Re: [squid-users] SSL Bump, CA Cert

On 30/01/2015 1:43 p.m., Christian Kundela wrote: > Dear all, > > I have problems setting up explicit proxy. (interrcept tcp 80 no problem) > > If i doaself signed Cert, and i install it in Firefox or IE, no problem. > > but if i use a CA-Cert i am using a signed cert from cacert.org, SSl > Site

[squid-users] SSL Bump, CA Cert

Dear all, I have problems setting up explicit proxy. (interrcept tcp 80 no problem) If i doaself signed Cert, and i install it in Firefox or IE, no problem. but if i use a CA-Cert i am using a signed cert from cacert.org, SSl Site only TXT loaded and no pictures ... this i know, when something

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thank you, Amos. You break it down. :) I think, this is removes most of the questions. 29.01.2015 22:38, Amos Jeffries пишет: > Possibly, depend on whether the helper is providing IDs that match > that pattern or clients fetching URLs that match i

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/01/2015 5:19 a.m., Yuri Voinov wrote: > > Understand. As I thought. > > Finally, just for clarity, is this refresh_pattern is meaningful > with store id helper: > > refresh_pattern -i (video-srv|ytimg).*SQUIDINTERNAL1440099% > 518400

Re: [squid-users] squid3

> > It is but it’s the latest version available through apt-get on Debian > 7 without adding backports which I may end up doing anyway. However > I don’t think that is my problem, I think I may have missed > something in my config and was wondering if anyone had seen this > before with the user

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Understand. As I thought. Finally, just for clarity, is this refresh_pattern is meaningful with store id helper: refresh_pattern -i (video-srv|ytimg).*SQUIDINTERNAL1440099% 518400override-expire override-lastmod refresh-ims reload-in

Re: [squid-users] Squid problem, one client for one user

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/01/2015 4:40 a.m., Yuri Voinov wrote: > > I think, this is not Squid, but external auth system issue. > > 29.01.2015 21:34, 456mb пишет: >> with the actually confi, only appear pop-up message to login, but >> dont limit the conexion > >> i new

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/01/2015 4:39 a.m., Yuri Voinov wrote: > > Also - how to count Store ID gotten files? > All StoreID is doing is modifying a hash key. Its not even part of the index lookups, nor in any resulting network activity from those lookups. You can cou

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/01/2015 4:20 a.m., Yuri Voinov wrote: > > No. I want to count all hits :) Not only TCP_HIT/MEMORY_HIT. But > also complementary - TCP_UNMODIFIED_REFRESH, for example. AFAIK, > this is also HIT, no? Yes. Straight from the code here is what is co

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Also - how to count Store ID gotten files? 29.01.2015 21:18, Amos Jeffries пишет: > On 30/01/2015 4:03 a.m., Yuri Voinov wrote: > > > Yep. Can we sum near hits with hits to determine real cache hit > > ratio? Or this is not correct? > > You want to

Re: [squid-users] Squid problem, one client for one user

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think, this is not Squid, but external auth system issue. 29.01.2015 21:34, 456mb пишет: > with the actually confi, only appear pop-up message to login, but dont limit > the conexion > > i new in squid, dont existe a method more easy? > > only i w

Re: [squid-users] Squid problem, one client for one user

with the actually confi, only appear pop-up message to login, but dont limit the conexion i new in squid, dont existe a method more easy? only i want one user per session, but actually i can login 999 times with the same user and pass -- View this message in context: http://squid-web-proxy-

Re: [squid-users] Compile error with Squid-3.5.1 under OpenBSD 5.5

On 30/01/2015 12:56 a.m., Theron ZORBAS wrote: > Hi, > > I'm trying to compile squid-3.5.1 under OpenBSD 5.5 amd64. > > > I use gnutls as a depency package: > # pkg_info |grep gnutls > gnutls-3.2.15 GNU Transport Layer Security library > > > My configure parameters are: > ./configure --e

Re: [squid-users] Webpages won't load or load slowly

On 30/01/2015 3:50 a.m., Rich549 wrote: > Oh...ignore the %LOGIN, that should be !LOGIN in both the error and my > config, I was fiddling with it to see if I could make it work. > Should have been "!auth" by the last snippet you posted. Its a '!' (invert match results) in front of the name of the

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 No. I want to count all hits :) Not only TCP_HIT/MEMORY_HIT. But also complementary - TCP_UNMODIFIED_REFRESH, for example. AFAIK, this is also HIT, no? 29.01.2015 21:18, Amos Jeffries пишет: > On 30/01/2015 4:03 a.m., Yuri Voinov wrote: > > > Yep. C

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30/01/2015 4:03 a.m., Yuri Voinov wrote: > > Yep. Can we sum near hits with hits to determine real cache hit > ratio? Or this is not correct? You want to sum an average time/duration ?! Lets take a step back... What are you trying to get out of

Re: [squid-users] How to force squid to ask for client certificate during tls handshake on https_port?

