Re: [squid-users] Squid3 issues
- Original Message - From: "Amos Jeffries" To: Sent: Saturday, March 20, 2010 1:38 AM Subject: Re: [squid-users] Squid3 issues a...@gmail wrote: Well IRC can be accessed with IRC clients such as mIRC and so on But they can also be accessed via the web with Java Applets using in fact a web browser That's why I am asking the question, if anyone has had this done. Ah okay. I think you will find that those IRC Java applets use IRC protocol natively in the background. Only using the browser for a GUI. The ones I've seen were like that. Yes the Applet is configured to connect to any of these ports 6667-7000 for argument sake it's usually 6667. And yes the browser is used for GUI As for Digichat, is a 100% Java written programme, and it also uses the Web browser for clients to connect to it from outside with a Java Applet. It uses http, what they were saying there was about the hosting server on their servers I have my own Digichat server, which is hosted in my house. So if they can do it even with a proxy I am sure I can do it. And If I get it to work then I will post how I did it in case someone else is looking for a solution of the same nature or same service. Because these services were running fine on port 80 with no problems, I mean clients could easily access these servers from the HTTP port 80 and then they are redirected to the server's ports: IRC -7000 and Digichat usually on 8396 So I will post back if I get it up and running Regards Adam Oh. Okay. It sounds like they should keep working then even if Squid is in front. The Digichat (port 80 of Digichat at least) may be just another cache_peer entry for Squid. This is what is says in the documentation anyway HTTP Tunneling Servlet Configuration The DigiChat client connects to the DigiChat server through six default TCP ports: 8396, 58396, 443, 110, 119, 25. Users that access the Internet from behind a firewall or proxy server will generally have those ports blocked on their systems. DigiChat will display an error when it is not able to access the necessary ports. In order to allow access to the applet for users behind firewalls and proxy servers, HTTP Tunneling functionality has been implemented with the DigiChat software. Generally, ports 80 and 8080 are available to users behind such systems. The HTTP Tunneling Servlet can listen on these ports and pass the connection to the DigiChat Server. Regards Adam - Original Message - From: "Amos Jeffries" To: Sent: Saturday, March 20, 2010 12:12 AM Subject: Re: [squid-users] Squid3 issues a...@gmail wrote: Hi Amos, I forgot to ask you about this comment Amos Wrote: " The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP" I said that because my reading of one of your earlier messages it appeared that you were getting frustrated by Squid not proxying traffic for those services. I'm not sure if you are wanting Squid to gateway access for your client machines to those server(s), which is possible with some client configuration. DigiWeb sounds like it needs special licenses to be configured that way. I'm not sure if you are wanting to gateway traffic from the general public to those servers. Which is not possible for IRC and seems not for DigiWeb either. According to you or from what I understand, proxy server (Squid) can only allow HTTP/HTTPS requests, correct? Yes. If that's a yes, what are we going to do with all hundreds of requests then? I don't understand what you mean by "hundreds of requests". What type of requests and for what? user requests for access? software requests for non-HTTP stuff? You know as well as I do, running servers and services, you don't just run programmes and applications that are passed through http So if the only access to A "network" is through 3128 (http) what happens to the rest of the services that we can provide? Your public (externally visible) services should not be published on port 3128 unless you are offering proxy services. I am a little confused, so in my opinion correct me if I am wrong, we must allow through DNAT "iptables" all other services that don't use http, for the simple reason, those requests will be rejected by the Proxy server. Maybe. It gets complicated. 1) Squid can only handle HTTP inbound to Squid. 2) You could do routing or port forwarding (DNAT) with iptables, or use other non-Squid proxy software for each publicly provided protocol. Amos -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18 -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18
Re: [squid-users] Squid3 issues
a...@gmail wrote: Well IRC can be accessed with IRC clients such as mIRC and so on But they can also be accessed via the web with Java Applets using in fact a web browser That's why I am asking the question, if anyone has had this done. Ah okay. I think you will find that those IRC Java applets use IRC protocol natively in the background. Only using the browser for a GUI. The ones I've seen were like that. As for Digichat, is a 100% Java written programme, and it also uses the Web browser for clients to connect to it from outside with a Java Applet. It uses http, what they were saying there was about the hosting server on their servers I have my own Digichat server, which is hosted in my house. So if they can do it even with a proxy I am sure I can do it. And If I get it to work then I will post how I did it in case someone else is looking for a solution of the same nature or same service. Because these services were running fine on port 80 with no problems, I mean clients could easily access these servers from the HTTP port 80 and then they are redirected to the server's ports: IRC -7000 and Digichat usually on 8396 So I will post back if I get it up and running Regards Adam Oh. Okay. It sounds like they should keep working then even if Squid is in front. The Digichat (port 80 of Digichat at least) may be just another cache_peer entry for Squid. Amos - Original Message - From: "Amos Jeffries" To: Sent: Saturday, March 20, 2010 12:12 AM Subject: Re: [squid-users] Squid3 issues a...@gmail wrote: Hi Amos, I forgot to ask you about this comment Amos Wrote: " The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP" I said that because my reading of one of your earlier messages it appeared that you were getting frustrated by Squid not proxying traffic for those services. I'm not sure if you are wanting Squid to gateway access for your client machines to those server(s), which is possible with some client configuration. DigiWeb sounds like it needs special licenses to be configured that way. I'm not sure if you are wanting to gateway traffic from the general public to those servers. Which is not possible for IRC and seems not for DigiWeb either. According to you or from what I understand, proxy server (Squid) can only allow HTTP/HTTPS requests, correct? Yes. If that's a yes, what are we going to do with all hundreds of requests then? I don't understand what you mean by "hundreds of requests". What type of requests and for what? user requests for access? software requests for non-HTTP stuff? You know as well as I do, running servers and services, you don't just run programmes and applications that are passed through http So if the only access to A "network" is through 3128 (http) what happens to the rest of the services that we can provide? Your public (externally visible) services should not be published on port 3128 unless you are offering proxy services. I am a little confused, so in my opinion correct me if I am wrong, we must allow through DNAT "iptables" all other services that don't use http, for the simple reason, those requests will be rejected by the Proxy server. Maybe. It gets complicated. 1) Squid can only handle HTTP inbound to Squid. 2) You could do routing or port forwarding (DNAT) with iptables, or use other non-Squid proxy software for each publicly provided protocol. Amos -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18 -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18
