Putting that aside, when are the rotations set;daily,weekly or
something.You might have set them to weekly and its just 3 days now.It
happened to me :-)
Ronny
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
If I have seen further it is by
able-snmp' '--enable-poll' 'CFLAGS=-DNUMTHREADS=30'
On Fedora Core 6
Could someone kindly advise.
Regards
Ronny
--
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
If I have seen further it is by standing on the shoulders of giants.
--Isaac Newton
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Have a look @ http://www.squid-cache.org/Doc/FAQ/FAQ-11.html
Yos
Ronny
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
If I have seen further it is by standing on the shoulders of giants.
--Isaac Newton
You are free to use any Core version it will pump your traffic as you
want with no problems we use Core for production for a year now no
breaks no nothing.Only tweak the filedescriptors for bigger networks
and some tunnings in the kernel and squid will run on most distros as
you like it.
R
*
Hi all I encrypted the squid.conf file for LAB purposes but squid didn't
die even after a restart it seems running normal for the last 30minutes
but under watch.How does it decrypt the file O:-)
Ronny
--
***
PGP Fingerprint:
Can be anything from your provider up to your hardware.Have you checked
all that?What happnes when you go to the internet minus squid?please
comeback if all fails.
We are always here
Ronny
***
PGP Fingerprint: 6695 794A B84E D922
I had the problem that I just copied the executable over, but didn't update
the error directory, so there were some files missing.
Copying the new error directory over did help.
Cheers,
Ronny
?
>
> Wouldn't it be wise to let the kernel choose the appropriate sizes (because
> it only knows about memory pressure or not etc), also with respect to recent
> TCP implementation enhancements?
Cheers,
Ronny
t:
# NOCACHE ACLs
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
As for the TCP_DENIED, I don't know.
Cheers,
Ronny
igure option is needed:
--with-large-files Enable support for large files (logs etc).
Not to be confused with:
--enable-large-cache-files
Enable support for large cache files (>2GB).
WARNING: on-disk cache format is changed by this
option
Cheers,
Ronny
t to recent
TCP implementation enhancements?
Cheers,
Ronny
You either create an ACL on the fly and restart the
service.Transparently the connections will disappear smoothly :-)
.Otherwise drop the packets from those clients with iptables(immediate
effect) restart iptables
Ronny
***
PGP
Anything that has selinux + execshield integrated ;-) did I say runs
good on FC
***
PGP Fingerprint: 6695 794A B84E D922 88FB 73CC 6CBD 8036 B3CD 7304
We can't become what we need to be by remaining what we are
*
First you should know why you are putting squid.Not for smtp or pop3 why
start with the impossibles -:).
Any way see ->squid-cache.org for definition of squid don't
thinc you will succeed may be if you got another way
.
Damian Mantelli (A.C.A.R.A) wrote:
Hi my name is Damian, I am f
How does your iptables interception rule look like? Did you try
intercepting tcp--->80 only?Seems you are doing for all (port 3128 for
any protocols ) which might be the problem!
Ronny
David LE GOUPIL wrote:
Hello,
I have a LAN connect to internet through a Firewall Iptable with sq
Wrong place :-)
Peter Khanin wrote:
List-Unsubscribe
--
***
/ ''We can't become what we need to be by remaining what we are''\
\ ,, ,,/
You mean slower than without squid running?Need more info aprt from
squid version.Which OS and filesystem used for example.
Ronny
Nilesh Patil wrote:
Dear All,
I have installed squid 2.5 STABLE10 version using source.
Also configured squid with transparent proxy successfully.
But the
080 where to go (Main rule)
and since you have a Cisco in your vicinity why not deploy WCCP?
Anyways hope it helps it's a network thing in conjuction with netfilter
hackery.
Niceday Bab.
Ronny
But... these are no any squid server on my NAT router!
Port 8080 on router is closed. Proxy server
will excuse me for insisting I can't stop usind squid just beacuse
of some sites blocking my squid box next time I rather they block a
particular host or network.Please advise.
Thanks
Ronny]
Regards
Henrik
--
***
Hi all am running transparent proxy on squid 2.5Stable7 but would like
the outside world to see the particular IP accessing a site for security
reason. Is there a line in squid.conf I can play with so that like if
you go to a site they get the IP of the client.
Thanks
Ronny
I don't think squid stops skype!
[EMAIL PROTECTED] wrote:
Hi people,
how can I do Squid to accept Skype connections?!
is it possible?!
thanks all...
