Re: [squid-users] [squid-announce] [ADVISORY] SQUID-2020:7 Cache Poisoning Issue in HTTP Request processing

2020-07-04 Thread TarotApprentice
Debian bug 964283 raised. If you are talking to the Debian security team you might want to discuss pushing it into buster with one of their point releases. MarkJ > On 28 Jun 2020, at 12:57 am, Amos Jeffries wrote: > > On 28/06/20 2:27 am, TarotApprentice wrote: >> A

Re: [squid-users] [squid-announce] [ADVISORY] SQUID-2020:7 Cache Poisoning Issue in HTTP Request processing

2020-06-27 Thread TarotApprentice
Any plans to get this into Debian, or if they’ll apply the patch to 4.11? Cheers MarkJ > On 27 Jun 2020, at 2:45 am, Amos Jeffries wrote: > > __ > > Squid Proxy Cache Security Update Advisory SQUID-2020:7 >

[squid-users] QUIC support in Squid

2020-04-22 Thread TarotApprentice
I know QUIC has been around for a while. I see the IETF have a proposed standard[1]. OpenSSL have also expressed interest, but not until OpenSSL 3 is out[2]. Are there any plans for Squid to support the QUIC protocol in a future version? [1]

Re: [squid-users] [squid-announce] [ADVISORY] SQUID-2019:4 Multiple Issues in HTTP Request processing

2020-04-19 Thread TarotApprentice
I am not sure if you have any contact with the Debian maintainers. I raised a bug with Debian in March asking for 4.10 to get promoted to buster-backports on the grounds of security fixes. If we’re on the stable release (buster) we are stuck with 4.6 until the next stable release (up to 2

Re: [squid-users] Confirmation page not working

2020-04-17 Thread TarotApprentice
gt; On Friday 17 April 2020 at 15:32:38, TarotApprentice wrote: >> >> > Trying to visit the confirmation page at >> > http://lists.squid-cache.org/confirm/squid-users/ but it doesn’t seem to >> > be responding. I’ve tried over a couple of days. >> >> When you

[squid-users] Confirmation page not working

2020-04-17 Thread TarotApprentice
Trying to visit the confirmation page at http://lists.squid-cache.org/confirm/squid-users/ but it doesn’t seem to be responding. I’ve tried over a couple of days. MarkJ ___ squid-users mailing list squid-users@lists.squid-cache.org

Re: [squid-users] caching apt package lists/Raspbian

2019-08-18 Thread TarotApprentice
It turns out it still doesn't cache them the Packages.xz. From discussions over on the RaspberryPi forums it seems its hitting the following (this is just the Packages.xz) in order to match their main, contrib, non-free and rpi repos. $ apt-get --print-uris update

Re: [squid-users] caching apt package lists/Raspbian

2019-08-03 Thread TarotApprentice
% 1440 which I thought was fairly conservative. MarkJ > On 21 Jul 2019, at 5:08 pm, TarotApprentice wrote: > > It whatever Raspbian and the router do by default, although I do use an > iptables firewall. I normally don't see any IPv6 from the other Pis, so maybe > something to do

[squid-users] caching apt package lists/Raspbian

2019-07-19 Thread TarotApprentice
Recently upgraded to Raspbian Buster and squid 4.6. Since then I am unable to cache the Packages.xz that apt uses. The various other Pis using this proxy all end up downloading the 30MB Packages.xz every time. Does anyone have any suggestions on how to get it to cache? Cheers MarkJ squid -v

[squid-users] Squid security advisories

2019-07-13 Thread TarotApprentice
On the Squid-Announce list there were advisories 2019:1, 2, 3, 5 and 6. Was there a 2019:4 that was missed? MarkJ ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Bounces

2018-08-04 Thread TarotApprentice
I get them all the time. Yahoo seems to be particularly bad. MarkJ On Sat, 4/8/18, Alex K wrote: Subject: [squid-users] Bounces To: squid-users@lists.squid-cache.org Received: Saturday, 4 August, 2018, 5:29 PM Hi all,  I have been receiving

Re: [squid-users] [squid-announce] Squid 4.1 is available

2018-07-23 Thread TarotApprentice
I’ve emailed the packaging team. The more people that ask the more likely they are to act on it so if anyone else is interested please drop them an email. MarkJ > On 6 Jul 2018, at 3:52 pm, Amos Jeffries wrote: > >> On 06/07/18 14:27, TarotApprentice wrote: >> Hopeful

Re: [squid-users] [squid-announce] Squid 4.1 is available

2018-07-05 Thread TarotApprentice
Hopefully the Debian guys will push this through to Stretch-backports this time. 3.5.27 only made it as far as buster (testing). Unfortunately libc 2.27 is in there and that meant it wanted to update many other packages. MarkJ > On 4 Jul 2018, at 3:02 pm, Amos Jeffries wrote: > > The Squid

