Hello Eliezer,
it is a CentOS 6 box,
br0 is a bridge device, connecting eth0 and wlan0 to one ip subnet/ipv6
prefix
might this be a problem?
the results of "sysctl -a |grep forward|grep v6":
net.ipv6.conf.all.forwarding = 1
net.ipv6.conf.all.mc_forwarding = 0
net.ipv6.conf.default.forwarding =
On 09/08/17 20:15, Jason Haar wrote:
Thanks for that guys. Dumb mistake - I had "%"%
(although it's so 'dumb' that I'm now wondering "did I originally chose
that for a reason?". I've just lowercased it - I guess I'll see what
breaks ;-)
Upper case is FQDN / rDNS hostname, you may have been tr
Hey Walter,
I have ran basic tests which are not including direct internet access and it
seems like squid is intercepting traffic fine on a CentOS 7.
Try to use:
ip -f inet6 rule add fwmark 1 lookup 100
ip -f inet6 route add local default dev lo table 100
ip6tables -t mangle -F
ip6tables -t mang
I will try to reproduce and then I will respond.
I don't know what you are trying to do exactly but if you are receiving an ICMP
reject it's probably because of a good reason.
Have you seen something in squid access.logs?
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28
Hello Eliezer
ip -6 rule is this
0: from all lookup local
32765: from all fwmark 0x1 lookup 100
32766: from all lookup main
the two commands where
ip -f inet6 rule add fwmark 1 lookup 100
ip -f inet6 route add local default dev br0 table 100
ip6tables-save is this
# Generated by ip6t
Hey,
Have you tried to run the external_acl command from command line?
Ie:
/usr/lib/squid/ext_session_acl -T 60 -b /var/lib/squid/session.db
?
Eliezer
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
From: squid-users [mailto:squi
Hey Ninja,
This is one beefy machine you have there.
I believe that it is expected to have at-least 8 cores total and you seem to
maybe misunderstand or confuse couple things with squid.
The only cache_dir you can use on such a machine that will be efficient would
probably be rock but before you
Can you attach or paste\gist the output of:
iptables-save
ip6tables-save
ip rule
??
It will help to also see the tables which you use in conjunction to the "ip
rule" based on the mark.
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
I believe that it's better to ask then staying wondering why the "magic"
machine works or doesn't.
There are only extreme cases which to my opinion should not be asked but since
I know squid and back about 20 years I have yet to have found a question which
shouldn't been asked.
(some needed to b
Hey Naresh,
The RAM you need would differ by the nature, hardware and couple other
things about the nature of the machine.
What you need is start from the bottom and move up.
List for yourself the machine specs and your goals.
It really helps to start from low ie the default 256MB ram cache and wi
* Alex Rousskov :
> On 08/09/2017 02:21 AM, Ralf Hildebrandt wrote:
>
> > I found that some portion is caused by "ldirectord" probing if the
> > proxy service on port 8080 is still active & working.
>
> "active" -- maybe, but "working" -- hardly.
I had to checks, one "simple" connect check (pro
On 08/09/2017 02:21 AM, Ralf Hildebrandt wrote:
> I found that some portion is caused by "ldirectord" probing if the
> proxy service on port 8080 is still active & working.
"active" -- maybe, but "working" -- hardly. To probe that the proxy
service is "working" one should send that service at lea
On 09/08/17 05:15, Ralf Hildebrandt wrote:
* Marcus Kool :
I have only seen regex failing with such short RE on AIX.
what is your OS, distro, CPU and lib version ?
Ubuntu Linux LTS 16.04 (xenial)
x86_64 (amd64)
I guess you mean libc:
ii libc6:amd642.23-0ubuntu9
* Alex Rousskov :
> > 1502192404.759 00 10.43.25.85 NONE/000 0 NONE
> > error:transaction-end-before-headers - HIER_NONE/- - accessRule=- -
>
> > Some statistics:
> >
> >
> > Fileerror total lines
> > access.log-20170716 49627 2211867
> > access.log-201707
Thanks for that guys. Dumb mistake - I had "%
wrote:
> I looked at:
> http://www.squid-cache.org/Doc/config/logformat/
>
> and the default squid logformat:
> logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs % %Sh/%
> Seems to contain the desired pattern.
> Am I missing something?
>
> Eliezer
>
>
* Marcus Kool :
> I have only seen regex failing with such short RE on AIX.
> what is your OS, distro, CPU and lib version ?
Ubuntu Linux LTS 16.04 (xenial)
x86_64 (amd64)
I guess you mean libc:
ii libc6:amd642.23-0ubuntu9
> BTW: why use regular e
16 matches
Mail list logo
