Try decreasing maximum_object_size_in_memory to the default.
Regards
Henrik
On Tue, 12 Oct 2004, Jeremy wrote:
Hey,
This is the version of squid and compile options used.
Thanks,
--jeremy
Squid Cache: Version 2.5.STABLE6
configure options: --prefix=/usr --bindir=/usr/bin --exec-prefix=/usr
--sbin
On Wed, 13 Oct 2004, Brad Larden wrote:
Anyway, I would like to go back to the previous setup I had where squid prompts for
username/password but no matter what I do I can't make it do this.
Can anyone please give me a pointer to an accurate how-to ?
Just comment out any "auth_param ntlm .." lines
On Tue, 12 Oct 2004, Alejandro Barcena wrote:
I want to setup a transparent cache. But I can't find where does it break.
I'm sending the www trafic to squid with a cisco css 11000 series. I'm using
RedHat Linux 9 with kernel 2.4.20-8smp and iptables.
How does it break?
A description of the sympt
Hi:
I use squid 2.5 stable6 . Work on httpd-accelerator mode.and I use
--enable-ssl to make the squid.Then I set "https_port 443
cert=/etc/squid/squid.pem" in squid.conf .Now my Squid can accept https
request.but when squid server recerve https request ,he connect the real
web server USE h
Hi:
I use squid 2.5 stable6 . Work on httpd-accelerator mode.and I use
--enable-ssl to make the squid.Then I set "https_port 443
cert=/etc/squid/squid.pem" in squid.conf .Now my Squid can accept https
request.but when squid server recerve https request ,he connect the real
web server USE h
On Tue, 12 Oct 2004, Strickland, Lawrence P wrote:
Where are the archives?
http://www.squid-cache.org/mailing-lists.html#squid-users
Regards
Henrik
Hi Folks,
I have been trying to get NTLM authentication going and had it working where it
prompts for username/password, then went further and had it doing autolookups.
This is great but the access.log ends up with 3 entries for every item grabbed which
sucks but I understand it's due to the M$
Strickland, Lawrence P wrote:
> Where are the archives?
Multiple locations - see the Squid-Users section of the Mailing Lists page.
http://www.squid-cache.org/mailing-lists.html
Adam
Hey all,
OK. I am running Fedora Core2. Squid must have been installed via RPM when
I did the install because all the files were there. I was having problems
getting squid to use the nsca_auth param in my squid.conf. I put the entry
in but instead of asking for a username and passwd when I point
I want to setup a transparent cache. But I can't find where does it
break. I'm sending the www trafic to squid with a cisco css 11000
series. I'm using RedHat Linux 9 with kernel 2.4.20-8smp and iptables.
I have done:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i eth0 -
> Thanks. I will check it.
>
> Thx & Rgds,
>
> Awie
>
> - Original Message -
> From: "Muthukumar" <[EMAIL PROTECTED]>
> To: "Awie" <[EMAIL PROTECTED]>; "Squid-users" <[EMAIL PROTECTED]>
> Sent: Tuesday, October 12, 2004 6:43 PM
> Subject: Re: [squid-users] New ACL feature
>
>
> >
> > > The
Where are the archives?
Hey,
This is the version of squid and compile options used.
Thanks,
--jeremy
Squid Cache: Version 2.5.STABLE6
configure options: --prefix=/usr --bindir=/usr/bin --exec-prefix=/usr
--sbindir=/usr/sbin --localstatedir=/var --mandir=/usr/share/man
--sysconfdir=/etc/squid --libexecdir=/usr/lib/squ
On Tue, 12 Oct 2004, Zara Trousk wrote:
http_port 80 accel defaultsite=www.xxx.co.mz
https_port 443 accel cert=/etc/squid/cert.crt key=/etc/squid/key.key \
defaultsite=www.xxx.co.mz
cache_peer http.server.ip parent 80 0 no-query originserver \ name=www-http
cache_peer https.server.ip parent 443 0
On Tue, 12 Oct 2004 [EMAIL PROTECTED] wrote:
CLIENT --> SQUID 2.4STABLE7 --> Proxy Bluecoat --> WEB
I studied the behavior of SQUID proxy with the entirety of codes HTTP. In
fact, I modified code HTTP sent by the bluecoat proxy when it sends
POLICY_DENIED page when a customer wishes to go on a por
On Tue, 12 Oct 2004 [EMAIL PROTECTED] wrote:
I could do this when using manually defined users in passwd and PROXY_AUTH
required but cannot see how I might do it with dynamic active directory
groups. Can anyone help ?
