On Mon, 25 Feb 2008, Henrik Nordström wrote:
sön 2008-02-24 klockan 03:54 +1100 skrev Tim Connors:
I am having trouble on two machines on two completely different networks,
both using squid -- for months now, a reasonably portion of the time,
squid fails to get through to google.com.au
On Sun, 24 Feb 2008, Adrian Chadd wrote:
There's only a small number of things you have to do to setup WCCPv2.
* configure/compile squid with the relevant transparent interception option.
For you its --enable-linux-netfilter IIRC.
* enable ip forwarding in linux
* create gre
* point GRE
Please see the access.log below:
# tail -f access.log |grep all.js|grep MISS
1203926657.352189 222.136.187.144 TCP_MISS/200 27617 GET
http://r14-js.mail..com/zh_CN/htmledition20080131/js/all.js -
FIRST_UP_PARENT/RES application/x-javascript
1203926657.750114 221.11.92.130
Hello,
I'm running squid-2.7 for reverse-proxy (primarily use its http/1.1 features).
But I got many warnings in cache.log:
2008/02/25 15:48:09| ctx: exit level 0
2008/02/25 15:48:09| ctx: enter level 0:
'http://res-js.mail..com/zh_CN/htmledition20080131/js/all.js'
2008/02/25 15:48:09|
oops I think this is a *bug*.
If the client send http/1.1 and is encoding acceptable, squid works normally.
If the client is not encoding acceptable, squid can't cache the object
for this IP the first time, even though there have been many other
clients requested the same object.
That's to say,
On Mon, Feb 25, 2008 at 8:07 AM, Henrik Nordström
[EMAIL PROTECTED] wrote:
fre 2008-02-22 klockan 12:48 +0530 skrev Arun Shrimali:
Is there any way that browser pop up for the username and password,
because the said method disclose the password to all and that could be
a security issue
Kirtimaan wrote:
Hello Shishir,
I tried the command you mentioned below and it worked.
Now I can access ftp in active mode. Can you provide some hint what
ip_nat_ftp module exactly do ? I know its not squid related directly,
but it might help me to understand how this kernel module allowed
Hello there,
I have a bit problem while majoring the squid performance now.
There are many TIME_WAIT connections left on the squid port by using high
performance http client machine, and then the next connection can not
connect the squid. The client machine has capability to send up to 10,000
What exactly is your question? When using SquidGuard for instance after
processing it's own rules Squid passes the requests through SquidGuard
which, enables you to write access rules and used black/white lists much
more efficiently that by including them in the squid.conf What exactly are
you
I need to config squid for reverse-proxy for this destination:
1) if clients are http/1.0 compatible, squid send http/1.0 to
original-server and response to clients with http/1.0 content.
2) if clients are http/1.1 compatible, squid send http/1.1 to
original-server and response to clients with
On Mon, Feb 25, 2008, Manoj_Rajkarnikar wrote:
I have much simpler setup working on CentOS x86_64 2.6.23 and cisco
7204VXR IOS version 12.2(46a). squid version 2.6 STABLE17:
Which IOS release specifically? Could you throw me a show version ?
I'll start a wiki page with known good versions of
HI
I've managed to get wpad.dat to work on most of our PCs, using automatic
detect settings on internet explorer (with versions from 6 to 7).
Now I have 2 problems:
1 - some pc's always ask for credentials when using the auto proxy
configuration. If I choose the proxy manually, everything goes
Martin, Jeremy wrote:
We have been using squid for about a year now and have worked through most of
our issue. However we have one issue that we have not been able to resolve as
of yet. We use NTLM auth through our Active Directory and all is good until a
user tries to check there email
If you think so then please submit a bugzilla bug.
Just be sure to turn on header logging and log the request and reply headers in
the access.log .
There's not enough in the normal log files to always figure out whats going on.
Mime/header logging is very, very helpful when debugging. :)
mån 2008-02-25 klockan 17:30 +1100 skrev Tim Connors:
So it's already meant to be doing this (by caching bad status, I presume
you mean it doesn't keep trying that ip?)? Is that perhaps in the 3.x
branch? One host that has this wrong is an ancient distribution with
2.5.STABLE14 on it
mån 2008-02-25 klockan 13:57 +0530 skrev Arun Shrimali:
I have tried the said method also ftp://[EMAIL PROTECTED]/, but I found the
following error ( I have the ftp username as reso.ac.in)
While trying to retrieve the URL: ftp://[EMAIL PROTECTED]/
The following error was encountered:
HTTP header contents please.
Accept-*
Vary
Cache-Control
mån 2008-02-25 klockan 16:22 +0800 skrev J. Peng:
oops I think this is a *bug*.
If the client send http/1.1 and is encoding acceptable, squid works normally.
If the client is not encoding acceptable, squid can't cache the object
for
mån 2008-02-25 klockan 15:51 +0800 skrev J. Peng:
Hello,
I'm running squid-2.7 for reverse-proxy (primarily use its http/1.1 features).