Re: [squid-users] Squid3 issues
Well IRC can be accessed with IRC clients such as mIRC and so on But they can also be accessed via the web with Java Applets using in fact a web browser That's why I am asking the question, if anyone has had this done. As for Digichat, is a 100% Java written programme, and it also uses the Web browser for clients to connect to it from outside with a Java Applet. It uses http, what they were saying there was about the hosting server on their servers I have my own Digichat server, which is hosted in my house. So if they can do it even with a proxy I am sure I can do it. And If I get it to work then I will post how I did it in case someone else is looking for a solution of the same nature or same service. Because these services were running fine on port 80 with no problems, I mean clients could easily access these servers from the HTTP port 80 and then they are redirected to the server's ports: IRC -7000 and Digichat usually on 8396 So I will post back if I get it up and running Regards Adam - Original Message - From: "Amos Jeffries" To: Sent: Saturday, March 20, 2010 12:12 AM Subject: Re: [squid-users] Squid3 issues a...@gmail wrote: Hi Amos, I forgot to ask you about this comment Amos Wrote: " The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP" I said that because my reading of one of your earlier messages it appeared that you were getting frustrated by Squid not proxying traffic for those services. I'm not sure if you are wanting Squid to gateway access for your client machines to those server(s), which is possible with some client configuration. DigiWeb sounds like it needs special licenses to be configured that way. I'm not sure if you are wanting to gateway traffic from the general public to those servers. Which is not possible for IRC and seems not for DigiWeb either. According to you or from what I understand, proxy server (Squid) can only allow HTTP/HTTPS requests, correct? Yes. If that's a yes, what are we going to do with all hundreds of requests then? I don't understand what you mean by "hundreds of requests". What type of requests and for what? user requests for access? software requests for non-HTTP stuff? You know as well as I do, running servers and services, you don't just run programmes and applications that are passed through http So if the only access to A "network" is through 3128 (http) what happens to the rest of the services that we can provide? Your public (externally visible) services should not be published on port 3128 unless you are offering proxy services. I am a little confused, so in my opinion correct me if I am wrong, we must allow through DNAT "iptables" all other services that don't use http, for the simple reason, those requests will be rejected by the Proxy server. Maybe. It gets complicated. 1) Squid can only handle HTTP inbound to Squid. 2) You could do routing or port forwarding (DNAT) with iptables, or use other non-Squid proxy software for each publicly provided protocol. Amos -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18
Re: [squid-users] Squid3 issues
a...@gmail wrote: Hi Amos, Thanks again for your reply, I have tried these two links, I have used them for one server at a time, or maybe the issue is that I was trying to access the backend Server which is currently running in virtualhost mode and holds the 3 websites. As I said before I have completely uninstalled the previous Squid, I reinstalled it again this time, configured it and compiled it (manually) I had some issues with permissions, first the cache logs and then the swap file directory but it's all sorted. Now when ever I start Squid with Squid -NCd 10 I check if everything is running ok, so I get this warning: ClientParseRequestMethod: Unsupported method attempted by : 111.118.144.225 This is not a bug. see Squid.conf extension methods ClientProcess Invalid Request. The line above (or maybe below) should indicate what request methods was used. If it looks like garbage it is not HTTP. This is caused commonly by apps which send their non-HTTP stuff through port 80. Or, by overly wide DNAT / interception rules grabbing non-80 ports and pushing their data into Squid. Let me just point out that first I have no idea where this IP originate from, I tried Dnsstuff to figure out where it's coming from, I am not sure if it's a Google crawler or someone else, the information wasn't clear. Well, it is probably coming for outside your network and being set to your Squid. But it's definitely not one of my IPs Second, the proxy at the moment is behind a router and is not connected to any of "Local" clients yet, I wanted to run it first before I can connect it as a "Proxy-Router" How can I prevent this from accessing it because it's persisting connection it will soon cripple the server. Does anyone know who owns this IP address please? 111.118.144.225 The whois tool is a first step to finding out: whois 111.118.144.225 I wont publish their contact details here, but the whois command will show them to you if you really need them. It's one of their customers probably. All I got as info is this Location: Cambodia [City: Phnom Penh, Phnum Penh]Maybe I need to block their IP if I can.At the moment the proxy server is set as a standalone machine connected through a router so I can't understand why is it gettingthese requests, from outside.Any ideas please? Firstly, check your firewall rules that public traffic really is not being explicitly sent to the proxy yet. If you can confirm that it really should not, add an iptables rule to DROP packets coming from it before they go anywhere. Maybe you face an attack or an infected/insecure machine already on your network. Either way its worth finding out more about what that IP is/was doing and why. Amos Amos wrote: a...@gmail wrote: Hi Amos, Thanks for your comments, All I was doing is hit reply, this is the very first time ever I used any mailing list It doesn't matter anymore, I am sorry if I offended anyone, it was not my intention, when I get an email I simply hit reply I will try and solve my problems, and if I do get it to work I will certainly post the solution for future users who might face the same problem As for now, I just want to thank you all I have previously installed an older version of Squid compiled it manually it wasn't the one packaged with the OS (Ubuntu hardy) after few days trying to get it to work, I mean as a reverse proxy, with no luck, I removed it, tried the version 3.0 the one that was packaged with the Os, I got as far as allowing clients on my network to have access to the internet and most of other applications on windows XP couldn't connect. Windows apps sadly often have to be individually configured for the proxy. A lot are not able to use proxies at all. For the MS software on WindowsXP, set the IE "Internet Options" then at the command line running "proxycfg -u". That proxycfg -u seems trivial, but it is seriously important for Windows XP or a lot of HTTP service stuff in the background will not work even with IE set correctly. Also worth noting is that proxy auto-detect is not done by several of the back-end libraries either. Including windows update :( anyway this time around I have downloaded it again configured it compiled it and installed it, it's not starting but this is a minor problem, it's a permission issue rather than anything else. I just want to say, thank you all, If I do get it to work I will post the solution as promised if not that means I have moved on and no longer using Squid3. I will break it down for others to see and it will hopefully help others: Here it is: 1) Machine A Proxy-Router 2) Machine DSN DHCP 3) Web-server One www.example.com 4) Web-server Twowww.example.org 5) Web-server Three www.example.net 6) IRC-server / Digichat server Plus 5 Windows clients I wanted a proxy server in the for two good reasons, one is for loadbalancing and second for an extra layer of security Currently I have
