Hi Folks,
I'm running squid 3.5.14 on slackware linux 64 bit (compiled from source).
When users connect to http://www.oggi.it/global_assets/js/plugins.js?v=1.6
squid crash with the following message:
assertion failed: String.cc:174: "len_ + len < 65536"
I have seen the same error on this
Hi folks,
I would like to know if there is any plan
for adding per user quota (per hour/day)
to a future squid version.
Hi.
I'm try to browse the internet from konqueror
(kde 3.5.4), but it fail to authenticate when
squid is configured with ntlm_auth (that shipped
with squid). If I configure msnt_auth, konqueror
is able to authenticate to squid. Firefox is
working fine with both. Also IE (6sp1) is working
fine.
crash on certain sites. Also found time to finally publish the patch at
devel.squid-cache.org. Please get the updated version from there if you
Just for ask: is there any plan to add http 1.1 support to squid 2.6?
_
Don't just
Hi.
This morning squid 2.6s4, running on Slackware Linux 11.0
with 2.6.18.1 kernel, has crashed after logging this entries:
2006/10/26 04:40:12| logfileRotate: /var/spool/squid/logs/access.log
2006/10/26 04:40:12| helperStatefulOpenServers: Starting 50 'ntlm_auth'
processes
2006/10/26
Henrik Nordstrom wrote:
tor 2006-10-19 klockan 15:43 +0200 skrev Marco Berizzi:
Here is the strace. Clues?
Looks very much like a borked libc.
With a working libc the strace should look like
getrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
setrlimit(RLIMIT_NOFILE, {rlim_cur
Henrik Nordstrom wrote:
tor 2006-10-19 klockan 15:45 +0200 skrev Marco Berizzi:
But I must always specify ./configure --enable-epoll for build squid
with epoll support:
./configure --help
--enable-epoll Enable epoll() instead of poll() or select
Henrik Nordstrom wrote:
option then configure will complain and abort with some instructions on
Really? I am even able to build squid with epoll on slackware 10.1,
but then it fails to start:
comm_select_init: epoll_create(): (38) Function not implemented
See also:
Henrik Nordstrom wrote:
Right. When you use --enable-epoll then Squid doesn't check as carefully
if it is implemented in the kernel,
Ok, but my linux kernel has been built with epoll support.
only that libc (or separate epoll
library) implements the userspace side..
glibc on slackware
Henrik Nordstrom wrote:
tor 2006-10-19 klockan 14:45 +0200 skrev Marco Berizzi:
Ok, but my linux kernel has been built with epoll support.
Well.. the error message says with no doubt the running kernel does not
implement the called function.
It could also be your libc lying to you defining
Henrik Nordstrom wrote:
The configure test can be extended to attempt to call epoll rather
than just testing for compilation.
It already does when not using --enable-epoll. With --enable-epoll it
just checks (and requires) that the function symbol is available.
But I must always specify
Henrik Nordstrom wrote:
tor 2006-10-05 klockan 14:41 +0200 skrev Marco Berizzi:
This problem happens only with the ntlm_auth helper.
I would think it only happens with the ntlm authentication scheme.
Should not be dependent on which helper you use..
Please file a bug report.
Here
Santosh Rani wrote:
backslashes, now it compiled and installed but is not starting.
Any errors?
Santosh Rani wrote:
it does not give any error when I pass the command:
/usr/local/squid/sbin/squid
see /var/log/messages or /var/log/syslog
Even 'cache' direcotory was to be created manually.
You should read the squid manual
(http://www.deckle.co.za/squid-users-guide/Main_Page)
cache
[EMAIL PROTECTED] wrote:
Please send all http_access statements of your squid.conf
This is my full squid.conf
http_port
icp_port 0
cache_mem 64 MB
maximum_object_size 32 MB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF
cache_dir ufs /var/spool/squid/cache
I was forgotting...
I have tested squid2.6STABLE{1,2,3,4}: same behaviour
[EMAIL PROTECTED] wrote:
Please send all http_access statements of your squid.conf
This is my full squid.conf
http_port
icp_port 0
cache_mem 64 MB
maximum_object_size 32 MB
cache_replacement_policy heap LFUDA
This message is from cache.log:
2006/10/05 12:05:50| The reply for GET http://blabla/css/css06a.css is
ALLOWED, because it matched 'concurrent_browsing'
Very tricky isn't it?