Not really. There's no place in documentation where it is said which directives trigger user certificate retrieval. This has sense and could be assumed, but, e.g. acl user_cert doesn't trigger acquiring user certificate though this directive works with user certificate too. On 01/29/2015 01:27

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yep. Can we sum near hits with hits to determine real cache hit ratio? Or this is not correct? 29.01.2015 19:57, Amos Jeffries пишет: > On 29/01/2015 11:24 p.m., Yuri Voinov wrote: > > > Amos, > > > btw. > > > Which type of hits cachemgr collects an

Re: [squid-users] Webpages won't load or load slowly

Oh...ignore the %LOGIN, that should be !LOGIN in both the error and my config, I was fiddling with it to see if I could make it work. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Webpages-won-t-load-or-load-slowly-tp4669408p4669420.html Sent from the Squid

Re: [squid-users] Webpages won't load or load slowly

Cool, that's the bit I was looking at so I'll follow that, thanks. I've made the suggested changes to my security but I'm getting the following error when I run reconfigure: 2015/01/29 14:50:37| aclParseAclList: ACL name '%LOGIN' not found. FATAL: Bungled /etc/squid3/squid.conf line 312: http_acc

Re: [squid-users] Webpages won't load or load slowly

On 30/01/2015 3:23 a.m., Rich549 wrote: > Looks like I have some work to do then, thanks for your help! > > With regards to compiling Squid 3.5 for Ubuntu, would this guide be the > correct thing to follow: http://wiki.squid-cache.org/SquidFaq/CompilingSquid > Specifically this part of it:

Re: [squid-users] Webpages won't load or load slowly

Looks like I have some work to do then, thanks for your help! With regards to compiling Squid 3.5 for Ubuntu, would this guide be the correct thing to follow: http://wiki.squid-cache.org/SquidFaq/CompilingSquid - Rich -- View this message in context: http://squid-web-proxy-cache.1019090.n4.na

Re: [squid-users] Webpages won't load or load slowly

On 30/01/2015 2:49 a.m., Rich549 wrote: > Yuri Voinov wrote >> And your access rules looks skew: >> >> http_access deny BlacklistedSites StoresAllow >> http_access allow OK_Unauthenticated >> http_access allow StaticIPWhitelist >> http_access allow InetAllow >> http_access allow StoresAllow >> NP:

Re: [squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 29/01/2015 11:24 p.m., Yuri Voinov wrote: > > Amos, > > btw. > > Which type of hits cachemgr collects and shows? TCP_HIT only? > > What about other HIT-types? All of them, broken down into cache-HITs and near-HITs categories. As you can see in

Re: [squid-users] Webpages won't load or load slowly

Yuri Voinov wrote > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > And your access rules looks skew: > > http_access deny BlacklistedSites StoresAllow > http_access allow OK_Unauthenticated > http_access allow StaticIPWhitelist > http_access allow InetAllow > http_access allow StoresAllow >

Re: [squid-users] Webpages won't load or load slowly

Yuri Voinov wrote > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > This one: > > hierarchy_stoplist cgi-bin ? > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > > is deprecated. > > And your Squid is ancient. :) > > Why don't build from sources latest version? I'll have a look at

Re: [squid-users] testttttt

Lol ...it seems a good joke :) Thanks for all guys @ this nice mailing list . -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of HackXBack Sent: Wednesday, January 28, 2015 2:53 PM To: squid-users@lists.squid-cache.org Subject: Re:

Re: [squid-users] Webpages won't load or load slowly

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 And your access rules looks skew: http_access deny BlacklistedSites StoresAllow http_access allow OK_Unauthenticated http_access allow StaticIPWhitelist http_access allow InetAllow http_access allow StoresAllow http_access allow ftp http_access al

Re: [squid-users] Webpages won't load or load slowly

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This one: hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY is deprecated. And your Squid is ancient. :) Why don't build from sources latest version? 29.01.2015 17:24, Rich549 пишет: > Hi, > > Having a problem with

[squid-users] Compile error with Squid-3.5.1 under OpenBSD 5.5

Hi, I'm trying to compile squid-3.5.1 under OpenBSD 5.5 amd64. I use gnutls as a depency package: # pkg_info |grep gnutls gnutls-3.2.15 GNU Transport Layer Security library My configure parameters are: ./configure --enable-arp-acl --disable-auth-basic --disable-auth-digest --enable-dela

[squid-users] Webpages won't load or load slowly

Hi, Having a problem with a new Squid installation, 3.3.8 in Ubuntu 14.04. When trying to load certain webpages: twitter.com, reddit.com, ubuntugeek.com and experts-exchange.com the pages just sit there loading and eventually in the case of Twitter some text will load but not in the correct order

Re: [squid-users] How to force squid to ask for client certificate during tls handshake on https_port?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just read squid.conf.documented, is it? ;) 29.01.2015 16:26, Pavel Kazlenka пишет: > Answering my own question: > > Adding clientca= and cafile= options of https_port is enough to trigger client certificate request. > > On 01/28/2015 03:44 PM,

Re: [squid-users] How to force squid to ask for client certificate during tls handshake on https_port?

Answering my own question: Adding clientca= and cafile= options of https_port is enough to trigger client certificate request. On 01/28/2015 03:44 PM, Pavel Kazlenka wrote: Hi gentlemen, I have https_port configured as the next: https_port 3128 cert=/home/tester/certificates/server.crt key=

[squid-users] Which hits cachemgr shows?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Amos, btw. Which type of hits cachemgr collects and shows? TCP_HIT only? What about other HIT-types? WBR, Yuri -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBAgAGBQJUygpwAAoJENNXIZxhPexGUOIIAIA3BMaeVCD8UvSFQ+IH0rOM g45WXGARa6NS9pmPHMhR

Re: [squid-users] Error negotiating SSL connection on FD 20: error:00000000:lib(0):func(0):reason(0) (5/-1/131)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Not yet. Works on it. 29.01.2015 4:54, HackXBack пишет: > You solve It ? > > > > -- > View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Error-negotiating-SSL-connection-on-FD-20-error--lib-0-func-0-reason-0-5-1

Re: [squid-users] Squid problem, one client for one user

On 29/01/2015 8:53 p.m., 456mb wrote: > Hi i try disable multilogin of the same user (avoid share accounts), but not > luck, i used that config > > *auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd > acl ncsa_users proxy_auth REQUIRED > http_access allow ncsa_users > aut