Re: [squid-users] Squid3 issues
a...@gmail wrote: Hi Amos, I forgot to ask you about this comment Amos Wrote: " The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP" I said that because my reading of one of your earlier messages it appeared that you were getting frustrated by Squid not proxying traffic for those services. I'm not sure if you are wanting Squid to gateway access for your client machines to those server(s), which is possible with some client configuration. DigiWeb sounds like it needs special licenses to be configured that way. I'm not sure if you are wanting to gateway traffic from the general public to those servers. Which is not possible for IRC and seems not for DigiWeb either. According to you or from what I understand, proxy server (Squid) can only allow HTTP/HTTPS requests, correct? Yes. If that's a yes, what are we going to do with all hundreds of requests then? I don't understand what you mean by "hundreds of requests". What type of requests and for what? user requests for access? software requests for non-HTTP stuff? You know as well as I do, running servers and services, you don't just run programmes and applications that are passed through http So if the only access to A "network" is through 3128 (http) what happens to the rest of the services that we can provide? Your public (externally visible) services should not be published on port 3128 unless you are offering proxy services. I am a little confused, so in my opinion correct me if I am wrong, we must allow through DNAT "iptables" all other services that don't use http, for the simple reason, those requests will be rejected by the Proxy server. Maybe. It gets complicated. 1) Squid can only handle HTTP inbound to Squid. 2) You could do routing or port forwarding (DNAT) with iptables, or use other non-Squid proxy software for each publicly provided protocol. Amos -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18
Re: [squid-users] Squid3 issues
Hi Amos, I forgot to ask you about this comment Amos Wrote: " The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP" According to you or from what I understand, proxy server (Squid) can only allow HTTP/HTTPS requests, correct? If that's a yes, what are we going to do with all hundreds of requests then? You know as well as I do, running servers and services, you don't just run programmes and applications that are passed through http So if the only access to A "network" is through 3128 (http) what happens to the rest of the services that we can provide? I am a little confused, so in my opinion correct me if I am wrong, we must allow through DNAT "iptables" all other services that don't use http, for the simple reason, those requests will be rejected by the Proxy server. For instance IRC servers use mainly these ports -7000 the standard port is 6667 Is the proxy server able to handle these ports?. As for the Digichat server here is what is said about on their website Will DigiChat work through firewalls and proxy servers? All DigiChat licenses and chat hosting plans allow you to customize the ports used, providing your users access through firewalls. Additionally, DigiChat offers HTTP Tunneling functionality on select server licenses. This feature allows your chatters to use DigiChat from behind protective proxy servers. It is important that you understand the proper configuring of server ports in order for this feature to perform optimally. To ensure proper performance of DigiChat, please refer to the product documentation or consult a DigiChat support representative. NOTE: Some advanced features such as Audio chat (voice) or Video chat (web cam chat) make use of UDP ports for proper operation and as such are NOT tunnelled. Please configure your firewall so that such advanced features will work without interruption. If anyone is interested to find out more about this here is the link http://www.digichat.com/PDF/DC_FAQ.pdf Regards Adam
Re: [squid-users] Squid3 issues
Hi Amos, Thanks again for your reply, I have tried these two links, I have used them for one server at a time, or maybe the issue is that I was trying to access the backend Server which is currently running in virtualhost mode and holds the 3 websites. As I said before I have completely uninstalled the previous Squid, I reinstalled it again this time, configured it and compiled it (manually) I had some issues with permissions, first the cache logs and then the swap file directory but it's all sorted. Now when ever I start Squid with Squid -NCd 10 I check if everything is running ok, so I get this warning: ClientParseRequestMethod: Unsupported method attempted by : 111.118.144.225 This is not a bug. see Squid.conf extension methods ClientProcess Invalid Request. Let me just point out that first I have no idea where this IP originate from, I tried Dnsstuff to figure out where it's coming from, I am not sure if it's a Google crawler or someone else, the information wasn't clear. But it's definitely not one of my IPs Second, the proxy at the moment is behind a router and is not connected to any of "Local" clients yet, I wanted to run it first before I can connect it as a "Proxy-Router" How can I prevent this from accessing it because it's persisting connection it will soon cripple the server. Does anyone know who owns this IP address please? 111.118.144.225 All I got as info is this Location: Cambodia [City: Phnom Penh, Phnum Penh]Maybe I need to block their IP if I can.At the moment the proxy server is set as a standalone machine connected through a router so I can't understand why is it gettingthese requests, from outside.Any ideas please?RegardsAdam- Original Message - From: "Amos Jeffries" To: Sent: Friday, March 19, 2010 2:53 PM Subject: Re: [squid-users] Squid3 issues a...@gmail wrote: Hi Amos, Thanks for your comments, All I was doing is hit reply, this is the very first time ever I used any mailing list It doesn't matter anymore, I am sorry if I offended anyone, it was not my intention, when I get an email I simply hit reply I will try and solve my problems, and if I do get it to work I will certainly post the solution for future users who might face the same problem As for now, I just want to thank you all I have previously installed an older version of Squid compiled it manually it wasn't the one packaged with the OS (Ubuntu hardy) after few days trying to get it to work, I mean as a reverse proxy, with no luck, I removed it, tried the version 3.0 the one that was packaged with the Os, I got as far as allowing clients on my network to have access to the internet and most of other applications on windows XP couldn't connect. Windows apps sadly often have to be individually configured for the proxy. A lot are not able to use proxies at all. For the MS software on WindowsXP, set the IE "Internet Options" then at the command line running "proxycfg -u". That proxycfg -u seems trivial, but it is seriously important for Windows XP or a lot of HTTP service stuff in the background will not work even with IE set correctly. Also worth noting is that proxy auto-detect is not done by several of the back-end libraries either. Including windows update :( anyway this time around I have downloaded it