squid3_3.1.6-1.2+squeeze1_i386.deb) ... Processing triggers for man-db ... Setting up squid3 (3.1.6-1.2+squeeze1) ... Restarting Squid HTTP Proxy 3.x: squid3FATAL: MIME Config Table /usr/share/squid3/mime.conf: (2) No such file or directory Squid Cache (Version 3.1.6): Terminated abnormally. CPU Usage: 0.012 seconds = 0.004 user + 0.008 sys Maximum Resident Size: 16320 KB Page faults with physical i/o: 0 failed! cache.log === 2011/12/31 00:10:46| Starting Squid Cache version 3.1.6 for i486-pc-linux-gnu... 2011/12/31 00:10:46| Process ID 25488 2011/12/31 00:10:46| With 65535 file descriptors available 2011/12/31 00:10:46| Initializing IP Cache... 2011/12/31 00:10:46| DNS Socket created at [::], FD 7 2011/12/31 00:10:46| DNS Socket created at 0.0.0.0, FD 8 2011/12/31 00:10:46| Adding nameserver 127.0.0.1 from squid.conf 2011/12/31 00:10:46| errorpage.cc(293) errorTryLoadText: '/usr/share/squid3/errors/templates/ERR_LIFETIME_EXP': (2) No such file or directory FATAL: failed to find or read error text file. Squid Cache (Version 3.1.6): Terminated abnormally. CPU Usage: 0.040 seconds = 0.008 user + 0.032 sys Maximum Resident Size: 41792 KB Page faults with physical i/o: 0
Re: [squid-users] Problem Compiling Squid 1.1.8 (noob?)
Hallo, someone, Du meintest am 30.12.11: Problem Compiling Squid 1.1.8 deviant:/home/devadmin/source/squid-3.1.18# ./configure -O2' --with-squid=/build/buildd-squid3_3.1.6-1.2+squeeze1-i386-_y3HlV /squid3-3.1.6 Just for curiosity: which squid version do you really mean? Viele Gruesse! Helmut
Re: [squid-users] HELP: UPDATE
On 31/12/2011 21:32, someone wrote: Ok, I rm -rf`d all directories named squid from my box thinking that attempting to do a fresh install after would fix everything NOPE, and wtf, apparently the install binary wont recreate the directories now, yay! wtf symlink madness any suggestions how to just get squid to reinstall from apt would be, so awesome. I removed squid due to a botched attempt to build and isntall from source, ok, then when I reinstalled squid after doing a make uninstall, squid was complaining about the error pages missing, it was looking for them in a new dir that it should not have been. rm -rf /usr/share/squid3/--squid3.1.6 SHOULD be looking here rm -rf /usr/share/squid-langpack---but,squid keeps looking for them here deviant:/# apt-get install squid3 Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: squidclient squid-cgi resolvconf The following NEW packages will be installed: squid3 0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded. Need to get 0 B/1,445 kB of archives. After this operation, 3,666 kB of additional disk space will be used. Selecting previously deselected package squid3. (Reading database ... 249217 files and directories currently installed.) Unpacking squid3 (from .../squid3_3.1.6-1.2+squeeze1_i386.deb) ... Processing triggers for man-db ... Setting up squid3 (3.1.6-1.2+squeeze1) ... Restarting Squid HTTP Proxy 3.x: squid3FATAL: MIME Config Table /usr/share/squid3/mime.conf: (2) No such file or directory Squid Cache (Version 3.1.6): Terminated abnormally. CPU Usage: 0.012 seconds = 0.004 user + 0.008 sys Maximum Resident Size: 16320 KB Page faults with physical i/o: 0 failed! cache.log === 2011/12/31 00:10:46| Starting Squid Cache version 3.1.6 for i486-pc-linux-gnu... 2011/12/31 00:10:46| Process ID 25488 2011/12/31 00:10:46| With 65535 file descriptors available 2011/12/31 00:10:46| Initializing IP Cache... 2011/12/31 00:10:46| DNS Socket created at [::], FD 7 2011/12/31 00:10:46| DNS Socket created at 0.0.0.0, FD 8 2011/12/31 00:10:46| Adding nameserver 127.0.0.1 from squid.conf 2011/12/31 00:10:46| errorpage.cc(293) errorTryLoadText: '/usr/share/squid3/errors/templates/ERR_LIFETIME_EXP': (2) No such file or directory FATAL: failed to find or read error text file. Squid Cache (Version 3.1.6): Terminated abnormally. CPU Usage: 0.040 seconds = 0.008 user + 0.032 sys Maximum Resident Size: 41792 KB Page faults with physical i/o: 0 Hi, What does dpkg -l | grep squid show ? Cheers, Pieter
Re: [squid-users] HELP: UPDATE
