[squid-users] regular expressions List
Hello, list, anyone knows any website where you can download regular expressions to apply to fuiltrado porn sites, sex, adult content? thanks
[squid-users] partitions for cache size
Hello list, I'm putting together a new server that has the following Pentium 4 Dual Core 4 GB RAM 1 TB SATA 64-bit Centos I wanted to see that the partition layout recommended for me squid's cache? A single partition or several smaller?
[squid-users] sarg reports
Hola lista,, termino de instalar sarg, y ya estoy viendo los resultados. busque por internet y no logro entender los resultados del reporte yo tengo algo asi NUM USERID CONEXION BYTES %BYTES ENTRADA-CACHE-SALIDA TIEMPO UTILIZADO MILISEC %HORA donde dice ENTRADA-CACHE-SALIDA se refiere a lo que descargo desde internet y a lo que estaba en el cache ?' porque dice por ejemplo: NUM USERID CONEXIONBYTES %BYTES ENTRADA-CACHE-SALIDATIEMPO UTILIZADO MILISEC %HORA 1 10.10.10.xx 146.33K 3.66G 4.63% 9.10% 90.90% 114:08:40410.920.0213.65% 2 10.10.10.xx 49.88K 3.04G 3.85% 4.47%95.53% 77:55:04 280.504.556 2.49% Gracias
[squid-users] storeurl.pl in squid3.1.xx
I am trying to configure squid storeurl_rewrite_program in 3.1.xx and returns me an error, it is normal .. because it did not exceed 2.7 thanks
[squid-users] Centos 5.5 + kernel 3.1 + Tproxy + Squid 3.1.4
Hello. list, anyone have any idea if it works with this configuration in squid 3.xx? http://wiki.mikrotik.com/wiki/External_Squid_Box_with_No_Limit_Cache_HIT_Object_ROS_2.9 thanks
[squid-users] Hardware Requirements
hello list, as estasn, I need your advice to the next stage an ISP network with 500 users I have a pentium 4 Dual Core + 4 GB ram + Sata 2 160 GB Squid 3.1.xx + bridge + tproxy + Centos 5.4 64 Bits I would like to know your opinions about the hardware, if very small, fine or need something bigger what equipment do you recommend? thanks
[squid-users] Full cache windows update
hello. list, query, always used squid in the industry now 2.7.xx 3.1.xx I go to and need to know if there way to make full cache windowsupdate?
[squid-users] cache_mem ?? parametre
hello list, I have the following server Centos 5.5. 64 bits Core 2 DUO 4 Gb de RAM 160 GB cache disk As for memory write, I advise the parameter cache_mem?
[squid-users] squid 3.1.xx caching youtube ???
hello, list, it is possible cache contents and youtube with squid 3.1.xx?
[squid-users] reffresh_pattern
Hola .lista alguien sabe donde puedo bajar o conseguir alguna lista de refresh_... ya definida para agregar a mi squid ?
[squid-users] rules ebtables
hi. list a query, finish putting together a bridge + squid with
tproxy, but I have a doubt with ebtables rules, as in the wiki says
one thing and does another ami me
only works if I put --redirect-target ACCEPT the end of regulation
instead of DROP
Is this right?
${EBTABLES} -t broute -F
${EBTABLES} -t broute -A BROUTING -i $EXTDEV -p ipv4 --ip-protocol tcp
--ip-source-port 80 -j redirect --redirect-target ACCEPT
${EBTABLES} -t broute -A BROUTING -i $INTDEV -p ipv4 --ip-protocol tcp
--ip-destination-port 80 -j redirect --redirect-target ACCEPT
[squid-users] squid fine tunning
hi. list, I wanted to ask them if someone can provide me some file squid.sonf, desenpeño set to high, because I need tunnig make squid 3.1
[squid-users] error libcap2 --
Hello .. please someone can help me with this error because more than a week ago that I'm swearing and I just realized I asked this in Centos 5.4 i386 kernel 2.6.30 iptables 1.4.5 it asks for libcap2 and libcap2-dev, but there in centos 5.3 and I am following this guide to install http://www.eu.squid-cache.org/mail-archive/squid-users/200906/0602.html someone has way to fix this? Hola.. por favor alguien me puede ayudar con este error , ya que hace mas de una semana que estoy renegando y recien me doy cuenta que me pide esto en Centos 5.4 i386 kernel 2.6.30 iptables 1.4.5 me pide que instale libcap2 y libcap2-dev, pero no existe en centos 5.3 y estoy siguiendo esta guia para instalarlo http://www.eu.squid-cache.org/mail-archive/squid-users/200906/0602.html alguien tiene forma de solucionar esto ?