again configured it compiled it and installed it, it's not starting but this is a minor problem, it's a permission issue rather than anything else. I just want to say, thank you all, If I do get it to work I will post the solution as promised if not that means I have moved on and no longer using Squid3. I will break it down for others to see and it will hopefully help others: Here it is: 1) Machine A Proxy-Router 2) Machine DSN DHCP 3) Web-server One www.example.com 4) Web-server Twowww.example.org 5) Web-server Three www.example.net 6) IRC-server / Digichat server Plus 5 Windows clients I wanted a proxy server in the for two good reasons, one is for loadbalancing and second for an extra layer of security Currently I have all of the three websites above running on a single machine on a virtualhosts, but it's too much for one machine to handle all the requests. I always wanted to use a proxy server but I was putting it off. a) I knew it was going to be a challenge b) I was trying to get sometime off in order to do it properly Basically all I wanted for now is to forward all requests to the relevant backend servers, to which I knew it was going to be a challenge The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP. For the reverse proxying of your websites: pick one of the web servers to start with and this is the wiki article you need for that website: http://wiki.squid-cache.org/ConfigExampl
Re: [squid-users] Squid3 issues
a...@gmail wrote: Hi Amos, Thanks for your comments, All I was doing is hit reply, this is the very first time ever I used any mailing list It doesn't matter anymore, I am sorry if I offended anyone, it was not my intention, when I get an email I simply hit reply I will try and solve my problems, and if I do get it to work I will certainly post the solution for future users who might face the same problem As for now, I just want to thank you all I have previously installed an older version of Squid compiled it manually it wasn't the one packaged with the OS (Ubuntu hardy) after few days trying to get it to work, I mean as a reverse proxy, with no luck, I removed it, tried the version 3.0 the one that was packaged with the Os, I got as far as allowing clients on my network to have access to the internet and most of other applications on windows XP couldn't connect. Windows apps sadly often have to be individually configured for the proxy. A lot are not able to use proxies at all. For the MS software on WindowsXP, set the IE "Internet Options" then at the command line running "proxycfg -u". That proxycfg -u seems trivial, but it is seriously important for Windows XP or a lot of HTTP service stuff in the background will not work even with IE set correctly. Also worth noting is that proxy auto-detect is not done by several of the back-end libraries either. Including windows update :( anyway this time around I have downloaded it again configured it compiled it and installed it, it's not starting but this is a minor problem, it's a permission issue rather than anything else. I just want to say, thank you all, If I do get it to work I will post the solution as promised if not that means I have moved on and no longer using Squid3. I will break it down for others to see and it will hopefully help others: Here it is: 1) Machine A Proxy-Router 2) Machine DSN DHCP 3) Web-server One www.example.com 4) Web-server Twowww.example.org 5) Web-server Three www.example.net 6) IRC-server / Digichat server Plus 5 Windows clients I wanted a proxy server in the for two good reasons, one is for loadbalancing and second for an extra layer of security Currently I have all of the three websites above running on a single machine on a virtualhosts, but it's too much for one machine to handle all the requests. I always wanted to use a proxy server but I was putting it off. a) I knew it was going to be a challenge b) I was trying to get sometime off in order to do it properly Basically all I wanted for now is to forward all requests to the relevant backend servers, to which I knew it was going to be a challenge The "IRC-server / Digichat server" may not be proxy-able at all through Squid. It depends if they use HTTP services, or if they are accessible via HTTP. For the reverse proxying of your websites: pick one of the web servers to start with and this is the wiki article you need for that website: http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator Note, the config settings must be going in above all the default http_access lines currently in your config. The default http_access are for forward-proxy and will block external access. Then when thats tested and working, this config describes what to add to the above to get multiple websites from multiple servers: http://wiki.squid-cache.org/ConfigExamples/Reverse/MultipleWebservers At this point or even with just one server setup you may hit the FD overload problem again. Why: Squid uses 2-3 FD for every request (client, cache file, and maybe server connections) and clients like making 4-16 requests in parallel each these days and make them is persistent for many minutes at a stretch. FD run out fast. For reverse-proxies on a fairly used site it may be a good idea to have many FD available to Squid (64K or even 128K has been cited a needed). Amos -- Please be using Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25 Current Beta Squid 3.1.0.18
[squid-users] Squid3 issues
Hi Amos, Thanks for your comments, All I was doing is hit reply, this is the very first time ever I used any mailing list It doesn't matter anymore, I am sorry if I offended anyone, it was not my intention, when I get an email I simply hit reply I will try and solve my problems, and if I do get it to work I will certainly post the solution for future users who might face the same problem As for now, I just want to thank you all I have previously installed an older version of Squid compiled it manually it wasn't the one packaged with the OS (Ubuntu hardy) after few days trying to get it to work, I mean as a reverse proxy, with no luck, I removed it, tried the version 3.0 the one that was packaged with the Os, I got as far as allowing clients on my network to have access to the internet and most of other applications on windows XP couldn't connect. anyway this time around I have downloaded it again configured it compiled it and installed it, it's not starting but this is a minor problem, it's a permission issue rather than anything else. I just want to say, thank you all, If I do get it to work I will post the solution as promised if not that means I have moved on and no longer using Squid3. I will break it down for others to see and it will hopefully help others: Here it is: 1) Machine A Proxy-Router 2) Machine DSN DHCP 3) Web-server One www.example.com 4) Web-server Twowww.example.org 5) Web-server Three www.example.net 6) IRC-server / Digichat server Plus 5 Windows clients I wanted a proxy server in the for two good reasons, one is for loadbalancing and second for an extra layer of security Currently I have all of the three websites above running on a single machine on a virtualhosts, but it's too much for one machine to handle all the requests. I always wanted to use a proxy server but I was putting it off. a) I knew it was going to be a challenge b) I was trying to get sometime off in order to do it properly Basically all I wanted for now is to forward all requests to the relevant backend servers, to which I knew it was going to be a challenge Once again I am sorry if I offended anyone it wasn't my intention I will manage to sort it out or simply move on and try something else Thank you all Best Regards Adam
Re: [squid-users] Squid3 issues