--
***
/ ''We can't become what we need to be by remaining what we are''
--
You know Alex do us a favour and recompile.By the way which release are
we dealing with here?Sorry to ask ;-)
Regards
Ronny
Alex wrote:
-
Dear Ronny,
i stopped the service, restarted the whole server, after
You know Alex do us a favour and recompile.By the way which release are
we dealing with here?Sorry to ask ;-)
Regards
Ronny
Alex wrote:
-
Dear Ronny,
i stopped the service, restarted the whole server, after that i run
the command ulimit -HSn 8102 , after that i started
number--->then start squid.Then monitor
And please reply.
Ronny
~~
but still i see 1024 in the cache.log file.
anyway, can u please guide me solve this problem, and what is the link
for the FAQ so that i can check
just incase you read in
your free time. ;-[
Ronny
troy rad wrote:
I have used a converter but is there a way to have the logs show local time
instead of the utc. It would eliminate a step for me. I am new to all of
this
--
**
Hi,
i want to use Squid 2.5Stable8 on my Debian Sarge System as a transparent
Proxy. We've got i Firewall here (debian machine with iptables).
The idea is, that the users from the local net (172.21.0.0/16) use the
transparent proxy.
Squid is running normal on the Proxy Machine and i've set the
Well from squid definition I don't think you will be able to stop p2p
programs.You need a more intelligent program or hardware to do that .I
didn't say squid isn't intelligent besides I survive on it.
Regards
Ronny
B.G. Bruce wrote:
I have a transparent squid cache 2.5.8+patches(
Great Henrik will check it out thanks
Ronny
Henrik Nordstrom wrote:
On Wed, 2 Mar 2005, Ronny wrote:
Hi comrades am running 2.5STABLE7(transparent) on redhat.Problem is am
seeing many of these messages in the cache.log file
Config 'request_header_max' =20480 bytes
Request_header is
ttack or buffer overflow as from the FAQs.Can you
advise please seems my cache is under stress.
Thanks
Ronny
--
***
/ ''We can't become what we need to be by remaining what we are''\
\ ,, ,,/
***
Thanks
Ronny
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Hi comrades am running 2.5STABLE7(transparent) on redhat.Problem is am
seeing many of these messages in the cache.log file
Config 'request_header_max' =20480 bytes
Request
eader-specified length,
which is all good and well, in theory.
How about adding a configurable window, in which excess data is tolerated,
but defaulting to 0 ?
It is mostly around a couple of bytes (up to ~100?) and the browsers handle
it, too.
I have no patches handy, unfortunately.
Kind regards,
Ronny
But since he is new to Linux 'as he says' and would like to know let him
try to look through /usr/include/bits/typesizes.h I think but otherwise
in today's squid you don't need that.
Ronny
Henrik Nordstrom wrote:
On Wed, 23 Feb 2005, Bryan Miles wrote:
I'd really a
ack 1 win 6948 (DF)
09:25:58.645161 wirelessproxy.espn.go.com.http > x.x.x.x.x.50140: P
11312:11792(480) ack 1
But think it's a firewall thing mixed up with interfaces but all seems
ok with squid-->cisco talk.
Ronny
Jesse Guardiani wrote:
Hello,
Does anyone have WCCP v1 *or* v2 work
Well have you tried iptables -A INPUT -s 192.168.0.0/16 -p tcp --dport
3128 -j ACCEPT or
-A FORWARD -i eth0 -o eth1 -p tcp -m tcp --sport 1024:65535 --dport 3128 -j
ACCEPT
like you did for port 21
Am not good but try you can google too just incase the netfilter guys
can't help.
Ronny
Bu
Since it's a multiple of 64 try.Are you using a super computer?Can we
know your machine Specs too pliz??
www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.4
pak kumis wrote:
hello,
I'am newbie here,
I want to know, it's need to change file descriptors up to 8192 ?
What effect to my system if I up to 8
Well since you know all that you must add Apache and Linux Security on
the List would advise webmin too plus snmp. Nordstrom wrote:
On Tue, 1 Feb 2005, tomlobato wrote:
I need to make a interface for a net adm to manage remote squid ACLs. My
scenario: 15 remote Linux gateways, each one runs on a
get time for Squid :-D
Happy New year
Rgrds
Ronny
--
***
/ ''We can't become what we need to be by remaining what we are''\
\ ,, ,,/
***
Hi try giving your machine a hostname then we see the way forward and
see if the /etc/resolve.conf file has something in there ;-)
Rgrds
Ronny
n the Cluster.
Having that setup can we replace the CISCO CACHE ENGINE with SQUID
where by squid can be elected as the lead cache at the same time
controlling the load of other squid caches in the cluster.
BTW can this scenario be deployed with wccpv1 .
Thanks in advance
Sori GRE modulke not grep GOD!!