Marco Berizzi wrote:
I was forgotting...
I have tested squid2.6STABLE{1,2,3,4}: same behaviour
[EMAIL PROTECTED
Mernoz Rostangi wrote:
can you try:
http_access deny concurrent_browsing
http_access deny !password all
http_access allow password
http_access deny all
instead of:
#http_access deny !password all
http_access deny concurrent_browsing
http_access deny !password all
http_access allow password
Henrik Nordstrom wrote:
tor 2006-10-05 klockan 11:37 +0200 skrev Marco Berizzi:
I was forgotting...
I have tested squid2.6STABLE{1,2,3,4}: same behaviour
Seems to work here..
authenticate_ip_ttl 300 seconds
acl max1 max_user_ip -s 1
http_access deny max1
http_access allow ...
What does
Henrik Nordstrom wrote:
tor 2006-10-05 klockan 11:37 +0200 skrev Marco Berizzi:
I was forgotting...
I have tested squid2.6STABLE{1,2,3,4}: same behaviour
Seems to work here..
authenticate_ip_ttl 300 seconds
acl max1 max_user_ip -s 1
http_access deny max1
http_access allow ...
Found
Chris Robertson wrote:
Marco Berizzi wrote:
I have implemented max_user_ip acl with squid 2.6stable4
but users are able to browse the internet with a single
account from multiple clients (those in the 172.16.0.0/23
class). This is my squid.conf:
authenticate_ip_ttl 3600 seconds
acl all src
[EMAIL PROTECTED] wrote:
Change the order of the http_access statements:
http_access deny concurrent_browsing
http_access deny !password all
Nothing to do. I have tested myself: I can
browse the internet from 3 workstation
with my account.
Clues?
I have implemented max_user_ip acl with squid 2.6stable4
but users are able to browse the internet with a single
account from multiple clients (those in the 172.16.0.0/23
class). This is my squid.conf:
authenticate_ip_ttl 3600 seconds
acl all src 0.0.0.0/0.0.0.0
acl mynet src 172.16.0.0/23
acl
Hi.
I'm having trouble enabling epoll on slackware 10.1 running
linux 2.6.17.8
What are the minimun system req (glibc version, gcc, kernel)?
I have successfully compiled squid 2.6s2-20060808 but when I
try to start it, I get:
comm_select_init: epoll_create(): (38) Function not implemented
This
Gonzalo Arana wrote:
[EMAIL PROTECTED]:/usr/src/linux-2.6.17.8# grep -ir CONFIG_EPOLL .config
CONFIG_EPOLL=y
This may sound silly, but is it the actual kernel running?
Yes it is the running kernel. However CONFIG_EPOLL=y
cannot be even changed from 'make menuconfig'
try
zgrep
Gonzalo Arana write:
I believe It can:
make menuconfig / General setup /
Configure standard kernel features / 'Enable event poll'
Thanks for the tip.
Shifting back to the original issue, I have to insist that errno = 38
(Function not implemented) means an unimplemented syscall, so your
Matus UHLAR - fantomas wrote:
You probably missed that many people avoid this problem by downloading
files
like http://some.example.com/file.exe?; which, of course, does not match
your regexps.
Aha, I didn't know about this. Is there any way to catch this
with squid?
Marco Berizzi wrote:
Matus UHLAR - fantomas wrote:
You probably missed that many people avoid this problem by downloading
files
like http://some.example.com/file.exe?; which, of course, does not match
your regexps.
Aha, I didn't know about this. Is there any way to catch this
with squid
SSCR Internet Admin wrote:
Hi,
Ciao
I would like to know if there are any slackers running on the current
version with the latest version of squid. I havent touched slackware
I'm running Slackware 10.2 and squid 2.6-STABLE1
Here is my squid build script:
CFLAGS=-O2 ./configure \
Squid does not restart. Squid sends to the IE browser
Same with 2.6s1. squid logs:
urlParse: Illegal character in hostname 'www,pharmiweb.co.uk'
and it doesn't restart.
| 15:23:17 urlParse: Illegal character in hostname 'www,pharmiweb.co.uk'
| 15:41:05 FATAL: RECIEVED SEGMENT
Guido Serassio wrote:
Hi Marco,
At 17.15 12/07/2006, Marco Berizzi wrote:
Please file a bug report
http://www.squid-cache.org/bugs/
ok I will file a bug report. Do you need any specific information?
