With Rock store, what's the best way to calculate the database size ?
For example with:
cache_dir rock /cache1 13 max-size=?
Thank
Le 17/11/2011 05:14, Kaiwang Chen a écrit :
Hi all,
It's more than one year since first RC version became available. Is it
still beta release, not ready for production environment yet?
I am eager to try SMP scaling workers, just not sure about current state.
Thanks,
Kaiwang
Of course I can't s
Maybe a problem with /var/cache/RockStore-0 directory ? Permission ?
- Mail original -
De: "David Touzeau"
À: squid-users@squid-cache.org
Envoyé: Mardi 22 Novembre 2011 17:35:37
Objet: [squid-users] [3.2.0.13]: DiskIO/IpcIo/IpcIoFile.cc for RockStore / No
such file or directory
Dear
I
Please add swap-timeout like this
workers 2
cache_dir rock /cache1 13 max-size=31000 max-swap-rate=250 swap-timeout=350
cache_dir rock /cache2 13 max-size=31000 max-swap-rate=250 swap-timeout=350
Under 250 I have
2011/11/23 09:21:28 kid1| DiskIO/IpcIo/IpcIoFile.cc(137) openCompleted: err
> Please add swap-timeout like this
>
> workers 2
> cache_dir rock /cache1 13 max-size=31000 max-swap-rate=250
> swap-timeout=350
> cache_dir rock /cache2 13 max-size=31000 max-swap-rate=250
> swap-timeout=350
> Under 250 I have
I meant with max-swap-rate under 250
No problem with 3.2.0.13-2029-r11445 without transparent mode
There is something interresting in access.log ?
- Mail original -
De: "David Touzeau"
À: squid-users@squid-cache.org
Envoyé: Jeudi 1 Décembre 2011 09:58:47
Objet: Re: [squid-users] SECURITY ALERT: Squid Cache: Version 3.2.
>
> Yes, welcome to the host header forgery mess. I don't know who
> benefited from this but a lot of people got bitten by it.
>
> I mentioned this first day
> http://bugs.squid-cache.org/show_bug.cgi?id=3325
>
> Anyone doing ANYCAST will be screwed (and a whole lotta people do
> that).
>
> p4
Hi,
I'm testing Delay pools with 3.2.0.13-20111206-r11454
delay_pools 1
delay_class 1 1
delay_parameters 1 1572864/1572864
delay_access 1 allow all !CONNECT
Delay pools works fine
But when I added ICAP, there are many "suspending ICAP service for too many
failures" in cache.log
Hello,
I wish to limit the bandwidth like this
1) Limit 64000 by user for objects more big than 30 ko
2) Limit global bandwidth to 1625000 - 13MB -
I tried this configuration
acl myusers src 10.0.0.0/8
acl proto-pool port 80 81 21
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 64000/3
Thanks a lot I will try that
- Mail original -
> De: "Amos Jeffries"
> À: squid-users@squid-cache.org
> Envoyé: Mercredi 14 Décembre 2011 01:02:21
> Objet: Re: [squid-users] Delay_pool problem
>
> On Tue, 13 Dec 2011 14:12:48 +0100 (CET), FredB wrote:
> &
- Mail original -
> De: "Amos Jeffries"
> À: squid-users@squid-cache.org
> Envoyé: Mercredi 14 Décembre 2011 01:02:21
> Objet: Re: [squid-users] Delay_pool problem
>
> On Tue, 13 Dec 2011 14:12:48 +0100 (CET), FredB wrote:
> > Hello,
> >
>
- Mail original -
> De: "Will Roberts"
> À: squid-users@squid-cache.org
> Envoyé: Jeudi 15 Décembre 2011 09:05:17
> Objet: [squid-users] FATAL: Ipc::Mem::Segment::create failed to
> shm_open(/squid-squid-page-pool.shm): (13) Permission
> denied
>
> Hi,
>
> I'm trying to use Squid 3.2.0.14
>
> Some such as #21, have somehow used more traffic than was in the
> buffer to begin with and have a negative value available. They will
> not
> be able to read anything until the 64K refill has raised their
> values
> back to positive again.
>(I _think_ this is related to uploads wh
>
> Now, I'm seeing "254:64000" for my address, and my client navigation
> is stopped
>
> it's like I reached a limit who stop the connection, I mean it's not
> more slow I'm just waiting (long time) with no return, so I should
> press the "stop" button for navigate again
> After that there is n
Le 19/12/2011 18:12, Terry Dobbs a écrit :
Hi All.
