Yes, Squid has permission to run the redirector. Squid runs as 'nobody'
and the redirector is owned by 'nobody' with 755 permissions.
Murrah Boswell
Duane Wessels wrote:
Is this telling me that my redirectors are dying from an error in the
redirector code, or what?
Make sure that the
Do you think it could have something to do with the convoluted way that
ar.atwola.com is generating the dynamic ads since all I get are broken
links to their ads? I mean, what does the link
http://ar.atwola.com/link/93183014/aol do anyway?
Murrah Boswell
Duane Wessels wrote:
Is this telling
Hi,
I have the following problem, some file downloads will start, but hang after
the
first 50-100k until killed, if I remove the proxy and go direct the D/L
work.
I have a child parent setup, a child in each region and then 3 parent
server.
Only change that comes to mind is a change to the
hi all,
I am using squid as an accelerating proxy.
Sometimes, I encounter a strange delay, which you can right now
see if you click this link:
http://city-map.de/city/db/01010101/1/391/Hotels.html
this page will not completely be loaded.
if you add a quotation-mark at the end
More info:
Regional proxy reports FIRST_PARENT_MISS and the parent reports in the
store.log:
1071818963.004 RELEASE 00 0009BED5 22C0301998FD516534F3F9A9870D1AA1 200
1071818062 1071684461-1 application/octet-stream 10672504/76481 GET
http://www2.ati.com/drivers/hydravision-3-25-0006.exe
Hi all.
I have a number squid proxies on my network the one child proxy is set =
to use the primary proxy as perant, but the requests aren't being =
displayed in the logs.
This is my acl config for the child proxy. I have used both the ip and =
the FQNS of the parent proxy ..
shutdown_lifetime
Hello ,
I have a problem with my squid. Squid is dying over and over again.
cache.log says:
(squid)[0x80a167d]
/lib/i686/libpthread.so.0[0x4015d47e]
(squid)[0x42028c48]
(squid)[0x420c12db]
(squid)[0x420bd350]
(squid)(regexec+0x65)[0x420c2df5]
(squid)(vfprintf+0x2b06)[0x804d966]
or just the cache.log
TIA
Alex
What manual? man 8 squid_ldap_group?
Greetings
Christoph
-Originalnachricht-
Von: Henrik Nordstrom
An: Keppner, Christoph
Cc: '[EMAIL PROTECTED]'
Gesendet: 19.12.2003 02:45
Betreff: Re: [squid-users] squid_ldap_group authentication against Active
Directory
On Thu, 18 Dec 2003, Keppner,
Duane Wessels ha scritto:
and actually configuration:
cache_mem 64 MB
cache_swap_low 85
cache_swap_high 90
maximum_object_size 65536 KB
maximum_object_size_in_memory 24 KB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir diskd /var/cache/spool/0 28000 96 256
Hi!
I maybe didnt explain good in last mail here.
Here's what I need to do:
Use NTLM only for logging in access.log to use for delay pools (all fit in one
pool, while few users in different pool).
All users should be allowed to use proxy, without being prompted for login/passwd
information.
Ok looks like my one parents cache is corrupt, when I start squid with
'squid -S' it runs the swap check and then restarts it's check with the
following failure :
2003/12/19 13:01:03| assertion failed: store_rebuild.c:79: store_errors ==
0
Is there any way to save the cache, or do I have to start
Dear Henrik,
Thank you so very much for your reply.
Here is the LDADD line in my makefile:
##
LDADD = -L$(top_builddir)/lib -lmiscutil -lldap -llber $(XTRA_LIBS)
##
But I don't know how should I alter this to
Is it possible to configure squid to authenticate user from both domains
without users typing username and pass?
Only if there is a trust between the domains.
Yes. there is a trust.
Can you give me some way to go?
Lot's of sites and FAQs would be appreciated.
Thanks
Elton S. Fenner
I'm using the fallowing segment of configuration in our squid.conf to
archive some spreading across several IP's to minimize some limitations
imposed by some sites by IP address (traffic, simultaneous access,
etc)
acl outaddr1 src 0.0.0.0/0.0.0.3
acl outaddr2 src 0.0.0.1/0.0.0.3
acl outaddr3 src
Hi !!
Is there a way to choose wich requestes are going through a
external_acl_type?
For example, can I configure all requests coming from localhost to not go
through a external_acl_type that verifies the Windows group that the user
belongs to?
