tor 2009-09-24 klockan 16:25 -0300 skrev Mariel Sebedio:
Hello, I just compiled Squid-3.0.STABLE19 with this options
squid-3.0.STABLE19]# ./configure --prefix=/ --enable-snmp
--enable-cache-digest --enable-err-language=Spanish --enable-delay-pools
If you really want this then try --prefix=,
ons 2009-09-23 klockan 15:27 -0500 skrev Luis Daniel Lucio Quiroz:
We are about to make stack trace,
but sys admins is worry about diskspace, aproxy, how many diskspace we need
for disktrace
If it's the digest authentication issue then no additional backtrace is
needed. The needed data is
fre 2009-09-25 klockan 22:04 +0530 skrev vikas rawat:
This URL accessible with proxy and without proxy.
kindly suggest.
Out of ideas here.
Check your access.log and cache.log for any anomalies.
Regards
Henrik
tis 2009-09-29 klockan 17:09 +0530 skrev Avinash Rao:
My sincere apologies for the late reply.
Squid stops responding everyday. I had enabled debug_options ALL,9 and
the cache.log file is huge.. which part of it do you want?
The information around where it stops responding.
strace gives the
tor 2009-10-01 klockan 11:17 +0530 skrev Avinash Rao:
Were you able to make out anything
The log you sent and the time you said squid stopped responding does not
match up.
Do the log continue like this while Squid is hung?
Regards
Henrik
ons 2009-09-23 klockan 06:29 -0400 skrev Vivek:
Is there any workaround for this issue ( in squid or browser ) ?
Has do be done in the browser.
REgards
Henrik
mån 2009-10-05 klockan 01:17 -0400 skrev Vivek:
Is it possible to set proxy authentication credentials (
username/password ) permanently in the browser. I tried that, but no
luck.
That is browser dependent.
Regards
Henrik
fre 2009-09-25 klockan 16:30 -0500 skrev Luis Daniel Lucio Quiroz:
Hi,
I have a squid with some parents. Suddenly I'm habb
2009/09/25 16:09:03| TCP connection to 10.10.50.233/3228 failed
2009/09/25 16:09:03| TCP connection to
fre 2009-09-25 klockan 17:40 -0500 skrev Luis Daniel Lucio Quiroz:
I dont know usernames users try. I just wonder if there is a way to tell
squid to ignore usernames that they doesnt exists.
access.log should contain the user info. Look for TCP_DENIED/407
responses with a username.
Regards
fre 2009-09-25 klockan 17:40 -0500 skrev Luis Daniel Lucio Quiroz:
I dont know usernames users try. I just wonder if there is a way to tell
squid to ignore usernames that they doesnt exists.
Maybe an external ACL with 2 days cache?
Unfortunately not. Authentication have to be passed before
mån 2009-09-28 klockan 12:23 +0400 skrev Mario Remy Almeida:
Hi Amos,
Thanks for that, My problem is solved.
Is there any way to by-pass such problems. I mean for known source IP if
HTTP headers are not set then still it is pass through.
There is preleminary support for chunked encoding
mån 2009-09-28 klockan 17:55 -0400 skrev Matthew Morgan:
Is it possible to set range_offset_limit per domain?
Not today, but should not be too hard to add in the code.
If you know a little C programming then you are very welcome to give it
a try. Just join squid-dev list and ask for hints on
tis 2009-09-29 klockan 15:41 +0800 skrev wangwen:
alter HTTP_Port as follow:
http_port 192.168.0.164:88 accel vhost defaultsite=192.168.24.198
When Clients access http://192.168.0.164:88/rdims/index.jsp
HTTP request header which Squid sent to backend server is:
GET /rdims/index.jsp
tis 2009-09-29 klockan 02:41 -0700 skrev tookers:
Hello all,
I'm running several Squid boxes as reverse proxies, the problem i'm seeing
is when there are a high number of connections in the region of 80,000 per
Squid at peak I'm getting 1,000's of TCP_MISS for the same URL hitting the
back
fre 2009-09-25 klockan 10:57 -0500 skrev Dean Weimer:
2009/09/25 11:38:07| SSL unknown certificate error 18 in...