I just installed squid3 after running squid2.5 for a number of years. I
find after reloading squid3 and trying to access the internet on a proxy
client it takes about 2 minutes until pages load. For example, if I
reload squid3 and try to access
>
> 3.2.0.14 with a couple of custom patches is working 9 days without
> any single assert or segfault, doing steady 200 reqs/sec. It took
> almost a year to get to this point for me.
>
> I have very simple configuration: no caching, no workers, no ipv6, no
> SSL, no icap, almost any possible
Hello all,
Actually I'm using squid with ldap authentication
auth_param basic program /usr/lib/squid/squid_ldap_auth -b
ou=People,dc=ldap,dc=test -h 192.168.1.1:389
auth_param basic realm PASSWORD
auth_param basic children 100 startup=50 idle=20
Now I want to secure clients authentication, but
>
> In order to move to the more secure auth methods usually requires a
> config setting in the LDAP to enable support for secure
> authentication
> tokens instead of a password. If you are lucky the LDAP server
> already
> has that turned on and you only need to add other authentication LDAP
> h
- Mail original -
> De: "Amos Jeffries"
> À: squid-users@squid-cache.org
> Envoyé: Mercredi 11 Janvier 2012 11:45:33
> Objet: Re: [squid-users] Silly warning about over disk limits
>
> On 11/01/2012 11:24 p.m., alex sharaz wrote:
> > Getting the following on my 3.2...79 snapshot:-
> >
>
- Mail original -
> De: "Alex Crow"
> À: squid-users@squid-cache.org
> Envoyé: Dimanche 8 Janvier 2012 20:04:46
> Objet: [squid-users] Delay pools and ICAP issue in 3.2
>
> Hi Amos, all,
>
> I continue testing 3.2 as promised after a brief hiatus (XP clients,
> NTLM auth, external ACLs o
> Objet: [squid-users] Assertion failed error causing worker process to restart
>
> Hi,
> Running squid 3.2 snapshot starting up with -SYC and seeing
>
> 2012/01/12 16:06:30 kid8| Beginning Validation Procedure
> 2012/01/12 16:06:30 kid8| UFSSwapDir::doubleCheck: MISSING SWAP FILE
> 2012/01/12
Please open a bug report on Bugzilla
Note that Squid 3.2 is still unstable in production, however I think it's
almost good now.
> 10:45:59 kid7 -> I'm using two workers - with diskd - maybe you should try
> with less
- Mail original -
> De: "alex sharaz"
> À: squid-users@squid-cache.o
>
> I removed just the patch 10394. After a half hour, no more messages
> and the proxy works without
> problem. Just as reference, before, I usually got something like
>
> I'm not sure that this appeared just after start up or not. I should
> probably let it run for some
> longer time (one or t
Hi,
I'm searching the good method for using request_header_replace with acl (dst)
acl test dst 10.1.1.0/24
request_header_access Via allow test
request_header_access Via deny all
request_header_replace Via 1.1 toto
Sadly my header always contain toto
>
> request_header_access is a fast ACL so it can't do DNS lookups to
> find
> the dst IP address itself.
> It also only has access to details in the HTTP request headers and
> src
> IP address.
>
> Using dstdomain ACL on the requested domain name it should work.
>
> NP: using the server connec
Hi,
I take time to test the cache behavior with different versions
I just get a picture and refresh
Squid 3.0 STABLE 25
10.1.1.1 - - [07/Feb/2012:14:52:48 +0100] "GET
http://animals.nationalgeographic.com/staticfiles/NGS/Shared/StaticFiles/animals/images/1024/giant-squid2-lw.jpg
HTTP/1.1" 200
> You mean removing it has no effect on the HIT/MISS result and status?
> You should expect just about everything to be a MISS when that QUERY
> setup is used.
>
> That whole QUERY definition is a redundant pattern.
> => the second value 'ig?' is a complex way of writing 'i'.
> => the letter
Hi David
Have you something like segfault in kern.log ? If yes, maybe you have this bug
http://bugs.squid-cache.org/show_bug.cgi?id=3490
Squid crash and I need press f5 to refresh
- Mail original -
> De: "David Touzeau"
> À: squid-users@squid-cache.org
> Envoyé: Jeudi 23 Février 2012
>
> Hi all.
>
> Currently I have 3 servers running with squid and haproxy balancing
> ahead of them.
> It works perfectly.