Hi, As a common courtesy I did give my name at the end, with best regards "Adam" if you really looked. And when I created this account years ago, I named it Gmail because I have many other accounts, it helps me filter through my email boxes, second of all I am new to the mainling list system, I receive an email I hit reply to the person that answered me And please just forget it, will you, I am no longer seeking any help I told you before, you asked me to describe my scenario, so I did but I really don't need help thanks all the same. If you looked on my reply I did say "Best Regards Adam" Thanks for your time and good luck Regards ADAM - Original Message - From: "Nyamul Hassan" To: "Squid Users" Sent: Friday, March 19, 2010 6:33 AM Subject: Fwd: [squid-users] Squid3 issues Hi, As a normal courtesy on regular mailing lists, it is more appropriate to use your "regular name", rather than just "GMail". The answers on this list still come from humans, and it's always nice to know the name of the person we're communicating with. Also, in one of your emails, you said that you had a FD problem, which can only happen if you have a working Squid, which is processing a lot of requests. Please confirm if that is correct. And, if your're seeing this, then I believe you have already read Amos's post. I'm forwarding this to the list. I'm more of a "forward proxy" guy, so the more adept members of the list would be of more helpful in your scenario. Regards HASSAN ------ Forwarded message -- From: Gmail Date: Fri, Mar 19, 2010 at 3:29 AM Subject: Re: [squid-users] Squid3 issues To: Nyamul Hassan I'd rather use it in hosting like setup, considering I have other clients not only the webservers so if it's possible which I believe it is, to use it as Hosting setup Thanks Let me give you a quick insight of my network All my machines run Ubuntu hardy 8 my network is based on 192.1.1.0/24 1) DNS / DHCP Examples (192.168.1.1) 2) Router (Squid) Proxy (192.168.1.4) 3) Webserver xxx.xxx.x. 5 4) Websever xxx.xxx.x.6 5) Websever xxx.xxx.x 7 6) IRC Server xxx.xxx.110 7) Digichat 100% (java) / Flash Servers xxx.xxx.x 112 5) Windows XP clients range 192.168.1.3 - 192.168.1.2 - 192.168.1.8 - 192.168.1.111 - 192.168.1.113 Other machines are not connected yet The above are just examples Two network switches Hope that helps Thanks - Original Message - From: "Nyamul Hassan" To: "Squid Users" Sent: Thursday, March 18, 2010 9:05 PM Subject: Re: [squid-users] Squid3 issues So, do you want to use proxy in an ISP like setup? Or in a Web Hosting like setup? Regards HASSAN On Fri, Mar 19, 2010 at 2:25 AM, Gmail wrote: Ok I'll try and clarify it (thanks btw) I am running 3 websites on one single machine and have been for few years, then the load started to grow, then I decided to have a go at a proxy server: I was actually putting off for a couple of years, simply because I am very restricted time wise I have as I said 3 different websites running on one single machine in a vhost mode three websites with three different domain names. Let's say 1) example.com, example.net, example.org all pointing eventually to the same IP address as I said it worked perfectly but it started to slow down a bit as the load gets too much for one machine to handle. On top of that I run other servers on different machines, such as Chat servers (IRC, Flash, DigiChat) , and various other applications. Now, I am using this machine as a proxy server (reverse proxy server) and a router at the same time using iptables, and I use another machine as a DNS/DHCP servers, all configured and working fine indeed no problems at all. Now, I really struggled to get the clients on my network to have access to the internet, I mean just to browse the net, I did in the end, but every single example I followed not a single one worked for me, I don't know how many forums and articles I read. I have applied so many examples no luck. So basically no requests were passed to the backend server, all I wanted is to get those requests forwarded to the web-server and if that works then I will add three more machines as backend servers and each machine will hold one website with it's DB and so on.. That was my plan anyway, And I found myself in ever decreasing circle going around in circle, following some people's examples and nothing worked, I tried to find information for example about, how to setup a cache parent, sibbling and so on, not a single word about, I even read O'reilly's articles. In those examples for instance they mention a parent in order to forward a request, without telling you how to set a parent, and if you don't have a parent, does that mean you can't use a proxy server, and If I had a parent where would it be?
Fwd: [squid-users] Squid3 issues
Hi, As a normal courtesy on regular mailing lists, it is more appropriate to use your "regular name", rather than just "GMail". The answers on this list still come from humans, and it's always nice to know the name of the person we're communicating with. Also, in one of your emails, you said that you had a FD problem, which can only happen if you have a working Squid, which is processing a lot of requests. Please confirm if that is correct. And, if your're seeing this, then I believe you have already read Amos's post. I'm forwarding this to the list. I'm more of a "forward proxy" guy, so the more adept members of the list would be of more helpful in your scenario. Regards HASSAN -- Forwarded message -- From: Gmail Date: Fri, Mar 19, 2010 at 3:29 AM Subject: Re: [squid-users] Squid3 issues To: Nyamul Hassan I'd rather use it in hosting like setup, considering I have other clients not only the webservers so if it's possible which I believe it is, to use it as Hosting setup Thanks Let me give you a quick insight of my network All my machines run Ubuntu hardy 8 my network is based on 192.1.1.0/24 1) DNS / DHCP Examples (192.168.1.1) 2) Router (Squid) Proxy (192.168.1.4) 3) Webserver xxx.xxx.x. 5 4) Websever xxx.xxx.x.6 5) Websever xxx.xxx.x 7 6) IRC Server xxx.xxx.110 7) Digichat 100% (java) / Flash Servers xxx.xxx.x 112 5) Windows XP clients range 192.168.1.3 - 192.168.1.2 - 192.168.1.8 - 192.168.1.111 - 192.168.1.113 Other machines are not connected yet The above are just examples Two network switches Hope that helps Thanks - Original Message - From: "Nyamul Hassan" To: "Squid Users" Sent: Thursday, March 18, 2010 9:05 PM Subject: Re: [squid-users] Squid3 issues So, do you want to use proxy in an ISP like setup? Or in a Web Hosting like setup? Regards HASSAN On Fri, Mar 19, 2010 at 2:25 AM, Gmail wrote: > > Ok I'll try and clarify it (thanks btw) > I am running 3 websites on one single machine and have been for few years, > then the load started to grow, then I decided to have a go at a proxy > server: > I was actually putting off for a couple of years, simply because I am very > restricted time wise > I have as I said 3 different websites running on one single machine in a > vhost mode > > three websites with three different domain names. > > Let's say 1) example.com, example.net, example.org all pointing eventually > to the same IP address > as I said it worked perfectly but it started to slow down a bit as the load > gets too much for one machine to handle. > On top of that I run other servers on different machines, such as Chat > servers (IRC, Flash, DigiChat) , and various other applications. > > Now, I am using this machine as a proxy server (reverse proxy server) and a > router at the same time using iptables, and I use another machine as a > DNS/DHCP servers, all configured and working fine indeed no problems at all. > > Now, I really struggled to get the clients on my network to have access to > the internet, I mean just to browse the net, I did