[squid-users] squid 3.1 + bridge + ebtables ??-- linux-nelfilter o linux-tproxy4 ?
hello list I'm compiling squid 3.1 and wanted to know which option should I choose to set it as ebtables + bridge + squid3 if - enable-linux-netfilter or enable-linux-tproxy? Thanks
[squid-users] squid.conf 2.7 in squid3.1
a question, is possible to use the same configuration file of squid 2.7.stable3 in squid 3.1? without realising modifications to the same
[squid-users] which filesystem to use the cache?
Hello I wanted to consult you recommend for the filesystem cache: Ext3 - Reiserfs???
[squid-users] Necesito ayuda, una orientacion
Hola LIsta, antes que nada , pido disculpas por escribir en español. ya quwe mi ingles es malo, y al utilizar traductores no he logrado, que me entiendan. Si alguien desea traducir al ingles no hay problemas. Mi situacion es la siguiente: Tengo debian lenny 64 bits instalado., Ahora tiene kernel 2.6.26 + squid 2.7 STABLE3. Todo instalado de los repositorios de debian. Lo que deseo es habilitar tproxy, pero por mas que busco en internet , cada vez me mareo mas. Lo que necesito es que me digan que version de tproxy debo usar, que kernel , que version de ipatables. y que version de squid , tambien de donde bajar los parches para el kernel . iptables y squid. ya que ingreso a balabit.com y no se que descargar. Perdon nuevamente por escribir en ingles.
[squid-users] Cache Videos Youtube
Hello list, I have squid version 2.7.STABLE3, debian lenny and wanted to know if I have way to cache the videos from youtube?
[squid-users] Toproxy - cache rapidshare ??
Hello, list, I will write in Spanish and translate it with google. For some time I am reading info on tproxy to implement it on a debian lenny. The specific query is as follows. Enabling Tproxy, it is possible to cache sites like rapidshare, megaupload, etc.. or skip the cache only achievement these sites and see the source IP address (the customer) and not the cache (squid). en español : Hola, lista,, voy a escribir en español y traducirlo con el google. Desde hace tiempo estoy leyendo info, sobre tproxy para implementarlo en una debian lenny. La consulta en concreto es la siguiente. Habilitando Tproxy, es posible hacer cache de sitios como rapidshare , megaupload, etc. o Solamente logro saltar el cache y que estos sitios vean la ip de origen ( el cliente) y no la del cache (squid).
[squid-users] kernel 2.6.32
List,, alguin can guide me if you can compile the kernel 2.6.32 with tproxy? I use that version of iptables? debain lenny 64 bits kernel 2.6.32 iptables ?? Gracias
[squid-users] debian Lenny
List, someone has installed tproxy in debian lenny know if the version of squid is already included in lenny tproxy support? I may provide a guide thanks Lista,, alguien ha instalado tproxy en debian lenny saben si la version de squid incluida en lenny ya tiene soporte de tproxy ? me podran facilitar una guia gracias
[squid-users] Cache_mem ?? -- help
Hello list, I have a server with 3 GB of RAM and two 50GB partitions for cache space, that I could focus on cache_mem assign value?
[squid-users] imagen iso o similar
hi. list, this is my first post, and wanted to check this: Someone is aware of any Linux distribution, or iso image, you have already patched the kernel source with support tproxy and besides iptables and squid with tproxy? hola. lista,, este es mi primer correo, y queria consultar los siguiente: Alguien tiene conocimiento de alguna distribucion de linux, o imagen iso, que ya tenga de origen el kernel patcheado con soporte tproxy y ademas iptables y squid con tproxy ?