> Now I want to block porn sites, viruses, external proxies, etc ...
> I tried dansguardian and squidguard, but slows down my squid and I do
> not like.
>
> I can use?
>
>
Hi all,
Amos, like I said in bug report, Squid 3.2 is very stable with your last fix,
and Alex's patch which is not already included in truck, and I would like to
know the schedule for an official stable release, approximately of course
(before this summer, end of year ?)
I had reported some p
http://www.squid-cache.org/Versions/v3/3.HEAD/ +
http://bugs.squid-cache.org/attachment.cgi?id=2640&action=diff is the most
stable
About rock store, for me, it's not yet ready for production.
The first benefit is the cache disk sharing, without rock the squid's process
(workers) are independen
- Mail original -
> De: "Amos Jeffries"
> À: squid-users@squid-cache.org
> Envoyé: Jeudi 8 Mars 2012 03:11:40
> Objet: Re: [squid-users] Squid 3.2: segfault at 0 ip (null) sp bfa8e03c
> using iptables + transparent mode
>
> On 08.03.2012 12:51, David Touzeau wrote:
> > Dear,
> >
> > I
> De: "Alex Rousskov"
>
> >> I had reported some problems with rock store but maybe it can be
> >> consider like an experimental feature for the moment ?
> >
> > It is experimental until there has been at least one stable cycle
> > of
> > wide use to wrinkle out any minor bugs and edge cases. I
Hi all,
Maxconn seems doesn't works with last squid 3.2.0.16
I'm trying
acl userslimit src 192.168.0.0/16
acl 3conn maxconn 3
http_access deny 3conn userslimit
client_db on
grep 192.168.80.194 /var/log/squid/access.log | grep 2012:17:48:43 | wc -l
10
And no ban
Maybe I misconfigured some
>
> Duration and overlap of those connections matters. If they were all
> serviced in less than 100ms and closed it is possible they all took
> place one after another sequentially with no more than 1 open at a
> time.
>
> maxconn allows up to 3 *simultaneous* connections. Opening three then
> c
> Bit suspicious yes.
>
> Tried apachebench (ab) with concurrency level 10? or anything like
> that
> which can guarantee multiple simultaneous connections for the test?
>
> Amos
Yes, a little script who make many wget recursive + I navigate with firefox,
after I watch access.log and read 20 c
> > Bit suspicious yes.
> >
> > Tried apachebench (ab) with concurrency level 10? or anything like
> > that
> > which can guarantee multiple simultaneous connections for the test?
> >
> > Amos
>
> Yes, a little script who make many wget recursive + I navigate with
> firefox, after I watch acces
Hi,
I'm trying ldap and digest with squid 3.2.0.16, the authentication seems works,
but unfortunately I can only navigate just one time
1) squid start
2) Open firefox, first cnx deny -> normal
192.168.80.194 - - [14/Mar/2012:09:54:40 +0100] "GET http://www.google.fr/
HTTP/1.1" 407 1861 "-" "M
>
> Hi,
>
> I'm trying ldap and digest with squid 3.2.0.16, the authentication
> seems works, but unfortunately I can only navigate just one time
>
> 1) squid start
>
> 2) Open firefox, first cnx deny -> normal
> 192.168.80.194 - - [14/Mar/2012:09:54:40 +0100] "GET
> http://www.google.fr/ HTTP
Hi,
I'd like to know if there is a way to mix Ldap digest and basic ? This year I
want migrate my users progressively
How I can, if I can, use ldap basic and ldap digest on same proxy ? A user with
good attribute on digest and otherwise with ldap basic
Thanks
Hi,
I'm working with a squid like concentrator for different networks, and I want
limited the traffic by user, so i defined my network range in class A like
10.0.0.0/8
But sadly I saw that delay_pool doesn't works with this network's class
#
# The delay pool classes are:
#
#
>
> On 23/03/2012 7:11 a.m., FredB wrote:
> > Hi,
> >
> > I'm working with a squid like concentrator for different networks,
> > and I want limited the traffic by user,
>
> Limiting the traffic by user is class-4 pools type.
>
> > so i d
Hi,
Maybe I misconfigured something but I found a very strange behaviour with
Digest and squid 3.2.
The problem is When a user is connected with his good login/password and he
close and reopen his navigator, he can change his
login by another ID with nonce valid (even without password !)
For e
> Hi Fred,
>
> I think you're seeing this:
>
> http://bugs.squid-cache.org/show_bug.cgi?id=3186
>
> --Will
>
>
Thanks !