2009/09/25 11:38:07| fwdNegotiateSSL: Error negotiating SSL connection on FD
15: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed (1/-1/0)
This
tis 2009-09-29 klockan 07:54 -0500 skrev Dean Weimer:
I didn't see that one, though I have the real certificate now and
everything is working with it. I figure the sslflags on the cache peer
settings should accomplish the same thing, but they didn't seem to make
a difference whether I
tis 2009-09-29 klockan 00:10 -0400 skrev Michael Lenaghan:
I've had a very difficult time finding good docs for vhost, vport and
defaultsite. I've looked and I've searched in many places, but I
haven't found anything that would help me explain *why* this change
worked. Indeed, the bits I did
tor 2009-09-24 klockan 09:30 -0700 skrev dtinazzi:
You can see the request has the starting part truncated (all final
characters are mine...), probably it's the reason because I've unsupported
method error and then Invalid request, but I've these problems only for
certain pages and not
tis 2009-09-29 klockan 09:52 -0700 skrev dtinazzi:
Anyway, the only way to resolve this problem seems to be to update Squid,
right?
Worth a try, but doubt it will make a difference. What needs to be done
is identify why the client and Squid gets out of sync. Either the client
is sending bad
ons 2009-09-30 klockan 15:35 +1200 skrev dmor...@tycoflow.co.nz:
I have now built another Squid server based on 3.0 STABLE19 but am
experiencing the same results.
I can resolve all non-FQDN addresses perfectly (across our three internal
domains) from the server command line yet Squid refuses
ons 2009-09-30 klockan 08:28 -0500 skrev Luis Daniel Lucio Quiroz:
Hi all,
Well, after implementing cache, in a heavy environment (with about 5k users)
I'm seeing that our squid is not freeing far enough objects, our 100GB disk
cache fills in 5 days. I wonder I misunderstood
tor 2009-10-01 klockan 07:45 -0400 skrev mic...@casa.co.cu:
Would like to make a script for my squid server then checks against
mysql search if the user is connected, compare against a file if the
user exists in that list, take the ip address that I assign freeradius
(stored in mysql)
tor 2009-10-01 klockan 23:01 +0200 skrev - leer -:
Dear guys,
I have running Squid 2.7 under SUSE.
And it works fine with a parent Squid in another network.
But when I use the IP to my webserver for example 192.168.0.1
I can't get the page, because Squid is trying to resolv the IP
with the
fre 2009-10-02 klockan 14:09 +1300 skrev Amos Jeffries:
Is this still usable with squid 3.x?
I believe so. There have been no problem reports here to my knowledge.
There is a small patch required for 2.6 or later at
http://www.henriknordstrom.net/code/
The cache storage systems have not
fre 2009-10-02 klockan 11:42 +0200 skrev Stefan Dengscherz:
i'm using 'external_acl_type' with a homebrew script to lookup remote
user ids via the windows registry at the moment because NTLM and
Kerberos did not work well in my environment.
Interesting. Can you provide more information on the
tis 2009-09-29 klockan 21:28 -0500 skrev David Boyer:
I've been using squid_ldap_auth (Squid 2.7, SLES 11) for basic
authentication, and it wasn't terribly difficult to set up. What
concerns me is the passing of credentials from the browser to Squid in
plain text. When we use basic
fre 2009-10-02 klockan 14:56 -0500 skrev Al - Image Hosting Services:
This is where I ran into problems. Both https and ftp are filtered fine
when configured in the browser, but don't work when just pushed to the
proxy though the software. Since the software runs on the end users
mån 2009-10-05 klockan 02:05 -0700 skrev Morphine.:
Recently I've observed squid hanging.
I've only noticed this on some forum websites such as
http://forums.overclockers.com.au
The Paige loads 100% (As far as i can observe) but still the page appears to
be loading, displaying the messages
mån 2009-10-05 klockan 22:56 +1300 skrev Amos Jeffries:
I'm not sure if that applies to this situation since it requires an
intermediate proxies to upgrade as well.