[squid-users] Problems with deny_info
im running squid 2.5 and when i configure 2 deny_info pages i get the following error: Segmentation Fault With just one deny_info it works fine, no matter what deny_info is, but when i try to use both i get this error. Is there any limitation about this?? acl abuser maxconn 30 deny_info ERR_TOO_MUCH_CON abuser http_access deny abuser acl lab1lun time M 15:00-17:00 deny_info ERR_CLASS_LAB lab1lun http_access deny lab1 lab1lun Any help will be appreciated Diego ___ Advertencia: Este mensaje contiene la opinion personal del remitente y la Universidad Catolica Nuestra Senora de la Asuncion no asume responsabilidad alguna con relacion al contenido del presente mensaje. Cualquier consulta realizar por favor a [EMAIL PROTECTED] . Protected by LED
Re: [squid-users] almost 100% CPU usage
I have a Red Hat 9 with squid 2.5 and the cpu usage is often around 90-95%, we have around 300 users, its normal? i thought it was, then i read this we have a pentium III 500 mhz with 256 mb of memory running squid... Diego Dasso Marco Bresciani ha escrito: > Henrik Nordstrom <[EMAIL PROTECTED]> ha scritto: > > >> It happens that, as soon as I make a request that is not available through > >> the cached things, the squid process goes to about 97-98 CPU percentage. > > > >Odd.. > > Yes! :-) > > >Does "squid -k debug" give any hints in cache.log what your Squid is > >doing? > > Well... I have manually read the cache.log file and I've also tried to run > squid with the -d option but it does not say anything useful... as soon as > I return to work on Monday morning I'll post the cache.log file. > > >Note: /dev/null needs to be the null device, not a regular file "ls -l > >/dev/null" should show something like > > Yes, it's the usual null device... > > >crw-rw-rw-1 root root 1, 3 Apr 11 2002 /dev/null > > > >(note the c in front of the permissions and the odd numbers where the > >filesize is normally seen). > > Uhm... I'l check it, but I'm sure it is the usual null... > > Thanks for now, > > Marco > > -- > (o> Utente [EMAIL PROTECTED] da 3,752 anni (2504 unità) > //\ Tempo CPU: 2,42 anni (8h 27min 56,4s medio) > V_/_ Posizione: 102868/4961028 (97,925%) ___ Advertencia: Este mensaje contiene la opinion personal del remitente y la Universidad Catolica Nuestra Senora de la Asuncion no asume responsabilidad alguna con relacion al contenido del presente mensaje. Cualquier consulta realizar por favor a [EMAIL PROTECTED] . Protected by LED
Re: [squid-users] URLs with no .s in them
Squid uses the DNS in /etc/resolv.conf Check that it points to a manchine that knows who is mars. Try host mars if mars is part of, say a domain mars.mydomain.com add a line in /etc/resolv.conf at the top: search mydomain.com For example, i work in a machine named 'amnesia' but im part of domain fismat.umich.mx, so in the dns i write search fismat.umich.mx nameserver 148.x.x.x <--- ip of my nameserver with this, when i do ping amnesia my dns automatically adds .fismat.umich.mx and so im pinging amnesia.fismat.umich.mx, and it works. Mensaje citado por Daniel Corbe <[EMAIL PROTECTED]>: > Okay, I also had to compile with --disable-internal-dns and turn > dns_defnames on and it seems to be running good > > Slow, but good. > > > Ariel Molina Rueda wrote: > > >I had a similar problem, it was a squid.conf issue, just check that you > have > >this: > > > >* httpd_accel_host virtual > >* httpd_accel_port 80 > >* httpd_accel_with_proxy on > >* httpd_accel_uses_host_header on > > > >it may help. > > > >-- > >Ariel Molina Rueda > > > >Mensaje citado por Daniel Corbe <[EMAIL PROTECTED]>: > > > > > > > >>Hey, > >> > >>I'm using URLs from my client PCs with no .s in them, just the host name > >>without the domain name > >> > >>for example: mars as opposed to mars.resultstel.com since the local > >>resolvers are all configured to search .resultstel.com > >> > >>and I get the following error even though the squid box itself is > >>capable of resolving "mars": > >>bash-2.05b# host mars > >>mars.resultstel.com has address 146.82.194.225 > >> > >>I even tried using this config option: > >>append_domain .resultstel.com > >> > >>to no avail. > >> > >>What do I do to fix it? > >> > >>ERROR > >>The requested URL could not be retrieved > >> > >> > >> > >> > > > > > > > >>While trying to retrieve the URL: /bb/ > >> > >>The following error was encountered: > >> > >>Invalid URL > >>Some aspect of the requested URL is incorrect. Possible problems: > >> > >>Missing or incorrect access protocol (should be `http://'' or similar) > >>Missing hostname > >>Illegal double-escape in the URL-Path > >>Illegal character in hostname; underscores are not allowed > >>Your cache administrator is webmaster. > >> > >> > >> > >> > >> > > > > > > > > > > > >This message was sent using IMP, the Internet Messaging Program. > > > > > > > > > This message was sent using IMP, the Internet Messaging Program.