in the end, but every > single example I followed not a single one worked for me, I don't know how > many forums and articles I read. > I have applied so many examples no luck. > > So basically no requests were passed to the backend server, all I wanted is > to get those requests forwarded to the web-server and if that works then I > will add three more machines as backend servers and each machine will hold > one website with it's DB and so on.. > > That was my plan anyway, And I found myself in ever decreasing circle going > around in circle, following some people's examples and nothing worked, I > tried to find information for example about, how to setup a cache parent, > sibbling and so on, not a single word about, I even read O'reilly's > articles. > > > In those examples for instance they mention a parent in order to forward a > request, without telling you how to set a parent, and if you don't have a > parent, does that mean you can't use a proxy server, and If I had a parent > where would it be? and how to decide which one is the parent and which one > is the child etc.. NO indication not a single word, "they expect" you to > know all that as if you spent all you life working on their project, it > never occured to them that maybe some people won't know what is a parent or > how to set it up and so on.. > > > I can go on like this for a whole night, I know you're trying to help but to > be perfectly honest I am put off by this whole thing, I don't think I want > to use Squid at all, I reached a saturation point now. > > You see I know even if I get the thing off
Re: [squid-users] Squid3 issues
So, do you want to use proxy in an ISP like setup? Or in a Web Hosting like setup? Regards HASSAN On Fri, Mar 19, 2010 at 2:25 AM, Gmail wrote: > Ok I'll try and clarify it (thanks btw) > I am running 3 websites on one single machine and have been for few years, > then the load started to grow, then I decided to have a go at a proxy > server: > I was actually putting off for a couple of years, simply because I am very > restricted time wise > I have as I said 3 different websites running on one single machine in a > vhost mode > > three websites with three different domain names. > > Let's say 1) example.com, example.net, example.org all pointing eventually > to the same IP address > as I said it worked perfectly but it started to slow down a bit as the load > gets too much for one machine to handle. > On top of that I run other servers on different machines, such as Chat > servers (IRC, Flash, DigiChat) , and various other applications. > > Now, I am using this machine as a proxy server (reverse proxy server) and a > router at the same time using iptables, and I use another machine as a > DNS/DHCP servers, all configured and working fine indeed no problems at all. > > Now, I really struggled to get the clients on my network to have access to > the internet, I mean just to browse the net, I did in the end, but every > single example I followed not a single one worked for me, I don't know how > many forums and articles I read. > I have applied so many examples no luck. > > So basically no requests were passed to the backend server, all I wanted is > to get those requests forwarded to the web-server and if that works then I > will add three more machines as backend servers and each machine will hold > one website with it's DB and so on.. > > That was my plan anyway, And I found myself in ever decreasing circle going > around in circle, following some people's examples and nothing worked, I > tried to find information for example about, how to setup a cache parent, > sibbling and so on, not a single word about, I even read O'reilly's > articles. > > > In those examples for instance they mention a parent in order to forward a > request, without telling you how to set a parent, and if you don't have a > parent, does that mean you can't use a proxy server, and If I had a parent > where would it be? and how to decide which one is the parent and which one > is the child etc.. NO indication not a single word, "they expect" you to > know all that as if you spent all you life working on their project, it > never occured to them that maybe some people won't know what is a parent or > how to set it up and so on.. > > > I can go on like this for a whole night, I know you're trying to help but to > be perfectly honest I am put off by this whole thing, I don't think I want > to use Squid at all, I reached a saturation point now. > > You see I know even if I get the thing off the ground now, I am sure in a > few weeks time it will whinge at me or even in a few days time. > > Maybe one day if I have the time I can look into it in more details and take > the time to understand first it's concept and the way it works, it seems to > have it's own logic. > > If not I will just have to either purchase a software that does a similar > thing or use Apache as a proxy server and see how it goes. > > I just want to thank you for your time and your effort in trying to help > > Best regards > Adam > > - Original Message - From: "Nyamul Hassan" > To: "Squid Users" > Sent: Thursday, March 18, 2010 7:49 PM > Subject: Re: [squid-users] Squid3 issues > > > Please outline your scenario in detail. If you are facing problems > about FDs, then I take it that you already have a running instance, > but that your load is quite high to require more than the default 1024 > FDs. > > Did you get your OS limits changed to more than 1024? I modify my > servers to 65536 whenever I'm running Squid on them. > > Please outline your problem in more details, so that we can help you. > > Regards > HASSAN > > > > > On Fri, Mar 19, 2010 at 1:37 AM, Gmail wrote: >> >> Hello again, >> I am not ranting, I was merely expressing my opinion, well I never said I >> was an expert when it comes to the proxies I have never used them, this is >> my first attempt, yes Debian and Debian based distros are very very popular >> I have used many distros and by far I must admit that the debian is a >> fantastic OS, now it comes to tastes, some like FreeBSD, some like OpenSuse, >> some like Centos5, and so on I have seen many people usin
Re: [squid-users] Squid3 issues
Please outline your scenario in detail. If you are facing problems about FDs, then I take it that you already have a running instance, but that your load is quite high to require more than the default 1024 FDs. Did you get your OS limits changed to more than 1024? I modify my servers to 65536 whenever I'm running Squid on them. Please outline your problem in more details, so that we can help you. Regards HASSAN On Fri, Mar 19, 2010 at 1:37 AM, Gmail wrote: > > Hello again, > I am not ranting, I was merely expressing my opinion, well I never said I was > an expert when it comes to the proxies I have never used them, this is my > first attempt, yes Debian and Debian based distros are very very popular I > have used many distros and by far I must admit that the debian is a fantastic > OS, now it comes to tastes, some like FreeBSD, some like OpenSuse, some like > Centos5, and so on I have seen many people using Fedora, but I wasn't > impressed by it when I used it 2 years ago. anyway as I said it's a matter of > taste. > > You say I couldn't get it running yes, when I follow the instruction to the > letter and I mean to the letter, I have changed several times the config, to > just forward requests to the backend server "As a test" first the back end > server is running on virtualhosts, that was the reason, why I decided to > tackle Squid or a (proxy sever if you like). > > I took people's word for it, and I tried it, all I could get it to do is > allow some http clients to acces the internet, when I try