Ofcourse.
For the record, Chunked coding is in all current 3.x releases since
3.0.STABLE16.
That's just responses right?
tis 2009-10-06 klockan 00:07 +0200 skrev vincent.blon...@ing.be:
Hello all,
have somebody already get some experience with squid_ldap_group on squid
2.7.X because I try to find some info on what reasonable value I can
define for concurrency
None. This helper only supports the non-concurrent
mån 2009-10-05 klockan 17:09 +0100 skrev Gavin McCullagh:
we're seeing something odd on squid v2.6.18-1ubuntu3. I know this is an
old version and not recommended but I just thought I'd point it out to make
sure this has been fixed in a more recent version.
After some time running, a couple
tis 2009-10-06 klockan 10:46 -0300 skrev Sergio Belkin:
Does this limit each IP of the range up to 100 connections or the
whole range is limited up to 100?
Each.
Regards
Henrik
tis 2009-10-06 klockan 16:20 +0200 skrev ux...@enquid.net:
Hello all,
my problem is that squid does not send auth dialog box back to the client
(sender/browser) ie*, firefox etc.
simple example
http://upload.ftpserver.com (auth popup appears)
ftp://upload.ftpserver.com (popup
tis 2009-10-06 klockan 11:02 -0700 skrev skinnyzaz:
Is there a way to stop 2 users from using the same account at the same time
while behinde the same router? So to clarify, they will both have the same
external IP address. I am using AD to authenticate but am going to be
switching over to
tis 2009-10-06 klockan 14:53 -0400 skrev Ross Kovelman:
For some odd reason it is not blocking them. Any help would be appreciated!
You need to deny access based on that acl in http_access, somewhere
before where you allow access.
Regards
Henrik
tis 2009-10-06 klockan 12:38 +1100 skrev Daniel Rose:
I've been hunting, but I can't find any extra info on the
--enable-ntlm-fail-open configure argument.
Checking...
it's not really in use today. That parameter changes the old smb_ntlm
helper to indicate success instead of failure if it
tis 2009-10-06 klockan 16:55 -0400 skrev Ross Kovelman:
This is what I have for http_access:
http_access deny bad_url
http_access deny all bad_url
http_access deny manager
http_access allow manager localhost
http_access allow workdays
http_access allow our_networks
I would think
tis 2009-10-06 klockan 20:52 + skrev Hardeep Uppal:
I am using squid2.6-Stable22 on fedora 8 and i am trying to find
objects that are uncacheable in squid. Is there a way to make
access.log file give information about objects that squid will not cache. I
need to find number of
mån 2009-10-05 klockan 11:34 +0200 skrev ivan.ga...@aciglobal.it:
Hi,
my company are going to buy Websense web security suite.
It seems to be able to decrypt and check contents in ssl tunnel.
Is it really important to do this to prevent malicius code or dangerous
threat?
Any product
mån 2009-10-05 klockan 08:10 -0700 skrev tookers:
Hi Henrik,
Thanks for your reply. I'm getting TCP_MISS/200 for these particular
requests so the file exists on the back-end,
Are you positively sure you got that on the first one? Not easy to tell
unless there is absolutely no other status
tis 2009-10-06 klockan 19:32 -0400 skrev Miguel Cruz:
Thanks for the info. I've found some info on the net about setting up
squid for snmp but it seems everything I've found is outdated.
Not much have changed.
