Thanks for the quick response Marcus.
The reason I need to limit computer account and not user account is
that people here move out to distant branches and the internet access
policy is to allow to the position they hold, and thus the computer
they will use.
I've successfully setup the kerberos
In my log, I'm getting:
Sep 13 08:10:39 proxy-cbf-1 squid[13350]: Broken FTP Server at 141.20.1.43. 522
error missing protocol negotiation hints
Sep 13 08:12:09 proxy-cbf-1 squid[13350]: Broken FTP Server at 141.20.1.43. 522
error missing protocol negotiation hints
What exactly am I supposed
Hi everyone,
I have a problem when accessing http://smallsteps4life.direct.gov.uk/
through squid.
When accessing the site directly the site is properly formatted, when
accessing through squid the site appears 'unformatted', some of the
images do not load and it looks as if the CSS has not been
Hi,
did check it with SQUID3.1.8 on FreeBSD, and have no problems whatsoever.
HTH,
Thanks and regards
Goetz R. Schultz
I intend to live forever - so far, so good.
===
Verify the GnuPG-Sig at www.goetz.co.uk
Get the rootcertificate at
Dear Squidders
I am setting up a reverse proxy so we can move from a temporary Apache Reverse
proxy.
It works fine for all the Domains/Urls Hosted etc..
But if I go to the IP of the Proxy I get URL could not be retrived page with
the proxy details, obvioulsy I would rather nto have this
On 09/15/2010 07:20 AM, twintu...@f2s.com wrote:
Dear Squidders
I am setting up a reverse proxy so we can move from a temporary Apache Reverse
proxy.
It works fine for all the Domains/Urls Hosted etc..
But if I go to the IP of the Proxy I get URL could not be retrived page with
the
On 15/09/10 20:47, Ralf Hildebrandt wrote:
In my log, I'm getting:
Sep 13 08:10:39 proxy-cbf-1 squid[13350]: Broken FTP Server at 141.20.1.43. 522
error missing protocol negotiation hints
Sep 13 08:12:09 proxy-cbf-1 squid[13350]: Broken FTP Server at 141.20.1.43. 522
error missing protocol
On 15/09/10 17:18, viswa wrote:
Hi All
is it possible to configure squid to use different DNS server for
different clients ?
example if request from 172.16.1.25 then DNS response from dns-server-1,
otherwise is dns-server-2 ?
No its not.
Fundamentally there is no point to it. The visitor
* Amos Jeffries squ...@treenet.co.nz:
If you set debug_options 9,2 squid will list the FTP messages going on.
That FTP server is publically reachable, incidentially it's
ftp.hu-berlin.de :)
It's running vsFTPd 2.0.1
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité -
tor 2010-09-09 klockan 17:25 -0400 skrev Chris Abel:
Thanks. After spending a lot of time with wccp and trying the tutorial on
squids wiki, I think I have given up. It seems to work before I play
around with my iptables. I say seems because I can actually see gre
traffic on the squid server
Hi everyone,
we are seeing a strange response-time effect over 24 hours when delivering
content via Squid+icap service (3.0.STABLE9 - I know old, but getting something
changed in a production environment can be VERY hard...). Icap server we use is
rewriting some URLs and also rewriting some of
tor 2010-09-09 klockan 23:32 +0100 skrev Markus Moeller:
So it looks like a Firefox issue. Unfortunately I don't have a setup to test
on.
Firefox only speaks SPNEGO to trusted servers. There is an setting in
about:config you need to set to define what is trusted.
Regards
Henrik
Hi,
I got this message in cache.log : Your cache is running out of
filedescriptors
So I increased the FD, but now when starting squid, I got this message :
NOTICE: Could not increase the number of filedescriptor
Steps I follow to increase this FD :
squid.conf :
added instruction max_filedesc
mån 2010-09-13 klockan 11:22 +0200 skrev Michael Grimm:
cache_peer 192.168.1.100 parent 8080 0 originserver no-query
name=server1 forceddomain=server1.mydomain.de
Don't use forceddomain= unless you absolutely have to. And from the rest
of your config it looks like you don't need this.
ons 2010-09-15 klockan 13:20 +0100 skrev twintu...@f2s.com:
What is the best way to either return a blank page? or is there an easy way to
rewrite the request other than in squirm?