Re: [squid-users] 4.0.23 release in Debian

2018-02-07 Thread TarotApprentice
I’ve already raised a Debian bug regarding startup script issues with it. Maybe that will receive some attention. > On 7 Feb 2018, at 9:25 pm, L.P.H. van Belle wrote: > > Hi, > > If you want a squid 3.5.27 for debian stretch. (amd64 only builded) > Have a look here :

[squid-users] Squid 4.0.23 from Debian experimental

2018-01-25 Thread TarotApprentice
A few issues with 4.0.23 1. It doesn’t auto start (4.0.21 did) upon reboot, but can be started via a “service squid start” command 2. It seems to want to create the cache directories every time it starts up and then complains that the directories already exist. 3. When stopping it there are

[squid-users] 4.0.23 release in Debian

2018-01-22 Thread TarotApprentice
Given today’s announcement of squid 4.0.23, are there plans for Debian to pick it up? Currently they have 4.0.21 in experimental and 3.5.23 in their other repos. Emails to the squid maintainers at Debian go unanswered. ___ squid-users mailing list

[squid-users] APT/Raspbian caching

2017-11-10 Thread TarotApprentice
One of the deployments I have is a cluster of Raspberry Pis. I am trying to cache apt content. The cluster has one node running (only) squid 3.5.23 with an external HDD. All the nodes have an entry in apt.conf.d pointing to the squid node: Acquire::http::Proxy "http://localhost:3128;; (this

[squid-users] Use arp and time acls to control access

2016-05-10 Thread TarotApprentice
I'm trying to restrict internet access of certain devices to certain times of the day. My config looks like: acl devicename1 arp aa:bb:cc:dd:ee:ffacl devicename2 arp aa:bb:cc:ff:ee:ddacl usertime time MTWHF 06:30-08:00acl usertime time MTWHF 18:00-22:30 http_access allow devicename1

Re: [squid-users] squid -z not exiting?

2016-01-29 Thread TarotApprentice
Under Debian I remember that I had to hit enter after it had displayed all the directories it was creating and then it comes back to the bash prompt. The actual creation process seems to work fine, it just stops on the last one and "appears" to hang. MarkJ > On 30 Jan 2016, at 8:33 AM, Lucía

[squid-users] Fw: Squid 32-bit (2.7.2) much faster than Squid 64-bit (3.5.11)

2015-12-11 Thread TarotApprentice
Sorry should have replied to the list. MarkJ - Forwarded Message - >From: Tarot Apprentice >To: Patrick Flaherty >Sent: Friday, 11 December 2015, 14:10 >Subject: Re: [squid-users] Squid 32-bit (2.7.2) much faster than Squid 64-bit

Re: [squid-users] 32bit (i386) squid 3.5 cache dir size limit?

2015-11-30 Thread TarotApprentice
Fortunately I'm using aufs so lots of files. Thanks for the reminder. Cheers, MarkJ > On 1 Dec 2015, at 3:48 AM, Alex Rousskov <rouss...@measurement-factory.com> > wrote: > >> On 11/30/2015 04:28 AM, Amos Jeffries wrote: >>> On 30/11/2015 11:59 p.m., TarotApprent

[squid-users] 32bit (i386) squid 3.5 cache dir size limit?

2015-11-30 Thread TarotApprentice
I am setting up a backup proxy server using an old P4 machine which can only do 32bit. As its only got 1Gb of RAM its not going to hit the 32bit limit on memory, but what about the cache_dir? Is it limited to 32bit addressability (ie 4Gb) max size? Cheers, MarkJ

[squid-users] Fw: Carp example on Debian

2015-10-31 Thread TarotApprentice
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machine MarkJ - Forwarded Message - >From: TarotApprentice <tarota

[squid-users] Carp and internal mgr server list

2015-10-31 Thread TarotApprentice
Running the carp example and when I do the internal-mgr/server_list it shows the following for the various kids. Shouldn't the last query/reply and pings be updating for kids 2 and 3? Top shows there are 5 squid instances running and 3 pingers. MarkJ by kid1 { Parent: backend-kid2 Host

Re: [squid-users] Carp example on Debian

2015-10-30 Thread TarotApprentice
d-users] Carp example on Debian > > On 30/10/2015 12:40 a.m., TarotApprentice wrote: > > > Change this: >> http_port 127.0.0.1:400${process_number} > > > To: > http_port localhost:400${process_number} > > Amos > _

[squid-users] Carp example on Debian

2015-10-29 Thread TarotApprentice
Trying to run the carp example on Debian this time. The machine is testing with is an i5 with 8Gb of RAM and a 320Gb HDD. I'm getting the following errors in the frontend.cache.log when I try to access a site. Which debug flags should I try? It looks to me like a permissions issue, but I'm not

