Re: [squid-users] squid -k rotate does nothing

Putting that aside, when are the rotations set;daily,weekly or something.You might have set them to weekly and its just 3 days now.It happened to me :-) Ronny *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*- If I have seen further it is by

[squid-users] Not our Vary marker object

able-snmp' '--enable-poll' 'CFLAGS=-DNUMTHREADS=30' On Fedora Core 6 Could someone kindly advise. Regards Ronny -- *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*- If I have seen further it is by standing on the shoulders of giants. --Isaac Newton -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

Re: [squid-users] Out of file descriptor

Have a look @ http://www.squid-cache.org/Doc/FAQ/FAQ-11.html Yos Ronny *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*- If I have seen further it is by standing on the shoulders of giants. --Isaac Newton

Re: [squid-users] Server platform

You are free to use any Core version it will pump your traffic as you want with no problems we use Core for production for a year now no breaks no nothing.Only tweak the filedescriptors for bigger networks and some tunnings in the kernel and squid will run on most distros as you like it. R *

[squid-users] squid.conf encrypted with openssl des3

Hi all I encrypted the squid.conf file for LAB purposes but squid didn't die even after a restart it seems running normal for the last 30minutes but under watch.How does it decrypt the file O:-) Ronny -- *** PGP Fingerprint:

Re: [squid-users] slow in internet

Can be anything from your provider up to your hardware.Have you checked all that?What happnes when you go to the internet minus squid?please comeback if all fails. We are always here Ronny *** PGP Fingerprint: 6695 794A B84E D922

Re: [squid-users] upgrade question stable 2.5 stable 5 to stable 12

I had the problem that I just copied the executable over, but didn't update the error directory, so there were some files missing. Copying the new error directory over did help. Cheers, Ronny

[squid-users] TCP receive window limiting

? > > Wouldn't it be wise to let the kernel choose the appropriate sizes (because > it only knows about memory pressure or not etc), also with respect to recent > TCP implementation enhancements? Cheers, Ronny

Re: [squid-users] Reverse Cache with with HTTP-GET argument-caching

t: # NOCACHE ACLs acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY As for the TCP_DENIED, I don't know. Cheers, Ronny

Re: [squid-users] Squid Server log biger than 2G

igure option is needed: --with-large-files Enable support for large files (logs etc). Not to be confused with: --enable-large-cache-files Enable support for large cache files (>2GB). WARNING: on-disk cache format is changed by this option Cheers, Ronny

[squid-users] TCP receive window limiting

t to recent TCP implementation enhancements? Cheers, Ronny

Re: [squid-users] How can I kill selected connection to squid?

You either create an ACL on the fly and restart the service.Transparently the connections will disappear smoothly :-) .Otherwise drop the packets from those clients with iptables(immediate effect) restart iptables Ronny *** PGP

Re: [squid-users] Which the best OS for Squid?

Anything that has selinux + execshield integrated ;-) did I say runs good on FC *** PGP Fingerprint: 6695 794A B84E D922 88FB 73CC 6CBD 8036 B3CD 7304 We can't become what we need to be by remaining what we are *

Re: [squid-users] HELP WITH IPTABLES !!

First you should know why you are putting squid.Not for smtp or pop3 why start with the impossibles -:). Any way see ->squid-cache.org for definition of squid don't thinc you will succeed may be if you got another way . Damian Mantelli (A.C.A.R.A) wrote: Hi my name is Damian, I am f

Re: [squid-users] TCP MISS 503

How does your iptables interception rule look like? Did you try intercepting tcp--->80 only?Seems you are doing for all (port 3128 for any protocols ) which might be the problem! Ronny David LE GOUPIL wrote: Hello, I have a LAN connect to internet through a Firewall Iptable with sq

Re: [squid-users] List-Unsubscribe

Wrong place :-) Peter Khanin wrote: List-Unsubscribe -- *** / ''We can't become what we need to be by remaining what we are''\ \ ,, ,,/