Normally you do not need to do any rewrites in a reverse proxy.
Just map the requests to a suitable web server
On 16/09/10 01:01, Martin Sperl wrote:
Hi everyone,
we are seeing a strange response-time effect over 24 hours when delivering
content via Squid+icap service (3.0.STABLE9 - I know old, but getting something
changed in a production environment can be VERY hard...). Icap server we use is
ons 2010-09-15 klockan 14:01 +0100 skrev Martin Sperl:
Hi everyone,
we are seeing a strange response-time effect over 24 hours when delivering
content via Squid+icap service (3.0.STABLE9 - I know old, but getting
something changed in a production environment can be VERY hard...). Icap
did check it with SQUID3.1.8 on FreeBSD, and have no problems
whatsoever.
Thankyou.
Is there anyone else on the list using squid3 as packaged by ubuntu that
could also test the site for me?
Thanks,
Seb
This email carries a disclaimer, a copy of which may be read at
On 09/15/2010 08:12 AM, Amos Jeffries wrote:
Then you face the problem of what the real web servers do with
http://10.0.0.0/something or whatever the IP is. Most likely you see a
fancy error page saying Host does not exist with the server logo and
server details.
Amos
I don't get what
On 16/09/10 01:57, Jordon Bedwell wrote:
On 09/15/2010 08:12 AM, Amos Jeffries wrote:
Then you face the problem of what the real web servers do with
http://10.0.0.0/something or whatever the IP is. Most likely you see a
fancy error page saying Host does not exist with the server logo and
On 15/09/10 23:24, Seb Harrington wrote:
Hi everyone,
I have a problem when accessing http://smallsteps4life.direct.gov.uk/
through squid.
When accessing the site directly the site is properly formatted, when
accessing through squid the site appears 'unformatted', some of the
images do not
On 09/15/2010 08:45 AM, Seb Harrington wrote:
did check it with SQUID3.1.8 on FreeBSD, and have no problems
whatsoever.
Thankyou.
Is there anyone else on the list using squid3 as packaged by ubuntu that
could also test the site for me?
Thanks,
Seb
This email carries a
Hi:
I am trying to understand Squid behavior when server side connection is
pinned (persistent) and pipelining is enabled on both client and server side
in a transparent proxy configuration.
If there are multiple HTTP requests coming from multiple clients for the
same server and if the
I do not believe squid uses a single TCP Persistent Connection for more than
1 client at a time, hence the functionality of Connection Pinning. This is
required to perform things such as NTLM web-based logins.
-
Chad E. Naugle
Tech Support II, x.
ons 2010-09-15 klockan 14:01 +0100 skrev Martin Sperl:
Essentially we see that during peak hours the Average response time is
better than during off-peak hours.
Average response time measured on what?
Measured via the access log of squid.
Every request being handled, or the response
I just tried it on my Ubuntu 10.04 running the std repo squid 3.0.STABLE19-1.
I see the same behavior, running Google Chrome (nightly experimental build).
Interestingly, through Squid, it hangs trying to retrieve something from
http://directgov.stcllctrs.com ... which is in a noscript/noscript
Hi Amos!
Thanks for your feedback.
Squid is still largely IO event driven. If the network IO is less than
say 3-4 req/sec Squid can have a queue of things waiting to happen which
get delayed a long time (hundreds of ms) waiting to be kicked off.
Your overview seems to show that behaviour
Hi Chad - Thanks. How does it work for a single client that has pipelining
implemented. If two GET requests are sent to the server and if
hypothetically ( a poorly implemented) server responds only to the second
GET, how does squid (and the client) map the response to the second request
? If
Amos Jeffries squ...@treenet.co.nz writes:
In the wiki our example sets routing table 100 only on lo. Does changing
that to eth0 or wccp0 make any difference? You can test by creating a
table 100 on all of them individually.