THANK YOU for your response Peter. deviant:/home/devadmin# dpkg -l | grep squid ii sarg 2.2.5-2 squid analysis report generator rc squid 2.7.STABLE9-2.1 Internet object cache (WWW proxy cache) ii squid-cgi 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - control CGI ii squid-common 2.7.STABLE9-2.1 Internet object cache (WWW proxy cache) - common files ii squid-langpack20100628-1 Localized error pages for Squid rc squid33.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) ii squid3-common 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - common files ii squidclient 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - control utility But yeah basically after I failed to compiled a newer version, because I need SSL, I just decided I would reinstall the vanilla squid3.1.6 from debian squeeze repos, but when I installed it, it kept complaining about files missing, as if somehow some symlinks were made, and Im guessing that make install from debian 3.1.8 must have not cleaned up after itself after doing a 'make uninstall' of course im totally freaking out coz producting is in 5 hours and I just figured Id clarify. On Sat, 2011-12-31 at 22:45 +1300, Pieter De Wit wrote: On 31/12/2011 21:32, someone wrote: Ok, I rm -rf`d all directories named squid from my box thinking that attempting to do a fresh install after would fix everything NOPE, and wtf, apparently the install binary wont recreate the directories now, yay! wtf symlink madness any suggestions how to just get squid to reinstall from apt would be, so awesome. I removed squid due to a botched attempt to build and isntall from source, ok, then when I reinstalled squid after doing a make uninstall, squid was complaining about the error pages missing, it was looking for them in a new dir that it should not have been. rm -rf /usr/share/squid3/--squid3.1.6 SHOULD be looking here rm -rf /usr/share/squid-langpack---but,squid keeps looking for them here deviant:/# apt-get install squid3 Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: squidclient squid-cgi resolvconf The following NEW packages will be installed: squid3 0 upgraded, 1 newly installed, 0 to remove and 2 not upgraded. Need to get 0 B/1,445 kB of archives. After this operation, 3,666 kB of additional disk space will be used. Selecting previously deselected package squid3. (Reading database ... 249217 files and directories currently installed.) Unpacking squid3 (from .../squid3_3.1.6-1.2+squeeze1_i386.deb) ... Processing triggers for man-db ... Setting up squid3 (3.1.6-1.2+squeeze1) ... Restarting Squid HTTP Proxy 3.x: squid3FATAL: MIME Config Table /usr/share/squid3/mime.conf: (2) No such file or directory Squid Cache (Version 3.1.6): Terminated abnormally. CPU Usage: 0.012 seconds = 0.004 user + 0.008 sys Maximum Resident Size: 16320 KB Page faults with physical i/o: 0 failed! cache.log === 2011/12/31 00:10:46| Starting Squid Cache version 3.1.6 for i486-pc-linux-gnu... 2011/12/31 00:10:46| Process ID 25488 2011/12/31 00:10:46| With 65535 file descriptors available 2011/12/31 00:10:46| Initializing IP Cache... 2011/12/31 00:10:46| DNS Socket created at [::], FD 7 2011/12/31 00:10:46| DNS Socket created at 0.0.0.0, FD 8 2011/12/31 00:10:46| Adding nameserver 127.0.0.1 from squid.conf 2011/12/31 00:10:46| errorpage.cc(293) errorTryLoadText: '/usr/share/squid3/errors/templates/ERR_LIFETIME_EXP': (2) No such file or directory FATAL: failed to find or read error text file. Squid Cache (Version 3.1.6): Terminated abnormally. CPU Usage: 0.040 seconds = 0.008 user + 0.032 sys Maximum Resident Size: 41792 KB Page faults with physical i/o: 0 Hi, What does dpkg -l | grep squid show ? Cheers, Pieter
[squid-users] Forcing Squid 2.7 to use specific Interfaces
Some Facts: - Using Squid 2.7 on Debian Linux - Dell Machine with one internal ETH (eth0) = disabled, 2x D-Link DFE-530TX ETH Cards (Eth1, Eth2) - Squid Proxying only - Question: Hi there, regarding the following scenario: Internal Network via ETH1 (192.168.0.0/24) = Squid Server (eth0 down / eth1: 192.168.0.6 / eth2: 10.0.0.7) = Routing Network (10.0.0.0/28) via ETH2 = Router (10.0.0.1) = Internet How can I force squid to exactly use this kind of scenario. That means accept Open a Port Proxying requests from the internal network; No Port / Deny Requests from the external AND Keep this direction that traffic from or to the internet is exclusively routed thru the external interface. Any Ideas ? Thanks, Markus
Re: [squid-users] Problem Compiling Squid 1.1.8 (noob?)
