On Friday 27 June 2014 11:58 AM, Nishant Sharma wrote:
On Friday 27 June 2014 10:05 AM, Amos Jeffries wrote:
acl even src 0.0.0.0/0.0.0.1
tcp_outgoing_address wan1 even
tcp_outgoing_address wan2 !even
wan1 wan2 in the config are the actual WAN IP Addresses (IPv4) and NAT
rules are
On Thu, 2014-06-26 at 18:03 +0300, Eliezer Croitoru wrote:
On 06/25/2014 04:06 PM, Jasper Van Der Westhuizen wrote:
As a matter of interest, in my cache logs I see many lines like these
2014/06/25 14:52:58 kid1| WARNING: swapfile header inconsistent with
available data
2014/06/25
On 27/06/2014 6:43 p.m., Nishant Sharma wrote:
On Friday 27 June 2014 11:58 AM, Nishant Sharma wrote:
On Friday 27 June 2014 10:05 AM, Amos Jeffries wrote:
acl even src 0.0.0.0/0.0.0.1
tcp_outgoing_address wan1 even
tcp_outgoing_address wan2 !even
wan1 wan2 in the config are the actual
On 27/06/2014 6:53 p.m., Jasper Van Der Westhuizen wrote:
On Thu, 2014-06-26 at 18:03 +0300, Eliezer Croitoru wrote:
On 06/25/2014 04:06 PM, Jasper Van Der Westhuizen wrote:
As a matter of interest, in my cache logs I see many lines like these
2014/06/25 14:52:58 kid1| WARNING: swapfile
On Friday 27 June 2014 12:34 PM, Amos Jeffries wrote:
Ah, Squid-3 is using CIDR masking. Sorry should have remembered earlier
how strict this is.
The two /25 subnets (or groups of /26 etc) is the way to go.
Thanks for the clarification. So, would it be possible in future?
I don't know how
Hi Sharma,
would using a random ACL for outgoing IP selection be good enough?
Francesco
On Fri, Jun 27, 2014 at 9:18 AM, Nishant Sharma codemarau...@gmail.com wrote:
On Friday 27 June 2014 12:34 PM, Amos Jeffries wrote:
Ah, Squid-3 is using CIDR masking. Sorry should have remembered
Hi Francesco,
On Friday 27 June 2014 01:35 PM, Kinkie wrote:
Hi Sharma,
would using a random ACL for outgoing IP selection be good enough?
Francesco
random ACL with sticky outgoing IP per client to take care of HTTPS
and badly designed HTTP portals which log a user off if his/her source
Hi, we are running a squid 3.4 in accel mode for one https site. We
frequently see somthing like
PUT https://domain.com/file.txt HTTP/1.1 0 0
TCP_MISS_ABORTED:FIRSTUP_PARENT
I tried to find out what this should mean; does it tell me that the
parent did not respond in time or does this
On Fri, 2014-06-27 at 19:06 +1200, Amos Jeffries wrote:
On 27/06/2014 6:53 p.m., Jasper Van Der Westhuizen wrote:
On Thu, 2014-06-26 at 18:03 +0300, Eliezer Croitoru wrote:
On 06/25/2014 04:06 PM, Jasper Van Der Westhuizen wrote:
As a matter of interest, in my cache logs I see many
How about contacting google for advise?
They are the one that forces you to the issue.
They don't like it that you have a 1k clients behind your IP address.
They should tell you what to do.
You can tell them that you are using squid as a forward proxy to
enforce usage acls on users inside the
Hello,
Is it possible to set read_timeout value to a negative value in order to
have infinite timeout on this event ?
I use Squid Cache: Version 2.7.STABLE9, I try to set read_timeout to
-1 but I have some assert in commSetTimeout() which crash squid daemon.
Thanks
I have setup a squid 3.3.9 with ssl-bump enabled.
When i access through transparent mode its working fine but when i use proxy
address in my borrower (non transparent mode) its not working.
Following is my squid configuration:
visible_hostname 10.10.16.56
http_port 10.10.16.56:3127 intercept
Hello,
I use squid 3.4.5 and sslbump works great for the most big sites like
google and facebook
There are some destinations, which share there ip with other virual
webserver, so the client gets a default certificate from the server with a
wrong CN. With SNI the client get the right
OK, if i understand a negative read_timeout value reset global structure
of timeout.
So, is a 0 value for read_timeout token in squid conf file means no
timeout ?
Thanks for your answer
On 06/27/14 14:43, Jeremy Hustache wrote:
Hello,
Is it possible to set read_timeout value to a
That's very odd. I'd try calling them... There are quite a few folks blocking
proxies these days. What I do is remove the via and forwarded for headers with
the following command:
check_hostnames off
forwarded_for delete
via off
I realize this breaks the RFC, but lest be blocked if detected as
On 06/27/2014 07:44 AM, Dieter Bloms wrote:
I use squid 3.4.5 and sslbump works great for the most big sites like
google and facebook
There are some destinations, which share there ip with other virual
webserver, so the client gets a default certificate from the server with a
wrong
On 06/27/2014 07:56 AM, Jeremy Hustache wrote:
OK, if i understand a negative read_timeout value reset global structure
of timeout.
So, is a 0 value for read_timeout token in squid conf file means no
timeout ?
I did not check Squid2 sources, but AFAICT, Squid3 does not treat a zero
On 06/27/2014 09:00 AM, Lawrence Pingree wrote:
forwarded_for delete
via off
I realize this breaks the RFC,
More importantly, it breaks Squid's loop detection mechanism. In many
environments, breaking that mechanism creates an easy-to-abuse Squid DoS
attack vector.
Modern Squids have a
I am running a non-caching reverse proxy using version 3.3.10.
My squid.conf is currently clocking in 60k lines (not including
comments or blank lines). Combined with the conf files in my conf.d
directory, I have a total of 89k lines in configuration.
I have definitely noticed -k reconfigure
I am monitoring my squid server via SNMP and graphing in Cacti. Of
particular importance to me is the number of clients which is a graph
of the cacheClients statistic (1.3.2.1.15.0). The graph shows we reach
a maximum of 1300 clients.
This seems a bit odd to me as we only have around 200 users.
My squid.conf is 3380 bytes, and 99 total lines, with around 35 lines
blank or commented out. If you had been upgrading from any 3.1 or older
squid, they had a LOT of unnecessary lines in there for TAG related
entries and excess documentation of every little line.
Mike
On 6/27/2014 2:51 PM,
On 06/27/2014 02:11 PM, Matthew Ceroni wrote:
I am monitoring my squid server via SNMP and graphing in Cacti. Of
particular importance to me is the number of clients which is a graph
of the cacheClients statistic (1.3.2.1.15.0). The graph shows we reach
a maximum of 1300 clients.
This
[serverIP],[clientIP],
4012,692,498,GET,200,º^_x°*,username,20/Jun/2014:00:06:36
The log format you used does not match this log line. The format produces:
[squid-listening-IP],[clientIP],
4012,692,498,GET,200,º^_x°*,username,20/Jun/2014:00:06:36
Thanks for the correction. To expand
23 matches
Mail list logo