See the wbinfo_group helper.
helpers/external_acl/wbinfo_group/
The usage is iden
Hi,
I'm new to the list, I don't know if this problem was already posted and sorted out.
I have a scenario where I have squid 3.0PRE3 on a DMZ and an internal https server. I
would like squid to work as accelerator for my internal https server. I already tried
many configs, and none of them se
- Réacheminé par Florent BEYSSAC/CNEDI06/CNAF le 12/10/2004 17:38 -
|-+--->
| | Florent BEYSSAC |
| | CNEDI06 |
| | |
| | 12/10/2004 16:57|
| |
Hey all !
I have NTLM authorisation working with Samba v3.07 and Squid 2.6. However
I would like to be more granular over my access controls. For example I'd
like to allow members of the active directory group 'full-web' to have
full Internet access, the active directory group 'super-web' to ha
On Tue, 12 Oct 2004, Muthukumar wrote:
acl src IP-address-start-IP-end/netmask
acl TRAINING_PC src 192.168.193.3-9/24
If you specify a netmaks then the ranges you specify must be networks, not
host addresses. And the addresses on both sides of the range needs to be
in quad dotted format.
I.e. i
On Tue, 12 Oct 2004, Hennie Rautenbach wrote:
Can I specify 192.168.193.3-9 ?
Yes, except that it has to be full IP addresses on both sides of the range
192.168.193.3-192.168.193.9
Regards
Henrik
On Tue, 12 Oct 2004, Awie wrote:
The version 2.5S7 has new acl types req_hdr and resp_hdr to match arbitrary
HTTP headers, useful to block certain malware/spyware etc. However, I cannot
find the sample of such ACL in FAQ. Where can I get info how to configure
it?
See squid.conf.default, it is just
* Henrik Nordstrom <[EMAIL PROTECTED]>:
> >It's set to the default here (on). I just changed all three proxies to
> >"off".
>
> Ok. Hopefully that should cure the problem for now.
I hope so. It happened the first time here in YEARS.
> To try to correlate what the request may causing this probl
On Tue, 12 Oct 2004, Spam wrote:
In fact, if it had indeed been this, then it could have been traced
through the logs as x-mime/messenger requests are logged.
The other strange thing I noticed about this is that the network
utilization didn't really go up.
If the bug is the half_closed_clients rela
On Tue, 12 Oct 2004, Ralf Hildebrandt wrote:
It's set to the default here (on). I just changed all three proxies to
"off".
Ok. Hopefully that should cure the problem for now.
Anyone experiencing this problem with "half_closed_clients off"?
In any event it would be really good to nail down what is c
On Tue, 12 Oct 2004 [EMAIL PROTECTED] wrote:
The OpenLDAP is installed on:
/opt/openldap/
Then you need to tell this to the build process.. if not it will still
find and prefer the OS provided LDAP SDK.
make AM_CPPFLAGS="-I/opt/openldap/include" AM_LDFLAGS="-L/opt/openldap/lib" all
should work I
Muthukumar wrote:
acl TRAINING_PC src 192.168.193.3 192.168.193.4 192.168.193.5
192.168.193.6 192.168.193.7 192.168.193.8 192.168.193.9 192.168.193.61
192.168.193.63
Can I specify 192.168.193.3-9 ? Is there a way, other that to use
netmasks to prevent typing them one by one ?
We can use range
>
> Hi,
>
> i´m new to this list but have played arroung with squid in
> former times for a while.
>
> right now, i want to add a squid to a ms isa 2004 parent proxy.
>
> authentification is no point right now, but any note on using
> the integrated windows-security would be nice.
>
>
>
> acl src IP-address-start-IP-end/netmask
>
> acl TRAINING_PC src 192.168.193.3-9/24
Change netmask 32 or 255.255.255.255 as,
acl TRAINING_PC src 192.168.193.3-9/32
24 will be respresenting network there.
>
> Refer http://squid.visolve.com/squid/squid24s1/access_controls.htm#acl for example
>
> acl TRAINING_PC src 192.168.193.3 192.168.193.4 192.168.193.5
> 192.168.193.6 192.168.193.7 192.168.193.8 192.168.193.9 192.168.193.61
> 192.168.193.63
>
> Can I specify 192.168.193.3-9 ? Is there a way, other that to use
> netmasks to prevent typing them one by one ?