Ronny wrote:
:-\ got some how #$$% confused .You mean if am to run wccpv2 (grep
module) + 2.6.9 kernel + Transparency (IPTABLES) I have to patch
still? Henrik says no patch needed may be coz I didn't mention the
interception with iptables and Martin says
which 2.6.9 kernel is not yet relesead ! So can you please advise thanks
for the x-mas eve time :-D
Ronny
Martin Marji Cermak wrote:
Henrik Nordstrom wrote:
On Thu, 23 Dec 2004, Ronny wrote:
Hi all would like to run wccpv2 on linux 2.6.9 kernel.What would you
advise ,ipwccp.c module or GRE module.
Hi all would like to run wccpv2 on linux 2.6.9 kernel.What would you
advise ,ipwccp.c module or GRE module.
If possible are there any problems reported yet for both deployments.
Thanks
Ronny
--
***
/ ''We can
I also heard of safesquid + clamav + squid but haven't tried it
Abdock wrote:
Hello Experts,
I have set up squid as transparent, and doing only web caching. The box acts as
the gateway. No proxy all addresses behind the box are external IP.
How can i add antivirus to the squid box so that atleast
Confused me what do you mean "behind the box" and then you talk about
"No proxy" don't you think its contradicting ;-) .Anyways if the proxy
is the gateway then put the antivirus on the gateway try free clamav and
amavis I hear they are kool.
Abdock wrote:
Hello Experts,
I have set up squid as
will show you the killer and all will come to normal.
http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities&flashstatus=true
Still
Ronny
Henrik Nordstrom wrote:
On Tue, 9 Nov 2004, Costas Zacharopoulos wrote:
What are the most possible methods that can be used to remote
Oh dear they/We see everything.You got to be good but you may end up not
accessing anything. ;-)
Ronny
[EMAIL PROTECTED] wrote:
Hello,
if i surf the internet connected to Squid Web proxy
can my isp knows what sites did i visited ?
or my isp will only see that i connected to proxy ?
and is it
Oh sorry squid would help if it kazaa used http but if you remember
our friend is a P2P software.Try may be content filtering like with
squidGuard and the like but I doubt haven't tried it otherwise visit
Firewall sites
Chetan Panse wrote:
Hi Gurus,
I installed Squid on Solaris 5.9 X86. Can
? Any suggestions?
Surely there must be some people here that are using LDAP auth, what
do you do in this case? Do you just leave it cleartext?
Thank you in advance for your time and attention.
Ronny
pgpgWGkz5q2tO.pgp
Description: PGP signature
*
*-acl porn url_regex "/usr/local/squid/etc/porn1"*
*-http_access deny porn all *
when I try to access any of the sites in the file it just splashes all
the gals on my LCD ;-)) which I don't like so please
has anybody in here done it?.Thanks in adva
g squid 2.4.6 from Debian Stable i have only 2
tcp-connection (like the two i had when using plain
tcp/ip as mentioned befotre).
So i need to know what changed between 2.5.4 and 2.5.5 and what changed
between 2.4.6 and 2.5.5.
Thanks, Ronny.
Hi if one wants to donate to the developers how can one go about it? Coz
u may find that there like 1000 squid users and they may like to give at
least $10 each for the great work done.I mean open source spirit power
to the poeple.
--
=== Trust everybody but not thier inside===
--- Begin Message ---
Hi fellow squidoz am getting this problem when i try to do our stuff
#/usr/local/squid/sbin/squid -z
don't mind about the mail1 it's just a hostname I liked but mail1 is a
hostname of one of my mailer which is up.Is there something am
confusing.Am running squid-2.5.STAB
Hi trying to configure transparent proxy with this rule any error?
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT
--to-port 3128
The requested URL could not be retrieved
While trying to retrieve the URL: /
The following error was encountered:
* Invalid URL
Some aspe
563 70 210 1025-65535?? coz my comrade added this line
Thanxs;-)
Ronny
http://mail.spacenet.co.ug/
Have transparent proxy on squid box running squid ver 2.4 but when
link is off for even 1min all browsers can't display any page.But in the
acceeelog I see active connections.
Is there any problem with my cache?B
Thanx
Peace to you all , has anybody tried blocking kazza downloads using
squid ?not the site just want to fool
my clients thanx in advance ;-)
Regards
Ronny
Peace to all,
Now i made this netstat -n command on my cashing server and got many
SYN_RECV messages on port 3128 from most of our customer IP's yet
others have connction ESTABLISHED .how can I stop this is there a
problem in our squid response to some requests?
Thanxs homies :-)
57 matches
Mail list logo