And this also fix -> http://bugs.squid-cache.org/show_bug.cgi?id=3522
Do you use workers ? Unfortunately I also have a problem with SMP and digest
http://bugs.squid-cach
Hi,
I read that maxconn directive use only the direct IP addresses, my problem is
that I'm working with Danguardian tool for filtering and it works before squid.
Previously I had this (almost) kind of problem with delay pools resolved by an
acl on ldap account.
There is a way to use the user's
>
> maxconn is a inbound connection limit. Squid cannot reasonably
> control
> TCP connections which are made by other software to DG since Squid
> has
> no part in those connections. There is simply no relevance limiting
> maxconn on anything except the real TCP/IP details.
Yes, but like there
> Hi,
>
> i have a very exciting question. (Well, actually it is exciting for
> me
> only). I have 3 identical squid servers with squid-2.7.STABLE5.
> There is a Cisco content switch witch a common ip address for the 3
> servers for load balancing and failover purposes.
> There is a common dns
Firewall problem with passive/active ? Just try on shell
ftp ftp.free.fr -> with password and login anonymous anonymous
> [02/May/2012:11:44:55 +0200] "GET ftp://ftp.free.fr/ HTTP/1.0" 504
> > 3190 "-" "Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101
504 mean Gateway Timeout: The server
- Mail original -
> De: "Will Roberts"
> À: "FredB"
> Envoyé: Lundi 18 Juin 2012 15:24:22
> Objet: Re: [squid-users] Squid 3.2.0.14 using 100% cpu and not responding
>
>
>
> Yes, I am using digest authentication with that setup. Is t
Hello,
I'm trying to migrate squid 3.0 STABLE 25 to Squid 3.2.0.19, all seems works
except one very strange thing.
There is a cache_peer like this
cache_peer 10.x.x.x parent 3128 0 no-query login=PASS proxy-only no-digest
no-netdb-exchange - (10.x.x.x run with basic ident)
After this there ar
> Please update to the stable release 3.2.1.
>
> With 3.2 you have "debug_options 11,2" which will produce a full
> trace
> of HTTP headers in cache.log which will greatly help understanding
> why
> the 502 occured. (careful about size and confidential info if this is
> used on a production machi
hello,
I'm trying to migrate on digest sheme, the problem is that many clients doesn't
works in this case - incompatible - for example wget.
So I need a negotiate identification scheme, or something similar like: If
digest fail the user try the second ident method.
1 - Digest
2 - Ldap basic
I
Thanks Amos,
I found something strange with nonce, the nonce seems never change
nonce_max_count
auth_param digest nonce_max_count 10
auth_param digest check_nonce_count yes
auth_param digest nonce_strictness on
http://www.squid-cache.org/Doc/config/auth_param/
With wireshark I'm seeing my non
>
> I found something strange with nonce, the nonce seems never change
> nonce_max_count
>
> auth_param digest nonce_max_count 10
> auth_param digest check_nonce_count yes
> auth_param digest nonce_strictness on
>
> http://www.squid-cache.org/Doc/config/auth_param/
>
> With wireshark I'm seein
Hello,
I saw that some browsers are no RFC compliant about http pipelining
I found this:
Firefox 2: 2
Firefox 3+: 6
Opera 9.26: 4
Opera 12: 6
Safari 3: 4
Safari 5: 6
IE 7: 2
IE 8: 6
IE 10: 8
Chrome: 6
Squid support pipelining ? or it serializes pipelined request ?
I
Hello,
With latest version squid 3.2.7, pragma: no-cache seem doesn't work like
before, it's very annoying with some admin page ...
Sites with this values are in cache, with previous version no.
Hypertext Transfer Protocol
HTTP/1.1 200 OK
Server: nginx/0.7.6
Date: Fri, 22 Feb 2013 08
>
> This is an intentional change in behaviour which comes from upgrading
> Squid to perform the HTTP/1.1 protocol properly.
> http://squidproxy.wordpress.com/2012/10/16/squid-3-2-pragma-cache-control-no-cache-versus-storage/
>
> Please note the detail:
> "
> When sent on a server response:
>
>
Hello,
Can someone explain to me why some of the values of HIT usage are negative ?
Hits as % of all requests: 5min: 57.7%, 60min: 54.0%
Hits as % of bytes sent:5min: -226.7%, 60min: -127.9%
Memory hits as % of hit requests: 5min: 26.0%, 60min: 22.3%
> Objet: [squid-users] HIT negative value
>
> Hello,
>
> Can someone explain to me why some of the values of HIT usage are
> negative ?