Re: [squid-users] URLs with no .s in them
I had a similar problem, it was a squid.conf issue, just check that you have this: * httpd_accel_host virtual * httpd_accel_port 80 * httpd_accel_with_proxy on * httpd_accel_uses_host_header on it may help. -- Ariel Molina Rueda Mensaje citado por Daniel Corbe <[EMAIL PROTECTED]>: > Hey, > > I'm using URLs from my client PCs with no .s in them, just the host name > without the domain name > > for example: mars as opposed to mars.resultstel.com since the local > resolvers are all configured to search .resultstel.com > > and I get the following error even though the squid box itself is > capable of resolving "mars": > bash-2.05b# host mars > mars.resultstel.com has address 146.82.194.225 > > I even tried using this config option: > append_domain .resultstel.com > > to no avail. > > What do I do to fix it? > > ERROR > The requested URL could not be retrieved > > > > While trying to retrieve the URL: /bb/ > > The following error was encountered: > > Invalid URL > Some aspect of the requested URL is incorrect. Possible problems: > > Missing or incorrect access protocol (should be `http://'' or similar) > Missing hostname > Illegal double-escape in the URL-Path > Illegal character in hostname; underscores are not allowed > Your cache administrator is webmaster. > > > This message was sent using IMP, the Internet Messaging Program.
Re: [squid-users] SOLUTION: iptables and transparent proxy squid
Thanks for your help all you guys who did help me, and everyone else for your patience. To create a transparent proxy that does web cache, capturing packets from a bridge device, with squid (and the bridge) in the same machine. My solution was: - Upgrade to kernel 2.6.5 - Get ebtables http://ebtables.sourceforge.net/ - Use the following lines // Create the bridge # ifconfig eth0 0.0.0.0 promisc up # ifconfig eth0 0.0.0.0 promisc up # brctl addif br0 eth0 # brctl addif br0 eth0 # ifconfig br0 200.1.2.3 netmask 255.255.255.0 up # route add default gw 200.1.2.254 dev br0 // This line tells ebtables to route (accept) the packages // going to port 80, instead of bridging them: # ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT // Tell iptables to redirect the packages going to 80, to its own port 3128 # iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 3128 Works like a charm!!! :D An if the squid/bridge machine crashes or dies i can easily unplug the cable and plug it to the router. NOTE: I learned that if after setting up my bridge if your machine locks up or beings with a nasty behaviour. It is a network driver problem, it's because one (or both) interface can't go into promiscuos mode. Get a better card! As i did. I've put a page to instruct how to do it (in spanish): http://fismat.umich.mx/~ariel/?ariel=bridged-squid Mensaje citado por Denis Vlasenko <[EMAIL PROTECTED]>: > On Wednesday 14 April 2004 20:38, Ariel Molina Rueda wrote: > > Quoting Denis Vlasenko <[EMAIL PROTECTED]>: > > > On Tuesday 13 April 2004 23:23, Ariel Molina Rueda wrote: > > > > Hello, > > > > > > > > I have a network and im trying to do transparent web-cache with Squid, > > > > but my network is too complex and i prefer not to edit settings so i > > > > think a bridge is adecuated. My network is > > > > > > > > ((internet)) > > > > > > > > +--+ > > > > > > > > |router| > > > > > > > > +--+ > > > > > > > > * <--- Squid here > > > > > > > > ++ > > > > > > > > | switch | > > > > > > > > ++ > > > > > > > > | | | \ > > > > | | | \ > > > > > > > > (clients) (wireless clients) > > > > > > I'd put squid _on_ the router box, add transparent redirect > > > and compile squid with Linux trasparent redirect support. > > > > > > No need to mess with bridging. > > > > > > Works for me. > > > > Would be great, but it is a Cisco router, i cant install squid on it. Also > > i cannot route www traffic directly to the squid box, i need it to be a > > ghost machine, so if it fails i can unplug the cable and plug it to the > > router. > > But you can get rid of cisco altogether ;) > > What cisco does for you that Linux won't, > except for more pricey hardware? > -- > vda > This message was sent using IMP, the Internet Messaging Program.