How many concurrent client are using the cache ?
about 1 hundred
After squid-2.5 to squid-2.6 upgrade I get everyday this
warning messages:
2006/07/12 15:05:41| WARNING: All ntlmauthenticator processes are busy.
2006/07/12 15:05:41| WARNING: up to 73 pending requests queued
2006/07/12 15:06:11| WARNING: All ntlmauthenticator processes are busy.
2006/07/12
Guido Serassio wrote:
Hi Marco,
Ciao Guido,
At 16.31 12/07/2006, Marco Berizzi wrote:
After squid-2.5 to squid-2.6 upgrade I get everyday this
warning messages:
2006/07/12 15:08:38| WARNING: All ntlmauthenticator processes are busy.
2006/07/12 15:08:38| WARNING: up to 135 pending
Hello everybody.
I have a problem with anthony icons after squid-2.5.STABLE14
to squid-2.6.STABLE1 upgrade.
When I'm browsing an ftp site, anthony icons aren't displayed
on the web page generated by squid.
This is my squid.conf
acl mynet src 172.16.0.0/23
acl myproto proto HTTP FTP SSL
Hello everybody. I have updated squid from 2.5-STABLE12 to
2.5-STABLE13 and now avg antivirus updates don't work
anymore. This is my squid.conf:
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 48 MB
maximum_object_size 32 MB
Mark Elsen wrote:
On 3/22/06, Marco Berizzi [EMAIL PROTECTED] wrote:
Hello everybody. I have updated squid from 2.5-STABLE12 to
2.5-STABLE13 and now avg antivirus updates don't work
anymore. This is my squid.conf:
What happens if you set :
client_persistent_connections
Hi.
I'm blocking download of .wmv files with acl urlpath_regex,
but, for example, this wmv isn't catched by this rule:
http://www.gametrailers.com/download.php?id=7174type=wmvf=
squid.conf:
acl trojans urlpath_regex \.wmv$
http_access deny trojans
Hints?
TIA
Christoph Haas wrote:
On Thursday 16 March 2006 14:19, Marco Berizzi wrote:
I'm blocking download of .wmv files with acl urlpath_regex,
but, for example, this wmv isn't catched by this rule:
http://www.gametrailers.com/download.php?id=7174type=wmvf=
squid.conf:
acl trojans urlpath_regex
Christoph Haas wrote:
On Thursday 16 March 2006 14:50, Marco Berizzi wrote:
Christoph Haas wrote:
On Thursday 16 March 2006 14:19, Marco Berizzi wrote:
I'm blocking download of .wmv files with acl urlpath_regex,
but, for example, this wmv isn't catched by this rule:
http
Christoph Haas wrote:
Just one hint: Squid is bad at checking the content of HTTP objects. Unless
you use another proxy
Is there anything better than squid?
But whatever header field you check: you are always relying on the web
server administrators classification of files. If you just want
Matus UHLAR wrote:
Mark Elsen wrote:
I know. But if my firewall doesn't allow passive conn and I don't
turn off this option, what happens?
The obvious : things won?t work.
On 03.01 09:09, Marco Berizzi wrote:
No, squid were opening ftp active connections instead. I would like
I have noticed that squid was opening ftp active connections instead of
passive one's because of a firewall configuration mistake. I'm running squid
2.5STABLE12 on Slackware Linux 10.2 (kernel vanilla 2.6.14.5)
Now I have corrected my firewall rules and squid is opening ftp passive
connections. I
Mark Elsen wrote:
I have noticed that squid was opening ftp active connections instead of
passive one's because of a firewall configuration mistake. I'm running
squid
2.5STABLE12 on Slackware Linux 10.2 (kernel vanilla 2.6.14.5)
Now I have corrected my firewall rules and squid is opening
Hi.