Re: [squid-users] Transparent Proxy Speed problem

You mean slower than without squid running?Need more info aprt from squid version.Which OS and filesystem used for example. Ronny Nilesh Patil wrote: Dear All, I have installed squid 2.5 STABLE10 version using source. Also configured squid with transparent proxy successfully. But the

Re: [squid-users] Redirection

080 where to go (Main rule) and since you have a Cisco in your vicinity why not deploy WCCP? Anyways hope it helps it's a network thing in conjuction with netfilter hackery. Niceday Bab. Ronny But... these are no any squid server on my NAT router! Port 8080 on router is closed. Proxy server

Re: [squid-users] show ips going outside squid

will excuse me for insisting I can't stop usind squid just beacuse of some sites blocking my squid box next time I rather they block a particular host or network.Please advise. Thanks Ronny] Regards Henrik -- ***

[squid-users] show ips going outside squid

Hi all am running transparent proxy on squid 2.5Stable7 but would like the outside world to see the particular IP accessing a site for security reason. Is there a line in squid.conf I can play with so that like if you go to a site they get the IP of the client. Thanks Ronny

Re: [squid-users] Skype

I don't think squid stops skype! [EMAIL PROTECTED] wrote: Hi people, how can I do Squid to accept Skype connections?! is it possible?! thanks all... -- *** / ''We can't become what we need to be by remaining what we are''

Re: [squid-users] file descriptor

-- You know Alex do us a favour and recompile.By the way which release are we dealing with here?Sorry to ask ;-) Regards Ronny Alex wrote: - Dear Ronny, i stopped the service, restarted the whole server, after

Re: [squid-users] file descriptor

You know Alex do us a favour and recompile.By the way which release are we dealing with here?Sorry to ask ;-) Regards Ronny Alex wrote: - Dear Ronny, i stopped the service, restarted the whole server, after that i run the command ulimit -HSn 8102 , after that i started

Re: [squid-users] file descriptor

number--->then start squid.Then monitor And please reply. Ronny ~~ but still i see 1024 in the cache.log file. anyway, can u please guide me solve this problem, and what is the link for the FAQ so that i can check

Re: [squid-users] timestamp

just incase you read in your free time. ;-[ Ronny troy rad wrote: I have used a converter but is there a way to have the logs show local time instead of the utc. It would eliminate a step for me. I am new to all of this -- **

Re: [squid-users] Transparent Squid dont work. Wrong iptables rules?

Hi, i want to use Squid 2.5Stable8 on my Debian Sarge System as a transparent Proxy. We've got i Firewall here (debian machine with iptables). The idea is, that the users from the local net (172.21.0.0/16) use the transparent proxy. Squid is running normal on the Proxy Machine and i've set the

Re: [squid-users] Stop p2p running through squid

Well from squid definition I don't think you will be able to stop p2p programs.You need a more intelligent program or hardware to do that .I didn't say squid isn't intelligent besides I survive on it. Regards Ronny B.G. Bruce wrote: I have a transparent squid cache 2.5.8+patches(

Re: [squid-users] Re: Request_header is too large

Great Henrik will check it out thanks Ronny Henrik Nordstrom wrote: On Wed, 2 Mar 2005, Ronny wrote: Hi comrades am running 2.5STABLE7(transparent) on redhat.Problem is am seeing many of these messages in the cache.log file Config 'request_header_max' =20480 bytes Request_header is

[squid-users] Request_header is too large

ttack or buffer overflow as from the FAQs.Can you advise please seems my cache is under stress. Thanks Ronny -- *** / ''We can't become what we need to be by remaining what we are''\ \ ,, ,,/ ***

[squid-users] Hi comrades am running 2.5STABLE7(transparent) on redhat.Problem is am seeing many of these messages in the cache.log file /Config 'request_header_max' =20480 bytes Request_header is too large (*****)/ where (*****) > 20480 bytes the default value . Now seems it's a DOS attack or buffer overflow as from the FAQs.Can you advise please seems my cache is under stress.