We can use range of ip-ad
> The version 2.5S7 has new acl types req_hdr and resp_hdr to match arbitrary
> HTTP headers, useful to block certain malware/spyware etc. However, I cannot
> find the sample of such ACL in FAQ. Where can I get info how to configure
> it?
squid FAQ is not updated now. Try to see squid.conf.defau
Hi,
i´m new to this list but have played arroung with squid in former times for a while.
right now, i want to add a squid to a ms isa 2004 parent proxy.
authentification is no point right now, but any note on using the integrated
windows-security would be nice.
the problem i have is, that
Hi there,
Is there a way I can specify a range of IP addresses, which are in
sequence, in an ACL without specifying them one by one ?
E.g. to prevent having to type:
acl TRAINING_PC src 192.168.193.3 192.168.193.4 192.168.193.5
192.168.193.6 192.168.193.7 192.168.193.8 192.168.193.9 192.168.193
All,
The version 2.5S7 has new acl types req_hdr and resp_hdr to match arbitrary
HTTP headers, useful to block certain malware/spyware etc. However, I cannot
find the sample of such ACL in FAQ. Where can I get info how to configure
it?
TIA for your advise.
Thx & Rgds,
Awie
* Henrik Nordstrom <[EMAIL PROTECTED]>:
> On Mon, 11 Oct 2004 [EMAIL PROTECTED] wrote:
>
> >This is strange, I saw the same thing happen today on our Squid server.
> >It's just a single with no peers, but usage went from it's normal 18% to
> >99% and stayed there for more than an hour.
>
> What
On Tue, 12 Oct 2004, Peter Schulz-Kraus wrote:
I want to filter cookies and I'm
looking for a way to do this
without Privoxy or Junkbuster.
See the header_access directive
Regards
Henrik
On Tue, 12 Oct 2004, Gareth Seneque wrote:
2004/10/12 16:47:53| Done reading /var/cache2 swaplog (2048 entries)
FATAL: storeAufsDirCloseTmpSwapLog: rename failed
Verify that the permissions on /var/cache2 is set correctly.
Regards
Henrik
On Mon, 11 Oct 2004 [EMAIL PROTECTED] wrote:
I'm trying to configure our http-accelerator squid not to cache certain URLs,
and thought
I'd ask you guys if I'm doing it right:
acl QUERY urlpath_regex cgi-bin \? \.do \/admin\/ \/jive\/
no_cache deny QUERY
Will this block URLs that contain:
?
cgi-bi
Doubtful.
I was using IPtraf to watch for that kind of thing, and nothing
appeared out of the ordinary.
In fact, if it had indeed been this, then it could have been traced
through the logs as x-mime/messenger requests are logged.
The other strange thing I noticed about this is that the network
u
On Mon, 11 Oct 2004 [EMAIL PROTECTED] wrote:
Is there a way to tell squid to log all 3 things on one line like apache
does?
http://devel.squid-cache.org/old_projects.html#customlog
Regards
Henrik
On Mon, 11 Oct 2004 [EMAIL PROTECTED] wrote:
This is strange, I saw the same thing happen today on our Squid server.
It's just a single with no peers, but usage went from it's normal 18% to
99% and stayed there for more than an hour.
What is your half_closed_clients setting? If in the default "on
On Mon, 11 Oct 2004, Strickland, Lawrence P wrote:
Will this work as an SSL tunel as well?
No, but it would work in https proxy mode.
(one SSL client<->proxy, another SSL proxy<->internal web serer)
If you need SSL client<->web server then you need to use NAT or TCP plugs
to forward the connection
>
> MSN messenger was down during that period, do u observed an
> increased in SYN
> packet count?
Not that I know off. Very much doubt whether this is related
though (MSN Messenger down).
'Rise of the SQUID Cache, I will Terminate it ! :-)
>
> Hi all
>
> I had to replace a dead mirror disk on one of our boxes today.
> I replaced the disk (did a metadb -d of the metadatabase on the dead
> disk, detached the dead submirrors, replaced the disk, etc etc) and
> then squid died.
> Now when i try to restart it, i get the following erro
Hello,
I want to filter cookies and I'm
looking for a way to do this
without Privoxy or Junkbuster.
Does anyone know a program or
plugin, which can handle this
(and only this!) . .
Greetings, Peter
* Ralf Hildebrandt <[EMAIL PROTECTED]>:
> Same here this morning. It started at about 12:00 CEST, and lasted for
> 1-2h. All our proxies were affected and we didn't see any sign of
> runaway clients hammering away at hundreds of connection per second.
>
> The load just spiked.
Got some nice grap
Hi all
I had to replace a dead mirror disk on one of our boxes today.
I replaced the disk (did a metadb -d of the metadatabase on the dead
disk, detached the dead submirrors, replaced the disk, etc etc) and
then squid died.
Now when i try to restart it, i get the following error:
2004/10/12 16:47
47 matches
Mail list logo