[squid-users] Can a dummy packet be passed?

Hi! (B (BIs it possible to pass the data of only a header to ClientPC by change of an setup of (BSquid-2.4-stable1? (B (Bwaiting for reply.. (B (BThanks (B (BYutaka (B (B

[squid-users] Allways check the origin server.

Hi, I have Squid installed in my FW as a transparent proxy. I have been analysing the access_log file and I have seen that I have a lot of TCP_IMS_HIT/304 log lines. If I'm not wrong, this logs means that the proxy return a non modified code (304) to the browser that iussed the HTTP request

Re: [squid-users] Can a dummy packet be passed?

Sorry, I do not understand what you want to accomplish. Please explain in other words what your goal is. Regards Henrik [EMAIL PROTECTED] wrote: Hi! Is it possible to pass the data of only a header to ClientPC by change of an setup of Squid-2.4-stable1? waiting for reply.. Thanks

Re: [squid-users] Documentation notes about Cache Statistics

Most cachemgr pages are quite obvious the day you need them.. if you don't understand the information then you probably have no need of it. The most interesting information is collected on the General Runtime Information page. The other pages mostly contains details behind this information.

Re: [squid-users] bypassing the proxy for local atomic hostnames

See append_domain and always_direct directives. Regard Henrik Rolf wrote: hello I'm having trouble with configuring squid (2.5stable1) to handle internal, 'intranet' addresses which are not fully qualified. Squid currently is setup to do proxy_auth with active directory group

Re: [squid-users] incoming_http_average min_http_poll_cnt ?

These parameters are magic numbers used in tuning the balance between accepting new connections and processing already accepted connections. There is little point in discussing these without also looking into the minute details of the Squid internal implementation of network I/O in comm_select.c.

Re: [squid-users] Allways check the origin server.

Carles Xavier Munyoz Baldó wrote: Hi, I have Squid installed in my FW as a transparent proxy. I have been analysing the access_log file and I have seen that I have a lot of TCP_IMS_HIT/304 log lines. If I'm not wrong, this logs means that the proxy return a non modified code (304) to

Re: [squid-users] reference_age

akira wrote: Hello SQUID Users i found TAG reference_age in squid.conf.default 2.4 but same tag is not found n squid.conf.default 2.5 STABLE1 does this has beedn removed or obsolated in squid 2.5 http://www.squid-cache.org/mail-archive/squid-users/200303/0581.html well,

Re: [squid-users] Authentification against DominoNotes LDAP

Of course there are differences, I have seen this before D:\Lotus\Dominoldapsearch -h 172.25.0.19 -p 389 uid=vogels CN=Stefan Vogel,OU=nu,OU=eu,OU=au,O=cag cn=Stefan Vogel shortname=VogelS uid=VogelS [EMAIL PROTECTED] objectclass=top objectclass=person objectclass=organizationalPerson

Re: AW: [squid-users] connection reset by peer. Read error 104

If there is no entry in access.log then the request was not even received by Squid.. I have no explanation to the NONE://123.123.123.123:8080http://www.immowelt.de/immobilien/IS_ObjListe .asp thing. Regards Henrik tor 2003-04-03 klockan 12.08 skrev Zobel, Martin: Dear Mr. Nordstrom, the

[squid-users] what happen if cache be full

Hello SQUID users, I have squid 2.5 stable1 1) what happen if my cache be completely full does squid stores new coming objects? 2) if i am setting reference_age to 1 month.I got my cache full. I don't have any cached object older then 15 days and refrence_age is 1 month then what will happened

RE: [squid-users] Can a dummy packet be passed?

My goal is... introducing Webshield e500. (Bhttp://www.mcafeeb2b.com/products/webshield-eapp/default.asp (B (BInternet (B| (B|Webshield e500(scanning 8080)---Squid(8080) (B| (BClients (B (B (BWebshield e500 is operating by transparent bridge mode. (B (BData is not

RE: [squid-users] Can a dummy packet be passed?