But I got many warnings in cache.log:
2008/02/25 15:48:09| ctx: exit level 0
2008/02/25 15:48:09| ctx: enter level 0:
sön 2008-02-24 klockan 22:09 -0500 skrev Martin, Jeremy:
We have been using squid for about a year now and have worked through
most of our issue. However we have one issue that we have not been
able to resolve as of yet. We use NTLM auth through our Active
Directory and all is good until a
Squid still doesn't support HTTP/1.1 replies to clients.
Its not a full HTTP/1.1 proxy.
Adrian
On Mon, Feb 25, 2008, J. Peng wrote:
I need to config squid for reverse-proxy for this destination:
1) if clients are http/1.0 compatible, squid send http/1.0 to
original-server and response to
Hello squid users,
I'm a bit puzzled here. I was recently asked to setup a squid box with
the following requirements:
when people would hit http://example.com/srv1 that request should go to
server1
and http://example.com/srv2 and that request should go to server2
I have tried the following,
$ squid -v
Squid Cache: Version 2.6.STABLE14
My
/var/log/daemon.log is full of the following:
squid[5392]: storeLocateVary: Not our vary marker object,
43E2DD2D7801D5D6331A51EF390585F6 =
'http://pbskids.org/sesame/images/menubar_grover.jpg',
mån 2008-02-25 klockan 17:59 +0900 skrev S.KOBAYASHI:
Hello there,
I have a bit problem while majoring the squid performance now.
There are many TIME_WAIT connections left on the squid port by using high
performance http client machine, and then the next connection can not
connect the
mån 2008-02-25 klockan 17:22 +0800 skrev J. Peng:
I need to config squid for reverse-proxy for this destination:
1) if clients are http/1.0 compatible, squid send http/1.0 to
original-server and response to clients with http/1.0 content.
Why?
HTTP operates better if each hop advertises the
Does this mean the server is behaving wrong ? It is a out of the box Apache
2 install (except the authentication module).
Or must the browser send in that case Proxy-Authorization AND
WWW-Authorization (e.g Firefox does whereas IE7 does not) ?
Or should squid stay with Proxy-connection:
Chris Malek wrote:
Hello squid users,
I'm a bit puzzled here. I was recently asked to setup a squid box with
the following requirements:
when people would hit http://example.com/srv1 that request should go to
server1
and http://example.com/srv2 and that request should go to server2
I have
Regarding the gre tunnel, does the IP address on the the gre0 interface
have to be unique, or can it be the same address, or a dot1q trunked
address? I was hoping to use one physical network interface to do the
GRE tunnel and the squid daemon. This would require subinterfaces and
dot1q
Hello Henrik,
Thank you for replying. The reson why I need to clean TIME_WAIT connection
immediately is that most of the TCP lisnten port become full in the short
period.
My http emulater can send the HTTP packet very fast, so most of squid listen
ports being full in 30 seconds without keep alive,
Your problem is something else, not the TIME_WAITs on the listen port.
more likely TIME_WAIT on the client site is a problem, as these blocks
free source ports for making outgoing connections.
tis 2008-02-26 klockan 08:53 +0900 skrev S.KOBAYASHI:
Hello Henrik,
Thank you for replying. The
I got it. I'll check client's packet sequence.
Thanks a lot.
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 26, 2008 9:15 AM
To: S.KOBAYASHI
Cc: 'Squid Users'
Subject: RE: [squid-users] I want to purge too many
TIME_WAITsimmediatelyafter
On Thu, 2008-02-21 at 09:30 +0900, S.KOBAYASHI wrote:
I almost clear chain now however I have a bit more questions.
My thoughts not only processing ICAP is as bellow.
ICAP chain has only ability to connect to next service, or before go to next
service, squid or previous service can
On Sat, 2008-02-23 at 00:37 +1300, Amos Jeffries wrote:
J. Peng wrote:
On Fri, Feb 22, 2008 at 7:05 PM, Amos Jeffries [EMAIL PROTECTED] wrote:
J. Peng wrote:
how to make squid support gzip compression?
most useragents and web servers support gzip compression feature, how
to
On Mon, Feb 25, 2008 at 8:19 PM, Adrian Chadd [EMAIL PROTECTED] wrote:
If you think so then please submit a bugzilla bug.
Just be sure to turn on header logging and log the request and reply headers
in the access.log .
How to turn on it please tell me? thanks.
I'm wondering why we require squid -z before starting up Squid for
the first time. Is there some reason why Squid shouldn't do this
automatically when necessary?
Just wondering.
Ric
Hello Henrik,
If squid (for reverse-proxy) send back http/1.1 response to http/1.0
client, the client will get errors.
Please see this screencut for full details (including headers):
http://home.arcor.de/pangj/requesterror.JPG
Or you can test it, just add:
58.251.62.10r19.mail.qq.com
On Tue, Feb 26, 2008 at 10:37 AM, J. Peng [EMAIL PROTECTED] wrote:
Hello Henrik,
If squid (for reverse-proxy) send back http/1.1 response to http/1.0
client, the client will get errors.
Please see this screencut for full details (including headers):
36 matches
Mail list logo