[squid-users] 3.5.9 for Debian

2015-09-25 Thread TarotApprentice
Is there a chance we can get 3.5.9 into Debian please. Cheers, MarkJ ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Pinger exiting

2015-09-19 Thread TarotApprentice
Running 3.5.7 under Debian. In my cache.log I get pinger exiting every day around 06:25. 2015/09/18 06:25:01| Set Current Directory to /var/spool/squid 2015/09/18 06:25:01 kid1| storeDirWriteCleanLogs: Starting... 2015/09/18 06:25:01 kid1| Finished. Wrote 34846 entries. 2015/09/18 06:25:01

Re: [squid-users] Which DNS to use

2015-07-15 Thread TarotApprentice
- Original Message - From: Antony Stone antony.st...@squid.open.source.it To: TarotApprentice tarotapprent...@yahoo.com Cc: Sent: Wednesday, 15 July 2015, 0:55 Subject: Re: [squid-users] Which DNS to use On Tuesday 14 Jul 2015 at 13:59, TarotApprentice wrote: I have a domestic DSL router

[squid-users] Squid 3.5.6 Windows SquidTray crash

2015-07-08 Thread TarotApprentice
Unfortunately SquidTray still crashes with 3.5.6. This is on Server 2008 R2 x64 (as before). The mini dump is shown below. MarkJ - Description: Stopped working Problem signature: Problem Event Name: CLR20r3 Problem Signature

[squid-users] Trying the SmpCarpCluster example

2015-07-07 Thread TarotApprentice
I've setup a test machine with Debian Jessie and got squid from the repo (3.4.8). I'm trying the SmpCarpCluster example given in the wiki. Unfortunately its not working too well. I've used the 3 conf files shown in the example, adjusted memory sizes and the directories. I had to add

Re: [squid-users] Suggested refresh_pattern for debian repos?

2015-06-13 Thread TarotApprentice
refresh_pattern for debian repos? On 13/06/2015 8:05 p.m., TarotApprentice wrote: I've seen a couple of refresh_pattern combinations that people use to cache Linux repos. Does anyone have a working one for Debian repos? The debian repository responses simply dont have the right headers

[squid-users] Suggested refresh_pattern for debian repos?

2015-06-13 Thread TarotApprentice
I've seen a couple of refresh_pattern combinations that people use to cache Linux repos. Does anyone have a working one for Debian repos? MarkJ ___ squid-users mailing list squid-users@lists.squid-cache.org

[squid-users] Upload issue with squid 3.5.5

2015-06-09 Thread TarotApprentice
I have a number of machines running BOINC which are having issues uploading with one particular project (climateprediction.net) however if I redirect the client to a Squid 2.7 server they work fine. It doesn't do it every time, some files work just fine. They are usually 15Mb or 47Mb uploads.

[squid-users] Recommended multi-worker setup?

2015-06-09 Thread TarotApprentice
In the examples on the squid site it gives a multi-worker example using carp (http://wiki.squid-cache.org/ConfigExamples/SmpCarpCluster). Now that rock storage has been updated with 3.5.5 is that still the best approach? I was thinking of a single rock cache so the workers could share it rather

[squid-users] Squid 3.5.5 on Win doesn't release files after rotate

2015-06-08 Thread TarotApprentice
Back to Squid 3.5.5 on Server 2008 x64. Had an access.log and cache.log in /squid/var/log/squid. After doing a squid -k rotate it successfully created new ones and old ones became access.log.0 and cache.log.0 as expected. However cannot open cache.log.0 as its still in use. access.log.0 can be

[squid-users] 3.5.5 Win x64 SquidTray crash

2015-06-07 Thread TarotApprentice
Installed 3.5.5 on Server 2008 R2 x64. At login SquidTray crashes and windows gives the following minimal output. I can live without SquidTray anyway but thought I should report it. I did have 3.5.1 working previously. MarkJ --- Description: Stopped working Problem signature: Problem

[squid-users] Can files be placed on a RAID volume now?

2015-06-07 Thread TarotApprentice
I recall from Squid 2.7 days the recommendation not to put the cache files on a RAID volume under Windows. Does that restriction still apply? Related does the windows version use the different file system types (ie rock, aufs, ufs) for the disk cache or is it irrelevant under windows. Cheers,

[squid-users] Fw: 3.5.5 Win x64 SquidTray crash

2015-06-07 Thread TarotApprentice
: TarotApprentice tarotapprent...@yahoo.com To: Squid-users squid-users@lists.squid-cache.org Cc: Sent: Sunday, 7 June 2015, 20:26 Subject: 3.5.5 Win x64 SquidTray crash Installed 3.5.5 on Server 2008 R2 x64. At login SquidTray crashes and windows gives the following minimal output. I can live