Well I copied the configuration from my at the time, current squid, 3.1.6, which doesnt isnt built with ssl support, which is why im trying to build 3.1.8, ok and I got all my configure directives from the output of the squid3 -v command since im a total noob and figured that would be easiest and I would just add the --enable-ssl option to it. But I also ended up copying that as well. So hope that clarifies. But still cannot build, I mean it almost finishes but this error is not gunna fly. On Sat, 2011-12-31 at 10:31 +0100, Helmut Hullen wrote: Hallo, someone, Du meintest am 30.12.11: Problem Compiling Squid 1.1.8 deviant:/home/devadmin/source/squid-3.1.18# ./configure -O2' --with-squid=/build/buildd-squid3_3.1.6-1.2+squeeze1-i386-_y3HlV /squid3-3.1.6 Just for curiosity: which squid version do you really mean? Viele Gruesse! Helmut
Re: [squid-users] HELP: UPDATE
On 31/12/2011 11:56 p.m., someone wrote: THANK YOU for your response Peter. deviant:/home/devadmin# dpkg -l | grep squid ii sarg 2.2.5-2 squid analysis report generator rc squid 2.7.STABLE9-2.1 Internet object cache (WWW proxy cache) ii squid-cgi 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - control CGI ii squid-common 2.7.STABLE9-2.1 Internet object cache (WWW proxy cache) - common files ii squid-langpack20100628-1 Localized error pages for Squid rc squid33.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) ii squid3-common 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - common files ii squidclient 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - control utility But yeah basically after I failed to compiled a newer version, because I need SSL, I just decided I would reinstall the vanilla squid3.1.6 from debian squeeze repos, but when I installed it, it kept complaining about files missing, as if somehow some symlinks were made, and Im guessing that make install from debian 3.1.8 must have not cleaned up after itself after doing a 'make uninstall' of course im totally freaking out coz producting is in 5 hours and I just figured Id clarify. aptitude purge to remove a package in future ;). You will need to begin by running aptitude purge squid squid3 squid-langpack squid-common squid3-common. Then re-install squid3 and apt should be able to pull the others back in properly as dependencies. wiki.squid-cache.org/KnowledgeBase/Debian has the set of minimum required ./configure options to build squid for Debian. *Except* that the official packages use squid3 instead of squid in the paths, and the custom built binary is also called /usr/sbin/squid so the squid3 packages /etc/init.d/squid3 script needs a small edit to change the executables name. Amos
Re: [squid-users] HELP: UPDATE
On 31/12/2011 10:45 p.m., Pieter De Wit wrote: On 31/12/2011 21:32, someone wrote: Ok, I rm -rf`d all directories named squid from my box thinking that attempting to do a fresh install after would fix everything NOPE, and wtf, apparently the install binary wont recreate the directories now, yay! wtf symlink madness any suggestions how to just get squid to reinstall from apt would be, so awesome. I removed squid due to a botched attempt to build and isntall from source, ok, then when I reinstalled squid after doing a make uninstall, squid was complaining about the error pages missing, it was looking for them in a new dir that it should not have been. rm -rf /usr/share/squid3/--squid3.1.6 SHOULD be looking here rm -rf /usr/share/squid-langpack---but,squid keeps looking for them here No. Squid 3.1 uses error page templates provided by the langpack. It is correct. At this point I agree with Pieter suggestion. Use dpkg -l | grep squid to find all the packages which you may have damaged by removing squid directories. At the minimum there will be squid3, squid3-common and squid-langpack. When you have determined what needs repairing use aptitude purge followed by the package names to drop them out of your system. Then and re-install them. The squid wiki.squid-cache.org/KnowledgeBase/Debian has the required options to build squid for Debian. Amos
Re: [squid-users] HELP: UPDATE