Re: [squid-users] iptables and transparent proxy squid
Mensaje citado por Darren Spruell <[EMAIL PROTECTED]>: > Ariel Molina Rueda wrote: > [...] > > I cant find the way to capture www traffic, i use iptables but > > the access.log file in Squid log is always empty, so squid is not > > receiving anything. > > > > Is there a second way to do this without using a bridge? > > why iptables isnt working? > > > > I found this > > http://www.squid-cache.org/mail-archive/squid-users/200303/1213.html > > > > but it doesnt say how to solve the problem. > > If there is a second way to solve this i would like to hear about that... > > Could you just redirect all port 80 traffic going in on your router > interface back to the 200.x.x.11 address for squid? You would have to > not redirect from the proxy out. I really dont want to do that, that's why im using a bridge and messing up with iptables on the squid machine itself. I easily could modify routing in the main router, but the problem will be when the squid server crashes (or even worse, if it dies!), if the Squid machine has a problem i will have to re-adapt routing. In the other hand, if i use a bridge (os something similar) i can just unplug the cable from the squid-box, and plug it to the router; this will easily and quickly restore web access, until i figure out what happened to the squid-box. So i need a transparent squid-box that can be replaced, updated or removed (when it dies) anytime. I know some people has been doing it but i just been unable to find out a site that tells me how. The last thing i found is that iptables can not "see" the bridge packages and that i need ebtables and a kernel patch. But in the how to of squid transparent it says something about a bridged transparent proxy. I just wont work, i have tried it. This message was sent using IMP, the Internet Messaging Program.
[squid-users] iptables and transparent proxy squid
Hello, I have a network and im trying to do transparent web-cache with Squid, but my network is too complex and i prefer not to edit settings so i think a bridge is adecuated. My network is ((internet)) | | +--+ |router| +--+ | | * <--- Squid here | | ++ | switch | ++ | | | \ | | | \ (clients) (wireless clients) The squid box will be |eth1 to router ++ | SQUID | ++ |eth0 to switch Facts 1) Every client is using Real IP address 200.x.x.x 2) My router is 200.x.x.1 3) Squid is supposed to use 200.x.x.11 Objetives 4) Squid machine will capture www traffic and redirect it to itself so it can do web-cache 5) All other traffic should pass unaffected, because clients could have their own Webservers, ssh servers, etc. I searched google and found the way to do it with a bridge A bridge fowards everything and acomplishes Objetive 5) BUT I cant find the way to capture www traffic, i use iptables but the access.log file in Squid log is always empty, so squid is not receiving anything. Is there a second way to do this without using a bridge? why iptables isnt working? I found this http://www.squid-cache.org/mail-archive/squid-users/200303/1213.html but it doesnt say how to solve the problem. If there is a second way to solve this i would like to hear about that... Thanks in advance! This message was sent using IMP, the Internet Messaging Program.
[squid-users] Info about files and performance
Hello, is there a relation in performance between the size of squid.conf, porn.block, porn.desblock and squid? i.e. by eliminatig all comentaries in squid.conf the performance is better or by having a large list in porn.block the performance is worst? thanks in advance for any advice Diego Dasso ___ Advertencia: Este mensaje contiene la opinion personal del remitente y la Universidad Catolica Nuestra Senora de la Asuncion no asume responsabilidad alguna con relacion al contenido del presente mensaje. Cualquier consulta realizar por favor a [EMAIL PROTECTED] . Protected by LED
