Hello Squid Users and Developers,
Squid has ACL For CONNECT Method
it is
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
Why squid has default behaviour to deny CONNECT requests on non-standard SSL
Ports
Some sites are implementing SSL on non-standard
Li Wei [EMAIL PROTECTED] writes:
the option max_user_ip is a new function with Squid.2.5
From its description, it seems very useful.
However, I'm failed in using it.
Are there any advice to me about how to use it?
acl multiple max_user_ip -s 1
http_access deny multiple
will stop people
Dear Sukhjit,
I will suggest better to use
maximum_object_size 8192 KB
maximum_object_size_in_memory 16 KB
cache_replacement_policy heap LFUDA
These settings can help you to save bandwidth.. for heap LFUDA you
will have to recompile your squid source again if you have not compiled
squid
Dear Ahmad,
i have made the following changes
maximum_object_size 8192 KB
maximum_object_size_in_memory 16 KB
and LFUDA i will do as soon as possible and let you know the results.
cache_replacement_policy heap LFUDA
Regards
Sukhjit Singh
Network Administrator
Emmsons Infotech
atit jariwala wrote:
Hello Squid Users and Developers,
Squid has ACL For CONNECT Method
it is
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
Why squid has default behaviour to deny CONNECT requests on non-standard SSL Ports
Some sites are
h is there any update in bandwidth utilization...I'm sure now you are
saving bandwidth
best of luck :) and enjoy
--
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| * * * * * * * * * * * * * * * * * * * * * * * *
| Fibre Net
On Wednesday 25 June 2003 00.21, Bernhard Erdmann wrote:
Well, my feeling is you should talk to your user and explain him
why sucking at 2 Mb/s is bad would help much more than relying on
technical solutions.
Or better yet, make use of the delay pool feature in Squid to prevent
users from
On Wednesday 25 June 2003 01.48, [EMAIL PROTECTED] wrote:
Hi,
we have been running Squid 2.5.STABLE.1 successfully for some time
now.
However, when the internet clients perform a Google search and
click on the Google Cached Pages, it will be blocked i.e. the
Internet clients will be
On Wednesday 25 June 2003 03.07, Chijioke Kalu wrote:
Jun 25 01:38:30 psyche08 squid: init_cache_dir to...
Jun 25 01:38:33 psyche08 squid: init_cache_dir cache_dir...
Jun 25 01:38:33 psyche08 squid: init_cache_dir Type...
Jun 25 01:38:33 psyche08 squid: init_cache_dir can...
Jun 25 01:38:33
On Wednesday 25 June 2003 08.37, atit jariwala wrote:
Some sites are implementing SSL on non-standard SSL Port
So squid's this behaviour is creating problem in surfing such
site. I am planning to allow CONNECT on non-standard SSL Port as
well but before that i want to know the reasons for
On Wednesday 25 June 2003 06.11, Justin Hennessy wrote:
I am afraid I am not sure. I haven't setup a transparent proxy
before.
On that, could you point me to some good doco to help with do this.
There is the squid FAQ.
There is also many other documents floating around on the Intenet on
On Wednesday 25 June 2003 06.49, Chris Vaughan wrote:
Is there an equivalent to the NoProxy directive used by Apache's
proxy server in squid?
Yes. See the Squid FAQ.
Regards
Henrik
--
Donations welcome if you consider my Free Squid support helpful.
On Wednesday 25 June 2003 08.00, Li Wei wrote:
hi,all
the option max_user_ip is a new function with Squid.2.5
From its description, it seems very useful.
However, I'm failed in using it.
What have you tried?
Regards
Henrik
--
Donations welcome if you consider my Free Squid support
Dear Henrik, list,
i think that i have read for a few days that is possible to authenticate
users from
a NT Domain down to groups in Squid 2.5.
I've installed an Squid 2.5 Stable 1 and i want to know if I can realize
this:
1)
The authentication for users from my NT Domain is working fine, but
ons 2003-06-25 klockan 11.58 skrev Sjaak Nabuurs:
I've 5 server with website running behand a reverse squid server.
But the webmasters of the websites behind squid are complaining that when
they modify and upload a page the don't get ea fresh page.
In M$IE it's the ctrl + F5 button to get it
ons 2003-06-25 klockan 04.20 skrev Sukhjit Singh:
i am using squid in an ISP invironment,
The squid is getting the following number of requests according to mrtg.
Max HTTP requests 406.0 req/min Average HTTP requests 152.0
req/min Current HTTP requests 32.0 req/min
according
On Wed, Jun 25, 2003 at 09:59:39AM +0200, Henrik Nordstrom wrote:
The question you need to ask is why your setup gives the user your
Corporate Warning page when the user asks for google cached pages.
Oh, that is probably quite easy. Some clever people have worked out
that you can bypass
On Wed, Jun 25, 2003 at 10:11:02AM +0200, Henrik Nordstrom wrote:
On Wednesday 25 June 2003 03.07, Chijioke Kalu wrote:
Jun 25 01:38:30 psyche08 squid: init_cache_dir to...
Jun 25 01:38:33 psyche08 squid: init_cache_dir cache_dir...
Jun 25 01:38:33 psyche08 squid: init_cache_dir Type...