>
> Hits as % of all requests: 5min: 57.7%, 60min: 54.0%
> Hits as % of bytes sent:5min: -226.7%, 60min: -127.9%
> Memory hits
With iptraf I saw 20/30 % of difference between my lan and wan network
interface, so squid seem works good
Are you using delay_pool ?
Hello all
With a deny acl https://toto.com Does not return an access denied page but
leads to an error message in the browser, just "Cannot display the website".
So, I'm trying something like
acl toto dstdomain .toto.com
http_access deny toto
deny_info 307:http://mypage.com toto
Without more s
> "It depends"... are these reverse-proxy https_port requests?
> intercepted
> https_port requests? intercepted and ssl-bumped https_port requests?
> ssl-bumped CONNECT requests? or just regular CONNECT requests?
>
>
> Amos
>
Just regular CONNECT requests, and basic acl, nothing more
Thanks
> Objet: Re: [squid-users] Denied pages for HTTPS requests
>
> Hi,
>
> browsers are not reacting as you expect with a redirection after a
> https ( request with method CONNECT ). They do not follow the
> redirection.
>
Arrgh, So there is no way to add a simple page or a message ? Most of the t
> WIth 307 they are supposed to repeat the CONNECT to the new address.
> Which can be a problem when you are changing protocols.
>
> 303 is probably your best bet for CONNECT. Many of the browsers
> simply
> reject anything other than successful tunnel opening. But at least
> 303
> specifies that
>
>
> Great thanks, I have something new now
>
> with firefox there is message about dns
>
> http://https//test.toto.com
> Name Error: The domain name does not exist.
>
> Maybe a problem with my rule ?
>
> acl toto dstdomain .toto.com
> http_access deny toto
> deny_info 303:https://www.googl
> Oh great. Firefox were one of the two (and Opera) I seem to remember
> this working for. Good to know they screwed it up somehow.
>
> Amos
>
Right, no success with IE 9 and no problem with Firefox
But maybe it's a kind of security problem about firefox (redirect http to https
without any mes
> I don't know if it is a feature or not but recent versions of IE will
> either display a blank page or tell you the connection is broken if
> you
> try to redirect https or give it a http response.
yes, problem still the same with https page, https to https
> In the past I had success returni
>
> When we were doing this we were using a redirector that would rewrite
> the URL.
I will try something with Dansguardian code, maybe rewrite url ?
>
> > Many thanks for the answers, according to what I hear around the
> > place same problem with others products.
>
> Yes, it would be a comm
> >
> > When we were doing this we were using a redirector that would
> > rewrite
> > the URL.
>
> I will try something with Dansguardian code, maybe rewrite url ?
>
> >
> > > Many thanks for the answers, according to what I hear around the
> > > place same problem with others products.
> >
>
Hello,
I'm watching something strange with digest and squid
With an url like this
http://www.hercules.com/thumb/phpThumb.php?q=95&w=110&h=110&src=D:\inetpub\www.hercules.com\fichier\h_photo\883\photo_file_eplugnano500.715.png&f=jpeg&bg=FF
Squid breaks the identification and loop to replay u
Ok, sorry the fix was here http://bugs.squid-cache.org/show_bug.cgi?id=3077
,for 3.3.9 or later, so I should migrate
About this http://bugs.squid-cache.org/show_bug.cgi?id=3782 it can be also
applied to 3.3 ?
Thank
Hello,
I'm trying to use squid with two identifications mode, first digest and second
basic, all works without problem except one point
auth_param basic credentialsttl 1 hours
The proxy never claim the username and pass after 1 hour, so I found no way for
forcing the replay with digest
squid s
> Objet: [squid-users] Replay Auth
>
> Hello,
>
> I'm trying to use squid with two identifications mode, first digest
> and second basic, all works without problem except one point
>
> auth_param basic credentialsttl 1 hours
>
> The proxy never claim the username and pass after 1 hour, so I fo
>
> What do you mean by "claim" ?
I would mean no banner
>
> The browser is expected to deliver credentials on every request and
> the
> proxy validate them. The credentialsttl is only about how often Squid
> has to query the backend to validate them. When the TTL expire the
> authenticator ba
> I have an idea and TODO list entry for making that happen. But nobody
> has yet sponsored teh few days work that will take and my spare time
> has
> been dedicated towards other more interesting developments.