Exacly what is this dummy packet? HTTP is HTTP. There is no such thing as a dummy HTTP response. Regards Henrik tor 2003-04-03 klockan 12.52 skrev [EMAIL PROTECTED]: My goal is... introducing Webshield e500. http://www.mcafeeb2b.com/products/webshield-eapp/default.asp Internet |

[squid-users] Using squidGuard with Squid.

Hi Everyone, When I integrate squidGuard with Squid by setting up /etc/squid.conf with redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf , does squidGuard take up all the access control management off from Squid? Basically, are all the access rules in /etc/squid.conf

Re: [squid-users] Ldap and Active directory

tis 2003-04-01 klockan 20.47 skrev kevin stuttard: squid_ldap_auth by running make install as suggested elsewhere in this mailing list and read the documentation in the helper direcory of the source as suggested by Henrik. I have placed a couple of lines in my squid.conf as follows

Re: [squid-users] FAQ 7.13 Can I make origin servers see theclient's IP address when going through Squid?

What the FAQ entry forgets to mention is that you also need to modify Squid to make use of the experimental transparent proxy support in your patched Linux kernel.. See the squid-dev archives. Regards Henrik ons 2003-04-02 klockan 21.03 skrev Dave Restall - System Administrator: Hi, I'm

Re: [squid-users] Squid Samba

Yes. This is the normal setup, having Samba join the existing domain. See the Squid FAQ for quite detailed instructions for using winbind with Squid, including installation of Samba. Regards Henrik ons 2003-04-02 klockan 20.56 skrev Mike Diggins: I'm just about to look at upgrading to Squid

Re: [squid-users] running out of file descriptors

ons 2003-04-02 klockan 23.05 skrev Mike Rambo: a) Is it swapping? Yes, a little anyway. Since we rebooted yesterday is is about 5MB into swap. Prior to the reboot it had reached almost 100MB swap after approximately 30 days or so uptime. The machine has either 1GB or 1.5GB ram installed

Re: [squid-users] Allways check the origin server.

tor 2003-04-03 klockan 10.41 skrev Carles Xavier Munyoz Baldó: If I'm not wrong, this logs means that the proxy return a non modified code (304) to the browser that iussed the HTTP request without forwarding the request to the origin server. Yes. I would like that squid always forwards a

Re: [squid-users] Something is missing when using squid

I disabled ad-zapper and the same thing happens. It's definately happening on the www.mailwasher.net website. If I click on download.php link or tutorial.php it says Some files may be harmful to your computer. Would you like to download or open this file?. At 01:41 PM 3/04/2003 +0200, you

Re: [squid-users] what happen if cache be full

tor 2003-04-03 klockan 12.23 skrev atit jariwala: 1) what happen if my cache be completely full does squid stores new coming objects? Yes, of course. The cache never becomes completely full as Squid is automatically removing old objects when the cache is close to full. The only case where a

RE: [squid-users] IE Problem with Proxy Auth

Hi guys, I hate to say it, but I did have this problem at squid 2.4 Stable7, when I upgraded to 2.5Stable1 the problem went away. I am using IE6SP1. -Original Message- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: 03 April 2003 12:22 To: Renato Ghirotti Cc: [EMAIL PROTECTED]

Re: [squid-users] Allways check the origin server.

On Thursday 03 April 2003 13:55, Henrik Nordstrom wrote: But please note that in such case there is very limited benefit of using a cache. The overhead of a conditional GET is the same as a plain GET, and the biggest benefit of a cache is to be able to avoid this overhead in latency time. This

Re: [squid-users] Allways check the origin server.