Thanks guys! ---noob! it worked! I did try apt-get purge by itself, wasnt aware that I needed to also include the names of the packages, but IT WORKED! THANK YOU! well tommarow Ill get back at compiling and I will check out that link of requisites for building squid amos. THANKS AGAIN! BACK IN PRODUCTION... On Sun, 2012-01-01 at 00:17 +1300, Amos Jeffries wrote: On 31/12/2011 11:56 p.m., someone wrote: THANK YOU for your response Peter. deviant:/home/devadmin# dpkg -l | grep squid ii sarg 2.2.5-2 squid analysis report generator rc squid 2.7.STABLE9-2.1 Internet object cache (WWW proxy cache) ii squid-cgi 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - control CGI ii squid-common 2.7.STABLE9-2.1 Internet object cache (WWW proxy cache) - common files ii squid-langpack20100628-1 Localized error pages for Squid rc squid33.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) ii squid3-common 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - common files ii squidclient 3.1.6-1.2+squeeze1 A full featured Web Proxy cache (HTTP proxy) - control utility But yeah basically after I failed to compiled a newer version, because I need SSL, I just decided I would reinstall the vanilla squid3.1.6 from debian squeeze repos, but when I installed it, it kept complaining about files missing, as if somehow some symlinks were made, and Im guessing that make install from debian 3.1.8 must have not cleaned up after itself after doing a 'make uninstall' of course im totally freaking out coz producting is in 5 hours and I just figured Id clarify. aptitude purge to remove a package in future ;). You will need to begin by running aptitude purge squid squid3 squid-langpack squid-common squid3-common. Then re-install squid3 and apt should be able to pull the others back in properly as dependencies. wiki.squid-cache.org/KnowledgeBase/Debian has the set of minimum required ./configure options to build squid for Debian. *Except* that the official packages use squid3 instead of squid in the paths, and the custom built binary is also called /usr/sbin/squid so the squid3 packages /etc/init.d/squid3 script needs a small edit to change the executables name. Amos
Re: [squid-users] Forcing Squid 2.7 to use specific Interfaces
On 1/01/2012 12:00 a.m., Markus Thüs wrote: Some Facts: - Using Squid 2.7 on Debian Linux - Dell Machine with one internal ETH (eth0) = disabled, 2x D-Link DFE-530TX ETH Cards (Eth1, Eth2) - Squid Proxying only - Question: Hi there, regarding the following scenario: Internal Network via ETH1 (192.168.0.0/24) = Squid Server (eth0 down / eth1: 192.168.0.6 / eth2: 10.0.0.7) = Routing Network (10.0.0.0/28) via ETH2 = Router (10.0.0.1) = Internet How can I force squid to exactly use this kind of scenario. That means accept Open a Port Proxying requests from the internal network; No Port / Deny Requests from the external AND Keep this direction that traffic from or to the internet is exclusively routed thru the external interface. Any Ideas ? Firstly; forget the interfaces. They are part of the systems down at layer 1-3 (the hardware levels). Squid operates only at level 4-7 and the closest it gets to interfaces is knowing what an IP address is. In squid.conf http_access directive determines what requests are permitted to happen and what are rejected up front. The default configuration contains an ACL called localnet or our_networks depending on your squid version. The network LAN subnet(s) which you configure in there are permitted to make requests through Squid, others are not. Preventing LAN clients visiting LAN servers through Squid is a different prospect. You need to add a dst type ACL with the LAN range and a http_access deny line before the http_access allow localnet line. However; you may not want to actually do that. Since clients will be passing Squid the domain names they want to contact Squid will be checkign the DNS for those domains. Its not normal or good for the public DNS system to contains 192.168.0.0/16 or 10.0.0.0/8 range IPs and you would have had to create a local DNS view for them to be visible. Both those cases seem to be ones where you are actually wanting Squid to resolve the domains to LAN IPs and pass traffic there. If you need Squid to not even listen on public facing port 3128 (or whatever) configure the http_port as the hostname:port or ip:port which it *is* allowed to listen on. Amos