I would like to know if/when will be possible
to build acl based on iptables mark value.
Squid 2.6?
Hello everybody.
I have found a strange problem with delay pools.
This is a section of my squid.conf
delay_parameters 1 32000/32000 16000/16000 8000/5
I'm using this squid-proxy through a slow (33600bps) modem
connections.
After 50 kbyte of traffic my client doesn't work anymore
(both
Ing. Domingo E. Becker wrote:
I have found a strange problem with delay pools.
This is a section of my squid.conf
delay_parameters 1 32000/32000 16000/16000 8000/5
I'm using this squid-proxy through a slow (33600bps) modem
connections.
After 50 kbyte of traffic my client
Hello everybody.
I would like to know if there is any configuration trick
to intercept and block .exe files that IE execute without
user action (spyware).
I don't want to block all exe file: accept only those exe
file that IE prompt for save. Could it be possible?
Henrik Nordstrom wrote:
On Thu, 16 Sep 2004, Marco Berizzi wrote:
One question: the authenticator processes are called every time
a client open one socket to squid?
Yes, due to Microsoft wonderful design of NTLM over HTTP
authentication..
Wow, yes wonderful...
I have seen that M$IE
Henrik Nordstrom wrote:
On Wed, 15 Sep 2004, Marco Berizzi wrote:
Henrik Nordstrom wrote:
On Wed, 15 Sep 2004, Marco Berizzi wrote:
Feature request: could squid logs the machine hostname or ip
address
doing the authentication request?
It does in access.log.
What kind of word
Billy Macdonald wrote:
Marco Berizzi wrote:
Hello everybody.
This morning squid-2.5STABLE6 has crashed because
all ntlm authenticator processes were busy. This is
the relevant log's part:
10:24:37| WARNING: All ntlmauthenticator processes are busy.
10:24:37| WARNING: up to 199
Henrik Nordstrom wrote:
On Wed, 15 Sep 2004, Marco Berizzi wrote:
Feature request: could squid logs the machine hostname or ip address
doing the authentication request?
It does in access.log.
What kind of word should I grep?
You also get it in cache.log if you enable debugging
Hello everybody.
This morning squid-2.5STABLE6 has crashed because
all ntlm authenticator processes were busy. This is
the relevant log's part:
08:47:36| WARNING: All ntlmauthenticator processes are busy.
08:47:36| WARNING: up to 40 pending requests queued
08:48:54| WARNING: All ntlmauthenticator
I'm experimenting a problem with a web site because
X-Forwarded-For is unknown.
However squid.conf.default shows that X-Forwarded-For is
on by default.
My squid.conf modify only the User-Agent header:
header_access User-Agent deny all
header_replace User-Agent Mozilla/5.0 (X11; U; Linux i686;
However squid.conf.default shows that X-Forwarded-For is
on by default.
I presume this is not changed in the current squid.conf by
setting this parameter to off , for instance ?
No, it is not changed.
Probably not, you can debug the situation further with :
Buhh... sorry: 2.5.STABLE6 compiled from source on Slackware 9.1
kernel 2.4.26 gcc 3.2.3 glibc 2.3.2
Ok, clueless for the moment,but one sanity check,to proof
that is related to the header_deny,header_access stuff you use
in squid.conf :
- if that is not done, is the situation
- Original Message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Marco Berizzi [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Friday, July 25, 2003 7:42 PM
Subject: Re: [squid-users] mozilla 1.4 NTLM auth.
fre 2003-07-25 klockan 17.46 skrev Marco Berizzi:
Hi,
I have a little
- Original Message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Marco Berizzi [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, July 28, 2003 2:21 PM
Subject: Re: [squid-users] mozilla 1.4 NTLM auth.
mån 2003-07-28 klockan 11.20 skrev Marco Berizzi:
Just for record: yes
Hi,
I have a little problem with Mozilla 1.4 on Win32 (win2000) and squid
2.5s3.
Mozilla on Win32 now has support for NTLM authentication.
IE is working well with NTLM support with Squid 2.5s3, but mozilla
prompt for the username/password box: here the user must specify the
username parameter as
58 matches
Mail list logo