Hi,
for using the Elster Windows Client (www.elster.de) this needs spezial
requirements. The internal running Port 3128
works fine for internet browsing. But Elster needs spezial Entries we have
implemented in /etc/squid.conf
but not working.
Elster needs for the local Network the following
Hi Henrik,
yes this is correct that there is nothing to cache on https, I know this but
my problem
is that the proxy authorisation on ssl connections does not work on M$
Browsers IE6 ;o(
The Browsers crash if there was no authorisation over a http session first.
So I search for a way to do this
Most webmasters use MSIE 6.0
Is refresh_pattern a the best option for this problem.
I use this
refresh_pattern \. 300 90% 10400 override-lastmod override-expire
reload-into-ims
But what your best practice.
Thanks for quick responding.
In M$IE it's the ctrl + F5 button to get it fresh.
Is
do you know of email spiders and email mass mailing programs, there good
culprits at choping up bandwidth, and if u dont have some sort bandwidth
manager, it means u could have some users downloading at 10 times the speed
for normal http access
ons 2003-06-25 klockan 04.20 skrev Sukhjit
Michael Ehlers [EMAIL PROTECTED] wrote:
for using the Elster Windows Client (www.elster.de) this needs spezial
requirements. The internal running Port 3128
works fine for internet browsing. But Elster needs spezial Entries we have
implemented in /etc/squid.conf
but not working.
Elster
ons 2003-06-25 klockan 13.38 skrev Mohsin Khan:
Well ppl True, but there are certain
limitations, if give squid a HUP signal or restart it,
it will not only close all the download sessions, but
there are certain java applications that run through
browsers and well they maintain
Hi,
I should have made things more clear, sorry. I want the user agent to be
logged together with the request in one file in one line. I tested
useragent_log in squid.conf but this gives you an extra logfile with only the
user agent logged in it. If you have multiple requests per second I'm not
ons 2003-06-25 klockan 14.41 skrev Chijioke Kalu:
do you know of email spiders and email mass mailing programs, there good
culprits at choping up bandwidth, and if u dont have some sort bandwidth
manager, it means u could have some users downloading at 10 times the speed
for normal http
Hi,
I'm running Squid-2.5STABLE1 with the winbind authentication. Browsing
works fine, but some other applications like RealPlayer (RealOne)
don't. Another application that doesn't work is MSN Messenger (tested with
versions 5.0 and 6.0). I setup proxy, username/passwd in Connection Tab, but
it
Ok, I can limit downloads, but this is not ths
solution, this is just a backdoor way out, there
should be more control over client sessions, A GUI
interface or command line utility, that can alter
individual sessions.
There are certain java aplications that are embeded,
and for them using socks
On Wednesday 25 June 2003 17.59, Mohsin Khan wrote:
I would like to put my head in the source and i guess
i would not have to do much, since squid logs every
session and every request.
The easiest place is probably via the filedescriptor table in
cachemgr. If you comm_close() the offending
On Wednesday 25 June 2003 17.39, Chijioke Kalu wrote:
as regards to this (espiders emailling progs) , do you know of
anyway I can tell squid to refuse connections or drop the
connections, or limit the bandwidth used for this specific
programs, cause they do give me problems
There is multiple
On Wednesday 25 June 2003 17.59, Mohsin Khan wrote:
Ok, I can limit downloads, but this is not ths
solution, this is just a backdoor way out, there
should be more control over client sessions, A GUI
interface or command line utility, that can alter
individual sessions.
I am of the opposite,
Sorry for what must be a dumb question, but I can't get this error to go
away
on my new Squid setup.
# service squid reload
2003/06/24 16:59:58| WARNING cache_mem is larger than total disk cache
space!
Here's my config:
# squid -v
Squid Cache: Version 2.4.STABLE6
# cat
On Wednesday 25 June 2003 20.02, Karl Kopper wrote:
# service squid reload
2003/06/24 16:59:58| WARNING cache_mem is larger than total disk
cache space!
Here's my config:
# squid -v
Squid Cache: Version 2.4.STABLE6
Upgrading may be a good idea.. especially if you are making a new
Squid
On Thursday 26 June 2003 00.16, Mikko Lahikainen wrote:
Would it be possible (with squid 3.0) to do password
authentication while forwarding https requests to exchange
web access box.
Yes, provided your accelerator uses the same login+password database
as your Exchange server. The HTTP
Dear all squid gurus,
kindly tell me how to increase byte hit ratio or how to save bandwidth with
squid+wccp.
Regards
Sukhjit Singh
Sukhjit,
WCCP can not save bandwidth :) you will have to study it first...
If you talk about to increase byte hit ratio you will have to study in squid
refresh_pattren I'm sure it will help
--
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
|
first of all keep in mind always CC to squid list please..
where you are getting problem to make MRTG?
What type of favor you are looking for ?
--
Best Regs,
Masood Ahmad Shah
System Administrator
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
| * * * * * * * * * * * * * * * * * * * * * *
Hi
First of all, my squid is already running happily with
its authentication procedure...
Now I want to limit my users to make just a certain
number of connections, say 1 connection. So I put in
my squid.conf these lines :
acl justone src 10.100.1.1
acl 1CONN maxconn 1
http_access deny 1CONN
38 matches
Mail list logo