On Thursday 03 April 2003 14:56, Henrik Nordstrom wrote: Not a lot... it will need to do the verification of each image, which means a HTTP request plus full response headers transferred over the network. Only transfer of the actual image data is avoided. Yes, I agree, but the image transfer

Re: [squid-users] Authentification against DominoNotes LDAP

Which Squid version are you using? (2.5.STABLE2 required) What is the exact contents of your LDAP group again? (my memory is short..) Does the -f filter specification to squid_ldap_group work when you use ldapsearch manually? Try changing the -F argument to exacly the same as used for -f in

Re: [squid-users] Repost: wb_group locks my 2k domain users

I don't want to be pedantic. Henrik could you gently tell me why do you think is a 2k Domain issue and not a squid one ? As I can see wb_group doesn't authenticate users into the domain, it only make a biunivoc corrispondence between Domain User and Group and send OK or ERR to squid, so why it

Re: [squid-users] Ldap and Active directory

tor 2003-04-03 klockan 16.30 skrev kevin stuttard: I have tried using ldapsearch but without any success whatsoever. What happens? Do I need to set up the ldap.conf file for openldap? No. Also, I do not seem to have a slapd.conf. Do I need to have this? No. slapd.conf is only of

Re: [squid-users] Authentification against DominoNotes LDAP

tor 2003-04-03 klockan 17.06 skrev [EMAIL PROTECTED]: The ldapsearch shows: D:\Lotus\Dominoldapsearch -h 172.25.0.19 -p 389 ((cn=CAS_NU_Internetuser)(obj ectClass=groupOfNames)(member=CN=Stefan Vogel,OU=nu,OU=eu,OU=au,O=cag)) CN=CAS_NU_Internetuser

Re: [squid-users] New Code Red?

Hi, We are seeing a possible new code red. Each victim will flood to a particular destination. Unlike the original one, this one does not have send proper HTTP method. Although Squid will return Bad Request, this attack will consume a lot of resources and bring down the Squid box... Anybody

[squid-users] display message on first connection

Hi, Is it possible with squid to display a message for users to read before they are allowed to surf the net? TIA Sherwin

[squid-users] SSL patch and recent patches for openssl

Hi folks, iirc the engine version of openssl is necessary to use the SSL patch for squid2.5 for reverse SSL proxying. Am I right? I wasn't able to apply the patches regarding the recently published bugs in openssl, at least against openssl-engine-0.9.6.i. No problem with openssl-0.9.7a. Is there

Re: [squid-users] what happen if cache be full

Pali Singh wrote: The only case where a Squid cache becomes completely full is if you shrink the size of an existing cache by editing squid.conf after it has been filled. What happens in this case? Does it still replace the oldest objects? If so is this configurable? Squid yells in

Re: [squid-users] Building with transparent proxying on FreeBSD

Maybe you have not installed the required components, or things have changed in FreeBSD... The 4.8 test notes says that IP-Filter have been updated. IPFilter has recently been updated to version 3.4.31 and has not yet been thoroughly tested in -STABLE. Maybe they have broken something which

[squid-users] browser caught in a loop while redirecting

Hi! This has probably come up before on the list, but couldn't find anything. I have the following code as a redirection perl script: #!/usr/bin/perl $|=1; while () { $url = http://www.somesite.com\n;; print 302:$url\n; } I took an example from squid-cache.org

[squid-users] Special Access Control Lists

Hello All, Our company's Internet Policy is to allow web browsing for employees during the normal lunch period. However, there are a few employees that require regular all-day long access to a few sites in order to perform their job. For instance; Our Shipping and Receiving Manager would like

[squid-users] http_access

Hello, I want to limit the access to my content filtering environment. Below is the part of my squid.config file dealing with access control. While troubleshooting, I put only my IP Address and Network mask. These are definitely working IP Addresses and Netmasks. Please help!!

Re: [squid-users] bypassing the proxy for local atomic hostnames

Thanks. Still not working. append_domain adds the domain as expected but still the request is being passed to the upstream cache (outside our net) which has no knowledge of our hosts, qualified or not. So always_direct is set as follows acl local-sites dstdomain .domain.com.au always_direct

[squid-users] All configured parent caches are currently unreachable.