The squid wiki example I am looking at does not have any routing tables.
Manoj Rajkarnikar manoj.rajkarni...@gmail.com wrote in message
news:aanlktimrpzfwid0ehc0cbfchndc7nv=-jstxtngmm...@mail.gmail.com...
Thanks for the quick response Marcus.
The reason I need to limit computer account and not user account is
that people here move out to distant branches and the
ons 2010-09-15 klockan 11:27 -0700 skrev cachenewbie:
I am trying to understand Squid behavior when server side connection is
pinned (persistent) and pipelining is enabled on both client and server side
in a transparent proxy configuration.
In default configuration Squid serializes pipelined
ons 2010-09-15 klockan 17:09 -0400 skrev Chris Abel:
I only have those 2 iptables rules set on my squid bos so I'm not sure how
my iptables could be the problem. This is all of my active iptables
printed out:
iptables-save is recommended for inspecting iptables rules.
but nothing obviously
I have a few questions about squid that the documentation doesn't seem
to cover easily, and some people don't seem to cover it when I do a
Google search, I hope I don't have to adjust the upstream source to get
what I want easily.
1.) When I use Squid as an accelerator it didn't accelerate
On Wed, 15 Sep 2010 20:53:04 +0100, Martin Sperl martin.sp...@amdocs.com
wrote:
Hi Amos!
Thanks for your feedback.
Squid is still largely IO event driven. If the network IO is less than
say 3-4 req/sec Squid can have a queue of things waiting to happen
which
get delayed a long time
Chema cueto chemacg_at_gmail.com
mailto:chemacg_at_gmail.com?Subject=Re:%20[squid-users]%20Upload%20of%20files%20not%20working
writes:
Hi, i've been looking for any information on this problem i have and
have found nothing, my problem isn't the well known problem of the 1MB
limit, it's
On Wed, 15 Sep 2010 17:50:03 -0500, Jordon Bedwell jor...@envygeeks.com
wrote:
I have a few questions about squid that the documentation doesn't seem
to cover easily, and some people don't seem to cover it when I do a
Google search, I hope I don't have to adjust the upstream source to get
what
On 09/15/2010 06:54 PM, Amos Jeffries wrote:
Yes. A problem with the meaning of the word accelerate. What people tend
to mean when they say that is reverse-proxy which has more in relation to
a router than a race horse.
That's intriguing, but understood now.
Be aware that for a period
On Wed, 15 Sep 2010 19:24:40 -0500, Jordon Bedwell jor...@envygeeks.com
wrote:
On 09/15/2010 06:54 PM, Amos Jeffries wrote:
Yes. A problem with the meaning of the word accelerate. What people
tend
to mean when they say that is reverse-proxy which has more in
relation
to
a router than a
When is the url_rewrite_program called?
Is it before ACL matches occur? Or after the http_access tag is matched?
I'm just trying to figure out the flow of events that occur.
Looking for an answer like:
1) http_access is matched, if denied end
2) url_rewrite_program called
Amos Jeffries-2 wrote:
Close, there are some problems:
https_port still needs accel and maybe vhost options to be a real
accelerator.
always_direct prevents the cache_peer config ever being used.
Is the public DNS that clients are connecting to x.appspot.com or
On 09/15/2010 10:24 PM, Amos Jeffries wrote:
On Wed, 15 Sep 2010 19:24:40 -0500, Jordon Bedwell jor...@envygeeks.com
Not DDoS in the malicious sense. Snipped The Rest
I don't know if you've actually read and comprehended most of what I
said throughout all of my emails so I'm just going to cut
I had very similar problem.
My problem was that CSS and javascript files were not loading. after
looking to it closer, I find out that it was due to content filter
(dansguardian). CSS and javascript files were on different domain,
which was blocked.
Do you have content filter installed on your
42 matches
Mail list logo