and visit any of > the websites all I get is the "front page on the proxy itself" No matter what > I did either I get acces denied etc.. or I get invalid url, all of the > standard error message, and finally I got to get the default page of the > apache on the proxy itself, but not one request was forwarded to the backend > webserver. > > I am not mentionning other apps that don't work with Squid, just a few, such > as MSN, Steam, Utorrent and so on..and then I got the Warnings that my cache > is running out of file descriptors, no other programme ever did this to my > servers. > > I found squid extremely picky, extremely demanding, what I am saying is, 1024 > descriptors should be more than enough for it to run and considering the fact > that nothing else is running on that machine, it was a dedicated machine just > for squid3.0 > I got to the point where I couldn't even open the syslog because the buffer > limit was exceeded, and that was a couple days of me just trying testing it, > I managed to get the Utorrent working in the end, I had to use pidgin instead > of MSN for the clients because It was impossible to get MSN or Yahoo to > connect I haven't tried Skype though, but some people don't like Pidgin, they > prefer either MSN or Yahoo anyway that wasn't a big deal. > All I am saying is I found that Squid is very very demanding indeed, and if I > can't use it the way I like, what's the point? > Anyway, I have decided not to use it and leave it for people who are happy > with it and wish them good luck with it. > I haven't ignored anybody, I have always replied and to tell you the truth, I > have asked questions before and I was ignored, and that's fine all I was > asking if they had a decent documentation with clear examples. > The examples I read all made no sense to me, there are better ways of giving > good examples. > For example, they ask you to use a parent, a sibling etc. what if you don't > have any of these?? > > Anyway I don't know why you took it so personally, All I am saying here in > simple terms, when you write a program don't expect every person to know what > you're on about, make your example as simple as possible that anybody can > understand, people don't need to be experts in order to use that's all, and > if that offended and you can't take a bit of criticism than I can't help you. > > When I write a program and I get criticised I will listen and ask how would > they like to be and I will explain why I did it the way I did it. > Simple :-) > > Take care mate, we're going nowhere with this, thanks anyway for your replies > Regards > Adam > > - Original Message - From: "Nyamul Hassan" > To: > Sent: Thursday, March 18, 2010 6:28 PM > Subject: Re: [squid-users] Squid3 issues > > >> Your rant can be summarized as follows: >> >> 1. You are using a OS (and version) which (according to you) has poor >> documentation or other info. Ubuntu / Debian are very popular Linux >> flavours. As someone who claims to have been a Linux administrator
Re: [squid-users] Squid3 issues
Your rant can be summarized as follows: 1. You are using a OS (and version) which (according to you) has poor documentation or other info. Ubuntu / Debian are very popular Linux flavours. As someone who claims to have been a Linux administrator for "several years", haven't you ever come across the FD issue in any situation? Strange! 2. You are a single man catering to "many" servers, so you don't want to "waste time" with a software that you could not get running on an OS as in #1. The "we" in my email was meant to be my company. I personally see over all the installations we have. No one else as a helping hand. 3. You find a lot of people complaining that they can't run squid. But, you ignore a lot of other people (like myself and Jan who responded to your post) who are saying this is a brilliant piece of software. Instead of ranting, I would suggest you change your attitude, and start laying down the problems that you are facing. Someone from the community will always get back to you, as they have for me in the past. I have no intention of starting a flame war here. I just want you to calm down, and assure you, Squid in itself is a brilliant piece of code. Remember, this is the same software that serves Wikipedia, and that speaks a lot about how stable this software is. Also, Squid 3.0 is still under active development, and is not suitable for all scenarios. We use 2.7 because we use it as a forward proxy, and many features available in the 2.x branch have not yet been fully migrated to the 3.x branch. So, 2.7 suits our scenario more. Perhaps you can also mention what your scenario is. As for OS, I've seen some people say FreeBSD is one of the best OS for Squid. But, we ourselves are pretty happy with CentOS 5.x. So, find out what works for you. Ubuntu / Debian are also very popular Linux flavours, so I think you need to search some more about how to increase FDs. I hope you find solutions to your woes, and come to use Squid to your favour. Regards HASSAN - Original Message - From: "Gmail" To: "Nyamul Hassan" Sent: Friday, March 19, 2010 00:01 Subject: Re: [squid-users] Squid3 issues Hello, I did say that some people would disagree, I know that there are people who might find it brilliant I am not moaning, I was stating facts, you're talking about the version 2.7 or whatever you're using I am talking about version 3.0++. All of the examples don't make any sense I have followed them to the letter and yet I still got lot of issues, as for the emails I did reply to both of them and twice and I even sent another email asking another question, if it works for you then good for you, I am glad that some people like it. but for me it didn't work, no matter what I tried, I am using Ubuntu, that's another thing you will find certain things in details for most OSes but not for Ubuntu or even a debian and if you do find anything it's always with the older versions., which you know most things in the v2.0++ are not recognised in version 3.0 I have been a webmaster for many years and I have used many linux distros, I have compiled, installed and ran countless programmes. I also code in Java, and many other scripting languages, I am not exactly a novice. If you think the programme is so brilliant, then don't take my word for it, just check out the forums, mailing lists etc.. you will see how many people are having difficulties with squid, since it started. It hasn't got any better I had a go few years back I had the same problems back then. If you do like it good for you, and to tell me if I don't like it I shouldn't use it, yes if we had another option yes, but we don't, and it's not as good as people claim to be, the truth is, people don't have a choice or an alternative. If you're happy spending hours everyday solving one problem after another, be my guest but I hardly have the time to mock around with useless software, People should be able to use and run without having to become experts. The same things applies to the Linux community, that's why most pople can't be bothered to have linux in their homes, even though deep down they know that Microsoft isn't reliable. And you're talking in "we" meaning you have more than one person to run whatever you're running, as for me I am running everything all by myself, from the webservers, to the clients, to the DBs, to the chat servers, to the commercial websites, all by myself. So I don't have the time to waste with one program that is supposed to be compiled, installed and ran without any difficulties, not even a read me on how to install it., unless you run .configure --help in order to find the list of options, and most of them are not recognised and so on and so forth.
