Re: [squid-users] Very slow squid

[db]

Matus UHLAR - fantomas skrev:

it seems that your squid does ident lookups for every user. if your users
run firewalls that drop packets to closed ports, this is the problem.
  

Argh crapWindows Xp firewall.thanks for you help :-@

br
db

Re: [squid-users] Very slow squid

[db]

Matus UHLAR - fantomas skrev:

it seems that your squid does ident lookups for every user. if your users
run firewalls that drop packets to closed ports, this is the problem.
  
I'm running identd on all clients and I have also tried without ident. 
To give a idea as to how slow:


proxy# squidclient -v -p 8080 http://www.borsenforum.com > LL

headers: 'GET http://www.borsenforum.com HTTP/1.0

Accept: */*



'

2006-04-26 10:09:52 [1]: 0.138 secs, 81.465127 KB/s (12KB)

But when I use firefox/explore it takes about 10 sec.

Can I provide you with any info? This really has to work soon so any 
help with be great :-)


br
db

[squid-users] Very slow squid

[db]

Hi all

I have just installed squid 2.5.13 on my FreeBSD proxy. The problem is not a 
slow internet connection or a slow machine, so I hope someone here can help me.

My conf:
proxy# more squid.conf | grep -v #
http_port 8080
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp:   144020% 10080
refresh_pattern ^gopher:14400%  1440
refresh_pattern .   0   20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl CONNECT method CONNECT

acl work_domains dstdomain 9_domains_listed
acl pause_domains dstdomain 5_domains_listed
acl arbejdstid time 08:00-16:00
acl pauser time 10:00-10:10 12:00-12:30 14:00-14:10
acl superbrugere ident Casper Anders Martin Pernille
acl porte port 80 443
acl ftp proto ftp

http_access allow superbrugere
http_access deny ftp
http_access deny !porte
http_access deny CONNECT !porte
http_access deny !arbejdstid
http_access allow work_domains
http_access allow pause_domains pauser
http_access deny all
http_reply_access allow all
icp_access allow all
cache_mgr [EMAIL PROTECTED]
mail_from [EMAIL PROTECTED]
visible_hostname my.domain
coredump_dir /usr/local/squid/cache

;---

This setup does work, but is insanely slow. I have tried different DNS 
servers, but with no luck.

Best regards
db

[squid-users] filtering new IE exploit

[DB]

I saw a new IE exploit descibed as follows:

-
http://www.secunia.com/advisories/10395/
Example displaying only "http://www.trusted_site.com"; in the address bar
when the real domain is "malicious_site.com":
http://[EMAIL PROTECTED]/malicious.html

I'm trying to use an acl to prevent access to such urls. I tried this:

acl ieflaw url_regex %01@

and

http_access deny ieflaw

but this doesn't seem to do anything at all

Can anyone help? This problem could be serious and who know when M$ will
get it patched.
DB