>
Unfortunately I am not qualified to do, but I think this should be a really
useful
> I have just one problem for the moment, sometimes the ident banner
> appear twice I guess there is a problem about user()->expiretime =
> current_time.tv_sec place when the user is beyond two minutes
> without browsing the timer is expired again, I will investigate ...
>
No I'm wrong no proble
Hello,
Do you think I should do a patch for 3.3 ? It should be useful ?
I'm thinking about a new option like
auth_param basic credentialslogout 2 hours
Regards
Fred
Hello again Amos,
Today I made a (ugly) patch for squid 3.2.13, who changes the credentialsttl
behaviour
With auth_param basic credentialsttl 1 minute the user must replay his ident
(of course if the negotiation is the second, BASIC).
Better - for me - ! The digest (first identification) is pr
> Hello
>
> I use the authentication method digest, I have try the method basic
> and it works. But this method is not secure because the password is
> in clear.
> If anyone knows a way to make it work with the method "digest", I am
> interested in your answer.
>
> Thanks
>
> Mickael
>
Hello
3.3 is already a stable release, meaning brand new options/features are
no longer accepted. The only exception ther eis if some major security
hole is fixed by adding one or backports of existing squid-2 features.
Neither of which seems to applicable here.
FWIW "logout" is not a concept relevan
> > Are you sure it is Squid and not something else in the system?
> there is nothing on system but squid and named and what is clear in
> top
> command that squid is taking 100% CPU some times
> and when try to strace to this process while it's hanging the strace
> hangs without going into proce
>
> When the students go to gmail.com, the authentication pop-up just
> keeps occurring. The student can cancel out of it and get logged in,
> but it still keeps doing it and will never accept the password. They
> just have to keep cancelling out of it. I authenticate with my ldap
> server. H
Hi,
I made a patch for BASIC ident for squid 3.3.11
http://numsys.eu/divers/squid/auth.patch by adding a new state CRED_BANNED = -3
Beyond credentialsTTL value, there is a re-authentication with pop-up
Hope this can help
Fred
> Tried to compile it with patch applied but not yet working completely
> (first time i tried compiling it myself).
> I guess I’m doing something wrong because I don’t get the helpers
> anywhere, but it seems to start the the helpers that came with my
> squid3 debian package as well. (which is squ
> Fred, have you ever tested your solution on a ios7 iPad with safari?
> I’m seeing different behavior between my android 4.0 (chrome
> browser) and my iPad. The android in general behaves more as
> expected than the iPad.
>
> Wim
>
>
Which differences exactly ?
Only tested with Firefox and IE
> I now have implemented FredB’s idea into my own basic helper in php,
> which says ERR when the credential expire date time is in the past.
> That seems to work also for iPads :)
> That expire date time can be set (to now + xx min) via a php page and
> correct credentials.
>
Can you post your h
Take a look here:
http://bugs.squid-cache.org/show_bug.cgi?id=3536
Hello,
I'm wondering if there is way to force an identification method for only some
users ?
I'm using digest and basic with success and my problem is that the users can
choice the method
1) first pop-up = digest
2) second = basic
If a user cancel the first banner he can pass with the second
With squid 3.4.5 my logs are broken now
10.x.x.x - fred [0%edR] "GET
http://www.squid-cache.org/Versions/v3/3.4/changesets/ HTTP/1.0" 200 7799
TCP_MEM_HIT:HIER_NONE "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0)
Gecko/20100101 Firefox/29.0"
logformat test %>a %[ui %[un [%tl] "%rm %ru HTTP/%rv"
Doh ! I saw
http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13135.patch
Ok works for me, sorry
I meant, sorry because I know where to look before asking ...
I agree there is no stupid question, but in this case yes :)
Fred
> This is way strange, especially since gmail is in https, which means
> that even if it wanted, squid could not see the traffic nor,
> obviously, cache.
> What do you see in access.log?
>
>
> --
> kinkie
>
In my case nothing special, because this is no related with the cache
I think ther
> FYI, config attached.
>
> The same config works without CPU spikes in 3.3.
>
> Alex
>
>
>
Can you try with delay_access 1 allow !CONNECT (for each rule)
>
> Can you try with delay_access 1 allow !CONNECT (for each rule)
>
I forgot http://bugs.squid-cache.org/show_bug.cgi?id=2907
Try without delay_pool or at least without CONNECT method and delay_pool
Fred
96 matches
Mail list logo