Thanks Ronny Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi comrades am running 2.5STABLE7(transparent) on redhat.Problem is am seeing many of these messages in the cache.log file Config 'request_header_max' =20480 bytes Request

[squid-users] Squid and excess data from webservers

eader-specified length, which is all good and well, in theory. How about adding a configurable window, in which excess data is tolerated, but defaulting to 0 ? It is mostly around a couple of bytes (up to ~100?) and the browsers handle it, too. I have no patches handy, unfortunately. Kind regards, Ronny

Re: [squid-users] FD_SETSIZE (if this goes through twice I appologize)

But since he is new to Linux 'as he says' and would like to know let him try to look through /usr/include/bits/typesizes.h I think but otherwise in today's squid you don't need that. Ronny Henrik Nordstrom wrote: On Wed, 23 Feb 2005, Bryan Miles wrote: I'd really a

Re: [squid-users] WCCP + squid 2.5-STABLE7 + linux 2.6.10

ack 1 win 6948 (DF) 09:25:58.645161 wirelessproxy.espn.go.com.http > x.x.x.x.x.50140: P 11312:11792(480) ack 1 But think it's a firewall thing mixed up with interfaces but all seems ok with squid-->cisco talk. Ronny Jesse Guardiani wrote: Hello, Does anyone have WCCP v1 *or* v2 work

Re: [squid-users] Linux as router (Gateway Server)

Well have you tried iptables -A INPUT -s 192.168.0.0/16 -p tcp --dport 3128 -j ACCEPT or -A FORWARD -i eth0 -o eth1 -p tcp -m tcp --sport 1024:65535 --dport 3128 -j ACCEPT like you did for port 21 Am not good but try you can google too just incase the netfilter guys can't help. Ronny Bu

Re: [squid-users] need to change file file descriptors size ?

Since it's a multiple of 64 try.Are you using a super computer?Can we know your machine Specs too pliz?? www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.4 pak kumis wrote: hello, I'am newbie here, I want to know, it's need to change file descriptors up to 8192 ? What effect to my system if I up to 8

Re: [squid-users] Controlling remote squid ACLs

Well since you know all that you must add Apache and Linux Security on the List would advise webmin too plus snmp. Nordstrom wrote: On Tue, 1 Feb 2005, tomlobato wrote: I need to make a interface for a net adm to manage remote squid ACLs. My scenario: 15 remote Linux gateways, each one runs on a

[squid-users] Happy New Year

get time for Squid :-D Happy New year Rgrds Ronny -- *** / ''We can't become what we need to be by remaining what we are''\ \ ,, ,,/ ***

Re: [squid-users] Re: Squid Error: No Running Copy

Hi try giving your machine a hostname then we see the way forward and see if the /etc/resolve.conf file has something in there ;-) Rgrds Ronny

[squid-users] WCCPv2 + cache engines (Running squid)

n the Cluster. Having that setup can we replace the CISCO CACHE ENGINE with SQUID where by squid can be elected as the lead cache at the same time controlling the load of other squid caches in the cluster. BTW can this scenario be deployed with wccpv1 . Thanks in advance

Re: [squid-users] WCCPv2 + 2.6.9 Kernel

Sori GRE modulke not grep GOD!! Ronny wrote: :-\ got some how #$$% confused .You mean if am to run wccpv2 (grep module) + 2.6.9 kernel + Transparency (IPTABLES) I have to patch still? Henrik says no patch needed may be coz I didn't mention the interception with iptables and Martin says

Re: [squid-users] WCCPv2 + 2.6.9 Kernel

which 2.6.9 kernel is not yet relesead ! So can you please advise thanks for the x-mas eve time :-D Ronny Martin Marji Cermak wrote: Henrik Nordstrom wrote: On Thu, 23 Dec 2004, Ronny wrote: Hi all would like to run wccpv2 on linux 2.6.9 kernel.What would you advise ,ipwccp.c module or GRE module.