Thanks in Advance,
Carlos.
Hi !!
Is there a way to choose wich requestes are going through a
external_acl_type?
For example, can I configure all requests coming from localhost to not go
through a external_acl_type that verifies the Windows group that the user
belongs to?
Thanks in Advance,
Carlos.
On 19 Dec 2003, Elton S. Fenner wrote:
Is it possible to configure squid to authenticate user from both domains
without users typing username and pass?
Only if there is a trust between the domains.
Yes. there is a trust.
Can you give me some way to go?
See the documentation
Please see the Squid FAQ on reporting bugs.
Regards
Henrik
On Fri, 19 Dec 2003, Marcin Bartnik wrote:
Hello ,
I have a problem with my squid. Squid is dying over and over again.
cache.log says:
(squid)[0x80a167d]
/lib/i686/libpthread.so.0[0x4015d47e]
(squid)[0x42028c48]
On Fri, 19 Dec 2003, Gregory Machin wrote:
I have a number squid proxies on my network the one child proxy is set =
to use the primary proxy as perant, but the requests aren't being =
displayed in the logs.
Then the child is not using the parent.
cache_peer ns2.ct-net.org parent 3128 3130
On Fri, 19 Dec 2003, Keppner, Christoph wrote:
What manual? man 8 squid_ldap_group?
Yes.
Regards
Henrik
On Fri, 19 Dec 2003, Alex Sharaz wrote:
or just the cache.log
Just cache.log. And it does not make much of a difference on most OS:es
anyway.
Regards
Henrik
On Fri, 19 Dec 2003 [EMAIL PROTECTED] wrote:
Is there a way to choose wich requestes are going through a
external_acl_type?
Yes, by using http_access.
For example, can I configure all requests coming from localhost to not go
through a external_acl_type that verifies the Windows group
Henrik Nordstrom wrote:
On Fri, 19 Dec 2003, Niksa Franceschi wrote
Here's what I need to do:
Use NTLM only for logging in access.log to use for delay pools (all fit in one
pool, while few users in different pool).
I don't think ntlm works properly in delay_access at the moment..
It
On Fri, 19 Dec 2003, Henrik Steffen wrote:
Unfortunately, I can not even force a reload of the page by issuing
a super-reload. It always hangs.
Why does this happen?
What can I do against it?
Do you have any parent proxies? (normal or transparent)
Even if I try a
GET
Hi to all,
whith tcpdump I can see that squid, forwarding a POST query, omits some
lines in the HTTP header.
I belive this can cause problems, is it possible?
Do you know how can I avoid this?
This is the HTTP request whith the omitted lines ( is cutted output)
--- Start HTTP request
Hello Henrik,
thanks for your answer,
Do you have any parent proxies? (normal or transparent)
no, there are no other proxies involved.
Then for some reason Squid can not get a reply from this server. This will
force a bypass any cached copies.
mh, from the squid access_log I can see,
Hello everybody.
I am thinking to install a squid server cluster but we have only 2
machines, 1 would have squid + dansguardian + delay pools + acl in one
machine, another the same plus the redirector used for the cluster
software (linuxvirtualserver or ultramonkey). I wanna install 2 machines
On Fri, 19 Dec 2003, Henrik Steffen wrote:
mh, from the squid access_log I can see, that squid performs a
TCP_HIT/200.
Have you configured your Squid to ignore reload requests?
in my opinion, squid believes that the page IS cached, which it actually
IS at a certain rate (perhaps 50 %) ...
On Fri, 19 Dec 2003, Niksa Franceschi wrote:
So is it possible how to use NTLM only for loggin of usernames which use NTLM
aware browsers, while other are logged only by IP (and *all* need to be able to
use
proxy, without being prompted for password)?
You could try using the browser
On Fri, 19 Dec 2003, Daniele Ricci wrote:
Hi to all,
whith tcpdump I can see that squid, forwarding a POST query, omits some
lines in the HTTP header.
I belive this can cause problems, is it possible?
I know of no such issues in Squid.
What I can think of is if you maybe have told Squid
On Fri, 19 Dec 2003, Carlos Martínez-Troncoso Cera wrote:
Hello everybody.