AW: [squid-users] Squid3 issues
I also say thanks to the squid-team for their excellent work & support ! We're running 4 squid-3.0 servers for our whole campus including c-icap from Tsantilas Christos, At the begining we had some implementation problems of course but that is normal. (Mostly due to Layer 8 issues.) But to summarize : we're really really satisfied with this nice piece of software even if I still don't know how it really works. What would you use instead of squid ? Bluecoat Inc. ? or maybe mod_proxy / mod_cache ? Mit freundlichen Grüssen Jan Universität Bern
Re: [squid-users] Squid3 issues
Your email is one long whining without much substance at all. I have been a member of this list for over 3 years now, and been using Squid for a year and a half. During all this time, I have always found this list to be hospitable, and helpful. If you don't like the software, then don't use it. It's not costing you anything. That being said, I have almost never found any attitude from any person on the list that says RTFM. Even when someone asks about obvious things, someone is kind enough to point to the right direction. We use over 4 Squid proxies (running 2.7STABLE7), running commodity hardware, and their performance has been more than satisfactory to us. However, we run all of them over CentOS 5+. Last year, even commercial vendor Bluecoat could not give us a strong enough reason to show that their product performed any better than Squid to justify the cost differential. If it is file descriptors that is creating problems, then you need to read the OS docs on how to increase that on the OS side. On CentOS, running "ulimit -n" shows how many FDs are allowed by the OS. As for Squid, a simple recompile with the "--with-maxfd=" flag worked like a charm for me. Using "squid -v" is always handy to get the existing compile-time flags first. Whatever your frustration at this point, whining over at the forum, and blaming everyone else and saying "admit that squid does not work", is pretty lame. Oh, by the way, I searched my email archives of the Squid Mailing List, with your "email id", and it turned out there is only one email from you, and that was only 15 hours ago, within which there have been 4 email responses already. You did not even reply to one of them saying what did not go as suggested. Regards HASSAN - Original Message - From: "Gmail" To: Sent: Thursday, March 18, 2010 19:30 Subject: [squid-users] Squid3 issues Hello everyone, I have been trying for nearly 5 weeks now to get this piece of software to work, I have tried several versions, I have tried it on several platforms, all I got from it is frustration, I know that some people would say what a fantastic piece of software. I have used many softwares, packages, compiled stuff for years, never ever had an experience such as this one, it's a package full of headaches, and problem after problem, And to be honest the feedback I get is always blaming other things, why can't you people just admit that Squid doesn't work at all, and you are not providing any help whatsoever, as if you expect everyone to be an expert. I also don't like the attitude of some people, talking to you as if you're an "idiot", while in fact you follow their suggestions to the letter and yet it doesn't work, instead of blaming the operating systems and blaming people for not knowing how to use it, why can't you try and do something that works for a change, I have wasted nearly 5 weeks day in day out sometimes I stayed til 3 or 4 am trying desperately to get this thing working. For instance if I compile with no options I know that somewhere down the line I am going to find out that I needed this or that, if I compile it with some options I get errors that don't make any sense, examples. I uninstalled the version that was packaged with Ubuntu hardy, I am trying to compile it so I won't have the same problem, with the file descriptors, I followed exactly the suggestions in the configure --help menu, yet I am getting an error, like Compile cannot create executable, or something to that effect. Not to mention when I tried to run it, it didn't forward any requests, I have followed all of the configuration examples and people's suggestions, never could forward any request to my backend server. After three weeks I managed to get my clients to have access to the internet, and many applications didn't work, such as Yahoo, Msn, Steam and so on, when I ask for help, nobody has an answer including some members of the team. Yes I can hear some arguments, saying but we are volunteers, true, but you either do something that works or don't. If I needed help for say, Unrealircd or any other program I know I can get help, and their documentaion, does what it says on the tin. you follow their instructions, you will get it to work exactly as they say. With squid, it doesn't work, that's all I am getting, I don't even believe that it works now to be honest, I am sorry I am not moaning but it's true, I have been on many forums for weeks and all I could see were problems people are facing with any version of squid , and no solutions are given very few and after you fix one problem 10 others pop up somewhere else I certainly don't want to spend my life fixing and bashing my head trying to find a solution, I want something that works, but unfortunately it doesn't
[squid-users] Squid3 issues
Hello everyone, I have been trying for nearly 5 weeks now to get this piece of software to work, I have tried several versions, I have tried it on several platforms, all I got from it is frustration, I know that some people would say what a fantastic piece of software. I have used many softwares, packages, compiled stuff for years, never ever had an experience such as this one, it's a package full of headaches, and problem after problem, And to be honest the feedback I get is always blaming other things, why can't you people just admit that Squid doesn't work at all, and you are not providing any help whatsoever, as if you expect everyone to be an expert. I also don't like the attitude of some people, talking to you as if you're an "idiot", while in fact you follow their suggestions to the letter and yet it doesn't work, instead of blaming the operating systems and blaming people for not knowing how to use it, why can't you try and do something that works for a change, I have wasted nearly 5 weeks day in day out sometimes I stayed til 3 or 4 am trying desperately to get this thing working. For instance if I compile with no options I know that somewhere down the line I am going to find out that I needed this or that, if I compile it with some options I get errors that don't make any sense, examples. I uninstalled the version that was packaged with Ubuntu hardy, I am trying to compile it so I won't have the same problem, with the file descriptors, I followed exactly the suggestions in the configure --help menu, yet I am getting an error, like Compile cannot create executable, or something to that effect. Not to mention when I tried to run it, it didn't forward any requests, I have followed all of the configuration examples and people's suggestions, never could forward any request to my backend server. After three weeks I managed to get my clients to have access to the internet, and many applications didn't work, such as Yahoo, Msn, Steam and so on, when I ask for help, nobody has an answer including some members of the team. Yes I can hear some arguments, saying but we are volunteers, true, but you either do something that works or don't. If I needed help for say, Unrealircd or any other program I know I can get help, and their documentaion, does what it says on the tin. you follow their instructions, you will get it to work exactly as they say. With squid, it doesn't work, that's all I am getting, I don't even believe that it works now to be honest, I am sorry I am not moaning but it's true, I have been on many forums for weeks and all I could see were problems people are facing with any version of squid , and no solutions are given very few and after you fix one problem 10 others pop up somewhere else I certainly don't want to spend my life fixing and bashing my head trying to find a solution, I want something that works, but unfortunately it doesn't. I am just going to try something else somewhere else, Thanks all the same for anyone who tried to help, but this is not for me, life is too short to waste anymore of my time, in trying to get something that doesn't work, "working" If anybody can prove me wrong: Regards All the best to everyone