Re: [squid-users] Re: Squid and Splash page
On 31/12/2011 9:12 p.m., ming wrote: when I compiled 3.1.17 on ubuntu 10.04 64bit, I got the following error. is it a known issue? Yes, and was fixed in the newer release. Please build the latest in the series when self-compiling. Speaking of which, if you need eCAP, ICAP, or adaptation use the daily bug fix instead of 3.1.18 as there is a similar issue in that package for them. Amos
[squid-users] intercept problem squid 3.1.18
greetings, Im stuck and im not sure what part I should re-do. I have an xserve running 10.6.8 I have clients routing through the system just fine with ipfw. they can access the internet via a NAT on the otherside of the squid. compiled squid 3.1.18 Squid Cache: Version 3.1.18 configure options: '--enable-icmp' '--enable-delay-pools' '--disable-htcp' '--enable-ipfw-transparent' '--enable-snmp' '--enable-underscores' '--enable-basic-auth-helpers=NCSA,LDAP' --with-squid=/usr/local/squid-3.1.18 --enable-ltdl-convenience squid starts squid3:sbin root# ./squid -d1X squid3:sbin root# 2011/12/31 15:44:18| Starting Squid Cache version 3.1.18 for i686-apple-darwin10.8.0... 2011/12/31 15:44:18| Process ID 23009 2011/12/31 15:44:18| With 1024 file descriptors available 2011/12/31 15:44:18| Initializing IP Cache... 2011/12/31 15:44:18| DNS Socket created at [::], FD 6 2011/12/31 15:44:18| DNS Socket created at 0.0.0.0, FD 7 2011/12/31 15:44:18| Adding nameserver 10.135.1.21 from /etc/resolv.conf 2011/12/31 15:44:18| Adding nameserver 10.135.1.3 from /etc/resolv.conf 2011/12/31 15:44:18| Adding nameserver 10.135.1.2 from /etc/resolv.conf 2011/12/31 15:44:18| Unlinkd pipe opened on FD 12 2011/12/31 15:44:18| Store logging disabled 2011/12/31 15:44:18| Swap maxSize 0 + 262144 KB, estimated 20164 objects 2011/12/31 15:44:18| Target number of buckets: 1008 2011/12/31 15:44:18| Using 8192 Store buckets 2011/12/31 15:44:18| Max Mem size: 262144 KB 2011/12/31 15:44:18| Max Swap size: 0 KB 2011/12/31 15:44:18| Using Least Load store dir selection 2011/12/31 15:44:18| Current Directory is /usr/local/squid/sbin 2011/12/31 15:44:18| Loaded Icons. 2011/12/31 15:44:18| Accepting intercepted HTTP connections at 10.10.60.55:3128, FD 13. 2011/12/31 15:44:18| HTCP Disabled. 2011/12/31 15:44:18| Squid plugin modules loaded: 0 2011/12/31 15:44:18| Ready to serve requests. 2011/12/31 15:44:19| storeLateRelease: released 0 objects I add the intercept command to ipfw; $cmd 500 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 I can see the packets being fwd' to squid 00500 5 240 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 00500 111 6448 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 00500 117 6832 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 00500 122 7088 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 nothing shows up in my access.log, squid never gets the hit. So,.. I think it's compiled correctly, but im not sure if I should re-compile this version or try another. Or maybe try with other options. Anyone know any fancy lsof or greps i can use to find out whats happening ? any suggestions ? - this same setup worked under 3.1.11 with osx 10.5 -j
Re: [squid-users] intercept problem squid 3.1.18
On Dec 31, 2011, at 4:00 PM, jeffrey j donovan wrote: greetings, Im stuck and im not sure what part I should re-do. I have an xserve running 10.6.8 I have clients routing through the system just fine with ipfw. they can access the internet via a NAT on the otherside of the squid. compiled squid 3.1.18 Squid Cache: Version 3.1.18 configure options: '--enable-icmp' '--enable-delay-pools' '--disable-htcp' '--enable-ipfw-transparent' '--enable-snmp' '--enable-underscores' '--enable-basic-auth-helpers=NCSA,LDAP' --with-squid=/usr/local/squid-3.1.18 --enable-ltdl-convenience squid starts squid3:sbin root# ./squid -d1X squid3:sbin