Hello, This is what I'm getting and what I think: ACL: # If an IP is from the exception-entries list, then # pass the request to 10.1.1.4 proxy server. acl mte src 10.1.10.201-10.1.10.207/255.255.255.255 10.1.4.68 acl skr src 10.1.4.160-10.1.4.180/255.255.255.255 acl syd src

Re: [squid-users] bypassing the proxy for local atomic hostnames

Sorry. working now. always_direct allow a b c means that a b and c are logically and'ed as per http_access allow ... yes? If I want always_direct for a b and c do I need always_direct a always_direct b always_direct C ? always_direct a b c does not mean the same thing? rolf. See append_domain

[squid-users] When must squid be started as root

Hi I notice that enter_suid is used when doing IPF_TRANSPARENT proxying. Does this mean that squid must be started as root when doing transparent proxying? Thanks Gary Price ICT

[squid-users] want to give more file desciptor

hello, I want to assign more file descriptor to my squid process how it is possible? =-== atit

[squid-users] SYN flood attack

Hello SQUID Users I am using SQUID 2.5 STABLE1 i faced SYN flood attck on my squid... and it caused squid to run out of file descriptor... does squid provides any support to prevent it? or is there any other solution to overcome it -- atit

Re: [squid-users] SYN flood attack

your both question file descriptors + SYN cookie attack related to your Operating System not with Squid. so tell us which operating system you are using then I can help u. Best Regards, Masood Ahmad Shah --- atit jariwala [EMAIL PROTECTED] wrote: Hello SQUID Users I am using SQUID 2.5

RE: [squid-users] SYN flood attack

-Original Message- From: atit jariwala [mailto:[EMAIL PROTECTED] Sent: Friday, April 04, 2003 3:19 PM To: [EMAIL PROTECTED] Subject: [squid-users] SYN flood attack Hello SQUID Users I am using SQUID 2.5 STABLE1 i faced SYN flood attck on my squid... and it caused squid to

Re: [squid-users] SYN flood attack

change your values for number of file descriptors and compile your squid again. /proc/sys/fs/file-max like echo 4096 /proc/sys/fs/file-mac if you talk about SYN attack... echo 1 /proc/sys/net/ipv4/tcp_syncookies and increase the values of this echo 1000

[squid-users] downloading large files

Hi everybody, I am using the latest version of the squid software and I have got the following problem : When I want to download huge files, it doesn't work ! First of all it seems to work (getting the first 5 Mb for example and the following ones are not downloaded. Therefore, I'm getting a

[squid-users] Squid Restarting

Hello Squid users, i am using squid 2.4 stable1 I am getting following error message === ctx: enter level 0: 'http://www.dhl.com/html/art/del.gif' === assertion failed: refresh.c:163: age = 0 this is message i got in cache.log and after that squid restart automatically... can any one

Re: [squid-users] downloading large files

Stéphane Cesbron wrote: Hi everybody, I am using the latest version of the squid software and I have got the following problem : When I want to download huge files, it doesn't work ! First of all it seems to work (getting the first 5 Mb for example and the following ones are not

Re: [squid-users] Squid Restarting

atit jariwala wrote: Hello Squid users, i am using squid 2.4 stable1 I am getting following error message === ctx: enter level 0: 'http://www.dhl.com/html/art/del.gif' === assertion failed: refresh.c:163: age = 0 this is message i got in cache.log and after that squid

Re: [squid-users] What is Byte Hit Ratio?

atit jariwala wrote: Hello Squid Users, i am using squid 2.5 stable 1. statistics info in general runtime info section of cachemgr.cgi show Request Hit Ratios: 5min: 53.5%, 60min: 51.0% Byte Hit Ratios: 5min: 24.2%, 60min: 29.5% .. what is Request Hit Ratio and What is