I am thinking to install a squid server cluster but we have only 2
machines, 1 would have squid + dansguardian + delay pools + acl in one
machine, another the same plus the redirector used for the cluster
software
With it you could write some rules to deny any HTTP request that
contains
any login credentials:
Where do I go to understand how to create such rules? I'm not very
knowledgeable about structure of rules; I've only created ACLs that
block websites (launch.yahoo.com; gator.com; these are very
Hi,
Henrik Nordstrom wrote:
On Fri, 19 Dec 2003, Daniele Ricci wrote:
Hi to all,
whith tcpdump I can see that squid, forwarding a POST query, omits some
lines in the HTTP header.
I belive this can cause problems, is it possible?
I know of no such issues in Squid.
What I can think of is if you
thank's for your reply:
i'm monitoring median_select_fds
this morning with 150req/sec
select_loops = 280.262863/sec
select_fds = 1502.051748/sec
average_select_fd_period = 0.000660/fd
median_select_fds = 3.984375
thin evening with 40req/sec
select_loops = 383.217992/sec
select_fds =
Henrik,
We are using here Squid and DansGuardian, with the following configuration:
Squid - DansGuardian Squid (same instance as the first one)
All works fine, if we don´t use external_acl_type to determine who is going
through DansGuardian, and who is not.
When we use it, our cache.log
Henrik,
We are using here Squid and DansGuardian, with the following configuration:
Squid - DansGuardian Squid (same instance as the first one)
All works fine, if we don´t use external_acl_type to determine who is going
through DansGuardian, and who is not.
When we use it, our cache.log
On Fri, 19 Dec 2003, Daniele Ricci wrote:
I have no header_access directive in my squid.conf, nor
anonymize_headers directive.
I'm using squid-2.5.SABLE3 (my boss's decision), can this help you?
I know for sure that Squid-2.5.STABLE3 does not do any of the kind unless
explicitly
On Fri, 19 Dec 2003, Eric Geater 12/12/03 wrote:
With it you could write some rules to deny any HTTP request that
contains any login credentials:
Where do I go to understand how to create such rules?
There was an example acl for the purpose in the message sent by Duane. You
then use this
On Fri, 19 Dec 2003, OTR Comm wrote:
Yes, Squid has permission to run the redirector. Squid runs as 'nobody'
and the redirector is owned by 'nobody' with 755 permissions.
The user nobody also needs at least read access to the directory
where 'orsquidGuard' lives, and all parent directories
hi:
I am trying to help someone setup his PIX firewall to use Squid. Problem is
he doesn't know how to configure the PIX and I don't have one to even try to
figure it out, but this seems like a very basic task for a firewall.
Does anyone have a PIX that has done this? If so, do you have any
On Fri, 19 Dec 2003, Giulio Cervera wrote:
select_loops = 280.262863/sec
select_fds = 1502.051748/sec
average_select_fd_period = 0.000660/fd
median_select_fds = 3.984375
And you are positively sure half_closed_clients is off?
(I do remember you saying it was, but just want to make sure)
The
On Fri, 19 Dec 2003, Travis Bullock wrote:
I have the squid up and running nicely with NCSA authentication, currently
testing on my own XP machine with IE6. I would like the users credentials to
expire every 15 minutes as per request from management.
This has to be done in the browser. It is
On Fri, 19 Dec 2003, Duane Wessels wrote:
I think this would have to be a new feature. We could probably
hack Squid so that it send a 401 Unauthorized response every so
often.
Tried this and it does not work, at least not with MSIE. It simply retries
using the old login a couple of times
On Fri, 19 Dec 2003, David O wrote:
I am trying to help someone setup his PIX firewall to use Squid. Problem is
he doesn't know how to configure the PIX and I don't have one to even try to
figure it out, but this seems like a very basic task for a firewall.
If the PIX supports WCCP this is
On Fri, 19 Dec 2003, Eric Geater 12/12/03 wrote:
I didn't understand what I saw; that's what prompted my reply. I can
put something in my ACLs, but I'd like to know the implications behind
its structure. Something simple like gator.com is self-explanatory, but
I just didn't understand what
- Original Message -
From: Carlos Alan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, December 19, 2003 8:03 AM
Subject: ERROR: Could not send signal
Hy,
I'm not to running my squid, when I try (/usr/sbin/squid -kdebug) I
receive
the message squid: ERROR: Could not send
Hi,
I've implemented a simple .pac file in a workstation. I've told IE to look
for the .pac file on the workstation as opposed to the webserver.
This setup works fine.
When I try telling IE to look for the .pac file using the URL of the web
server, IE just hangs.
here's my .pac file
48 matches
Mail list logo