root# 2011/12/31 15:44:18| Starting Squid Cache version 3.1.18 for i686-apple-darwin10.8.0... snip I can see the packets being fwd' to squid 00500 5 240 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 00500 111 6448 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 00500 117 6832 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 00500 122 7088 fwd 10.10.60.55,3128 tcp from 10.160.0.0/16 to any dst-port 80 in recv en1 nothing shows up in my access.log, squid never gets the hit. So,.. I think it's compiled correctly, but im not sure if I should re-compile this version or try another. Or maybe try with other options. Anyone know any fancy lsof or greps i can use to find out whats happening ? any suggestions ? - this same setup worked under 3.1.11 with osx 10.5 -j okay I got squid to take a hit. The system is not operating in intercept mode. I just connected to it with my client. I had to specify the proxy settings in the system or browser. it appears it is not working in intercept mode. here is my relevant squid.conf http_port 10.10.60.55:3128 intercept result when squid starts; 2011/12/31 15:44:18| Accepting intercepted HTTP connections at 10.10.60.55:3128, FD 13. here is a question. -- Whats the best version of squid, If I only want the intercept and redirect feature. 2.7 or 3.1.x? on my traditional cache proxy systems, 3.1.+ is the way to go, but intercept does not require (in my case) cache and authentication. Is 3.1.18 where I should stay is what im asking. -j
Re: [squid-users] intercept problem squid 3.1.18 SOLVED
turns out to be an OSX 10.6 issue previous systems were set to 0 the default on 10.6 is 1. disable this and squid then gets the hit transparently. sysctl -w net.inet.ip.scopedroute=0 -j
Re: [squid-users] Reverse Proxy Configuration
I suppose you answered my question. I was referring to multiple certificates on one port. Any eta on the 3.2 stable version? Thanks On Fri, Dec 30, 2011 at 6:18 AM, Amos Jeffries squ...@treenet.co.nz wrote: On Wed, 28 Dec 2011, Roman Gelfand wrote: Consider the following configuration lines https_port 443 cert=/etc/apache2/certs/server.pem key=/etc/apache2/certs/server.key vhost vport cache_peer 127.0.0.1 parent 8443 0 ssl no-query originserver sslflags=DONT_VERIFY_PEER front-end-https login=PASS What if there is more site ssl sites which I would like to forward, how can I accomplish that? Also, it appears that alternate CN names are not being recognized. Is there anything to do about that? Thanks in advance On 29/12/2011 7:22 a.m., Roman Gelfand wrote: version 3.16. On Wed, Dec 28, 2011 at 1:21 PM, Pieter De Wit wrote: Hi Roman, What version of Squid are you using ? And how do you define more site ssl sites which I would like to forward ... multiple sites with the same certificate passed to several backend servers? or, multiple sites with separate certificates? Noting that the certificate in 3.1 and earlier Squid is hard-coded into the config file as one certificate per https_port. For multiple different certificates on one port you will need the dynamic certificate generator feature from Squid-3.2. It was created for ssl-bump ports but with a little tweaking could be used to supply several certs on a https_port with vhost when the clients send SNI information. No idea if it actually works yet though, nobody who has tried it has reported back. Amos
Re: [squid-users] intercept problem squid 3.1.18 SOLVED
On 1/01/2012 11:23 a.m., jeffrey j donovan wrote: turns out to be an OSX 10.6 issue previous systems were set to 0 the default on 10.6 is 1. disable this and squid then gets the hit transparently. sysctl -w net.inet.ip.scopedroute=0 -j Thank you for that info. I've added it to the IPFW wiki page. http://wiki.squid-cache.org/ConfigExamples/Intercept/Ipfw Amos
Re: [squid-users] Reverse Proxy Configuration
On 1/01/2012 3:56 p.m., Roman Gelfand wrote: I suppose you answered my question. I was referring to multiple certificates on one port. Any eta on the 3.2 stable version? Soon as the bugs are gone. I'm hopefule that might be in a month or two, but we never know for certain. Amos