Hi amos, two precisions:
in MT, an infinite loop can be only on one thread and affect only
performance of other threads and block the infinite looped thread. I
don't know if squid is MT, but i think --with-pthread have an interest.
My squid doesn't use disk cache (you have all my configuration
I have setup Squid as a reverse proxy with more than 10 websites behind it.
I am using custom 404 and 500 error pages which are shown, regardless of
which site is being accessed.
Is there a way I can target each site with a specific 404 page?
So in the example config below, I would like
Hi
With squid 3.3.4 (4 workers configured) the value Number of clients
accessing cache within the output of squidclient mgr:info is not
increasing (always 0). Is this a known problem or probably a bug?
Thanks a lot.
Tom
I had a similar issue just recently...
The only option I found is that you can use deny_info and send a redirect to a
different URL for those error cases you are interested in.
Like this: deny_info http://hostname/%H/error-icap.html ERROR_ICAP
Then you have to have an Apache or similar
Greetings!
I have a problem with enabling of ssl_bump on my proxy.
When I'm trying to do it, only small amount of https requests succeeds,
all others are failing and every fail causes squid restart.
I tried to set debug_options ALL,9 in squid.conf and that's what i
found in cache.log:
Hi!
I need to figure out why we have mostly cache-misses for css and js files.
The typical tricks seem not to help:
refresh_pattern .css 300 50% 3600 override-expire override-lastmod
reload-into-ims ignore-reload ignore-no-cache
Are there any recommended debug levels for use with
On 16/05/2013 7:06 p.m., Tom Tom wrote:
Hi
With squid 3.3.4 (4 workers configured) the value Number of clients
accessing cache within the output of squidclient mgr:info is not
increasing (always 0). Is this a known problem or probably a bug?
Do you have the squid.conf directive client_db off
On 16/05/2013 9:11 p.m., Martin Sperl wrote:
I had a similar issue just recently...
The only option I found is that you can use deny_info and send a redirect to a
different URL for those error cases you are interested in.
Like this: deny_info http://hostname/%H/error-icap.html ERROR_ICAP
Hey All, I've followed
http://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute
guide and have my IPTABLE Firewall correctly routing HTTP traffic. My
Firewall and Squid are different devices.
Client -- RouterA -- DMZ(Squid) -- RouterA -- Internet
I verified traffic is getting
I've tried adding
http_port 8080 intercept
http_port 8080 transparent
http_port 8080 tproxy
http_port 8080
I don't understand how squid will ever get the Datagram, because the
packets arrive with a destination IP that is not Squid's...so the upper
layers will never be passed up to Squid.
That did the trick, thank you.
On Thu, May 16, 2013 at 1:40 PM, Amos Jeffries squ...@treenet.co.nz wrote:
On 16/05/2013 7:06 p.m., Tom Tom wrote:
Hi
With squid 3.3.4 (4 workers configured) the value Number of clients
accessing cache within the output of squidclient mgr:info is not
Hi all,
after tests and debug level increased to 5, i am sorry to say: nothing
found...
Le 2013-05-16 08:40, loic.blot a écrit :
Hi amos, two precisions:
in MT, an infinite loop can be only on one thread and affect only
performance of other threads and block the infinite looped thread. I
On 17/05/2013 1:04 a.m., jimmah6786 wrote:
I've tried adding
http_port 8080 intercept
http_port 8080 transparent
http_port 8080 tproxy
http_port 8080
I don't understand how squid will ever get the Datagram, because the
packets arrive with a destination IP that is not Squid's...so the upper
Yes these rules are i the -t nat table. So is it suppose to be a DNAT on the
Squid box?? Which will NAT to itself? I thought REDIRECT will only translate
the port and not touch the IP information??
Still stuck with Policy Based Routing working correctly to the squid box,
but Squid not
On 17/05/2013 2:33 a.m., jimmah6786 wrote:
Yes these rules are i the -t nat table. So is it suppose to be a DNAT on the
Squid box?? Which will NAT to itself? I thought REDIRECT will only translate
the port and not touch the IP information??
REDIRECT is a special sub-type of DNAT which allows
I just checked, and it looks like RP filter is disabled on the Squid box.
root@squidproxy:~# cat /proc/sys/net/ipv4/conf/all/rp_filter
0
root@squidproxy:~# cat /proc/sys/net/ipv4/conf/eth0/rp_filter
0
root@squidproxy:~# cat /proc/sys/net/ipv4/conf/lo/rp_filter
0
root@squidproxy:~# cat
Here's a visual of the topology
Internet---eth0--RouterA --eth1.100 --- DMZ(192.168.1.0/24)
Squid (192.168.1.5)
-- eth1.110
---ClientNet(192.168.0.0/24) ClientPC (192.168.0.150)
--
View this message in context:
When we were doing this we were using a redirector that would
rewrite
the URL.
I will try something with Dansguardian code, maybe rewrite url ?
Many thanks for the answers, according to what I hear around the
place same problem with others products.
Yes, it would be a
Guys,
I ran some more tests.
Only authentication with 'Basic' - worked on devices inside and outside
the domain, but asks for password;
With only authentication 'Kerberos' - worked in the domain and does not
prompt for password;
Authentication 'Kerberos' and 'Basic':
1 - worked in the domain
On 05/16/2013 07:08 AM, loic.blot wrote:
after tests and debug level increased to 5, i am sorry to say: nothing
found...
When I suggested that you collect logs, I did not expect _you_ to
analyze them. If they are not empty, others may be able to find what is
wrong with your Squid (if
On 05/15/2013 08:47 PM, Amos Jeffries wrote:
On 16/05/2013 5:14 a.m., Alex Rousskov wrote:
On 05/15/2013 07:41 AM, Amos Jeffries wrote:
On 16/05/2013 1:06 a.m., Martin Sperl wrote:
Hi!
We came across a strange bug in squid in regards to icap and
request_header access.
It is a bug alright.
Hi Alex,
thanks for your reply. I have tried to analyse my logs, but... nothing
and this is also disapointed because nothing special is in the logs, and
when we look at them, all seems normal.
Can the FD system limit cause this problem ? I have a system FD limit
of 2048 and squid limit of 1024.
If the PC which is not in the domain has WINS configured via DHCP you should
also be able to use Kerberos with user@DOMAIN and domain password in the
popup.
Markus
Delton del...@bnpapel.com.br wrote in message
news:51954355.1000...@bnpapel.com.br...
Guys,
I ran some more tests.
Only
Okay, so what is the '%H' for?
I want to host these error pages off the squid server its self.
At the moment I have it working for every 404/500 error, regardless of
the site trying to be accessed.
--
Paul
sima...@operamail.com
On Thu, May 16, 2013, at 09:11 AM, Martin Sperl wrote:
I had
Thanks for the replies. There are actually a lot of differences between
each of these files, so I need them to be separate.
I understand what %H does now but I'm having a strange problem.
I have created a file called errorsite1404.html and put it in my
templates folder.
The following lines
On 17/05/2013 4:45 p.m., Paul Ch wrote:
Thanks for the replies. There are actually a lot of differences between
each of these files, so I need them to be separate.
I understand what %H does now but I'm having a strange problem.
I have created a file called errorsite1404.html and put it in my
26 matches
Mail list logo