[squid-users] WCCPv2 + 2.6.9 Kernel

Hi all would like to run wccpv2 on linux 2.6.9 kernel.What would you advise ,ipwccp.c module or GRE module. If possible are there any problems reported yet for both deployments. Thanks Ronny -- *** / ''We can

Re: [squid-users] transparent squid + antivirus

I also heard of safesquid + clamav + squid but haven't tried it Abdock wrote: Hello Experts, I have set up squid as transparent, and doing only web caching. The box acts as the gateway. No proxy all addresses behind the box are external IP. How can i add antivirus to the squid box so that atleast

Re: [squid-users] transparent squid + antivirus

Confused me what do you mean "behind the box" and then you talk about "No proxy" don't you think its contradicting ;-) .Anyways if the proxy is the gateway then put the antivirus on the gateway try free clamav and amavis I hear they are kool. Abdock wrote: Hello Experts, I have set up squid as

Re: [squid-users] remote attack

will show you the killer and all will come to normal. http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities&flashstatus=true Still Ronny Henrik Nordstrom wrote: On Tue, 9 Nov 2004, Costas Zacharopoulos wrote: What are the most possible methods that can be used to remote

Re: [squid-users] can my isp see sites i visitied if i am using proxy?

Oh dear they/We see everything.You got to be good but you may end up not accessing anything. ;-) Ronny [EMAIL PROTECTED] wrote: Hello, if i surf the internet connected to Squid Web proxy can my isp knows what sites did i visited ? or my isp will only see that i connected to proxy ? and is it

Re: [squid-users] blocking kazza via squid

Oh sorry squid would help if it kazaa used http but if you remember our friend is a P2P software.Try may be content filtering like with squidGuard and the like but I doubt haven't tried it otherwise visit Firewall sites Chetan Panse wrote: Hi Gurus, I installed Squid on Solaris 5.9 X86. Can

[squid-users] digest auth and LDAP

? Any suggestions? Surely there must be some people here that are using LDAP auth, what do you do in this case? Do you just leave it cleartext? Thank you in advance for your time and attention. Ronny pgpgWGkz5q2tO.pgp Description: PGP signature

[squid-users] Porn help

* *-acl porn url_regex "/usr/local/squid/etc/porn1"* *-http_access deny porn all * when I try to access any of the sites in the file it just splashes all the gals on my LCD ;-)) which I don't like so please has anybody in here done it?.Thanks in adva

[squid-users] Strange problem with squid

g squid 2.4.6 from Debian Stable i have only 2 tcp-connection (like the two i had when using plain tcp/ip as mentioned befotre). So i need to know what changed between 2.5.4 and 2.5.5 and what changed between 2.4.6 and 2.5.5. Thanks, Ronny.

[squid-users] Donations

Hi if one wants to donate to the developers how can one go about it? Coz u may find that there like 1000 squid users and they may like to give at least $10 each for the great work done.I mean open source spirit power to the poeple. -- === Trust everybody but not thier inside===

[squid-users] [Fwd: visible hostname]

--- Begin Message --- Hi fellow squidoz am getting this problem when i try to do our stuff #/usr/local/squid/sbin/squid -z don't mind about the mail1 it's just a hostname I liked but mail1 is a hostname of one of my mailer which is up.Is there something am confusing.Am running   squid-2.5.STAB

[squid-users] Seen this before???

Hi trying to configure transparent proxy with this rule any error? #iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128 The requested URL could not be retrieved While trying to retrieve the URL: / The following error was encountered: * Invalid URL Some aspe

[squid-users] What went wrong??

563 70 210 1025-65535?? coz my comrade added this line Thanxs;-) Ronny http://mail.spacenet.co.ug/

[squid-users] can't even get my home page?

Have transparent proxy on squid box running squid ver 2.4 but when link is off for even 1min all browsers can't display any page.But in the acceeelog I see active connections. Is there any problem with my cache?B Thanx

[squid-users] Any body tried blocking kazza?

Peace to you all , has anybody tried blocking kazza downloads using squid ?not the site just want to fool my clients thanx in advance ;-) Regards Ronny

[squid-users] netstat listings shows SYN_RECV all the time

Peace to all, Now i made this netstat -n command on my cashing server and got many SYN_RECV messages on port 3128 from most of our customer IP's yet others have connction ESTABLISHED .how can I stop this is there a problem in our squid response to some requests? Thanxs homies :-)