The Squid SNMP agent runs on the snmp_port configured in squid.conf and
support
tor 2009-10-08 klockan 08:10 -0700 skrev dtina...@gmail.com:
Here are the access.log related entries, filtered from the others:
Thu Oct 8 15:57:25 2009220 xx.xx.xx.xx TCP_MISS/302 1059 GET
http://profile.live.com/connect/?wa=wsignin1.0sa= -
DIRECT/64.4.24.246 text/html
Thu
tor 2009-10-08 klockan 20:29 +0200 skrev Stefan Dengscherz:
As you can see squid basically fingers the currently logged on user
from the registry using winexe (http://eol.ovh.org/winexe/). Keep in
mind this is rather a hack rather than a real authentication - it
won't even deny unknown users
ons 2009-10-07 klockan 14:04 -0700 skrev John Andrunas:
When trying to serve up swfobject.js
(http://code.google.com/p/swfobject/) from an apache server, it works
fine without squid, but with squid it truncates the file and never
fully loads it seems to get truncated at a random point. Any
ons 2009-10-07 klockan 16:21 -0400 skrev Miguel Cruz:
I've managed to get querying squid through snmp down. But that made
me notice that the amount of objects on my cache do not go down but
up... even after I blocked 1 of the squid servers...6 hours after and
the cache is still the same
fre 2009-10-09 klockan 02:47 -0700 skrev dtinazzi:
So Henrik,
can we say the problem is inside the proxy (nic, os, squid)? what can we
exclude?
The problem is outside the TCP/IP stack of the server where Squid runs.
The problem is not inside Squid.
Next steps is to
1. Run a packet capture
fre 2009-10-09 klockan 10:17 +0200 skrev Edgardo Ghibaudo:
Hello,
I'm using squid 3.0.STABLE12 in a production environment.
The Proxy is working correctly from more than 1 year.
Now I'm facing a problem concerning a specific URL
http://www.enaip.piemonte.it (ipaddr: 195.74.81.120).
fre 2009-10-09 klockan 09:33 -0400 skrev Mark Schall:
Peer 1 sends HTTP Request to Peer 2 with
www.tracker.com/someuniqueidentifierforchunkoffile in the header.
Would Squid or other Web Caches try to contact www.tracker.com instead
of the Peer 2, or will it forward the request onward to Peer
fre 2009-10-09 klockan 10:31 -0400 skrev Ross Kovelman:
I am unable to save this line in the squid.conf:
http_port 80 transparent issues
FATAL: Bungled squid.conf line 57: http_port 80 transparent
Squid Cache (Version 2.5.STABLE10): Terminated abnormally.
Any reason why? Its the 1st line
fre 2009-10-09 klockan 19:59 +0200 skrev - leer -:
Hello,
thanks for your advice.
I can't test it yet, because I have a problem with the
transparent proxy.
I used following command to redirect all incoming requests
on port 80:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j
fre 2009-10-09 klockan 20:47 +0200 skrev - leer -:
yes you can say it acting as gateway.
I tell you something about the network structure.
The local proxy server has two ethernet devices.
Sounds lika a router.
Do the clients have the proxy configured as default gateway?
Do the counters on
fre 2009-10-09 klockan 14:56 -0400 skrev Jones, Keven:
I have cleaned up my squid.conf. For some reason the img02.cprpt.com url
will not pull from the designated server:
http_port 80 accel defaultsite=img01.cprpt.com
cache_peer 172.19.23.91 parent 80 0 no-query originserver name=myAccel
fre 2009-10-09 klockan 16:07 -0500 skrev Andres Salazar:
Can every squid user get a different IP and max_body_size limit? or do
I need several instances of squid?
reply_body_max_size is acl driven, so yes there.
tcp_outgoing_address is also acl driven if you want to assign differnt
users
lör 2009-10-10 klockan 20:23 +0530 skrev sankar m:
I'm using digest_ldap_auth with Open Ldap combination for Digest
Authentication. It works well, but some users got authentication
failed. I'm able to get the valid hash from the LDAP server through
the command line,
Do these users have any
lör 2009-10-10 klockan 18:43 +0300 skrev Said Jaffer:
Hello,
I have a Centos configured as bridge, squid running in transparent mode,
tproxy.
I would like to exclude few IP from not being redirected, as few
routers are getting spoofing errors.
the below rule is running,
iptables -t
--enable-cache-digests --enable-poll --enable-truncate
--enable-removal-policies --enable-auth=basic digest
--enable-auth-basic-helpers=squid_radius_auth
--enable-digest-auth-helpers=ldap
On 10/11/09, Henrik Nordstrom hen...@henriknordstrom.net wrote:
lör 2009-10-10 klockan 20:23 +0530
fre 2009-10-09 klockan 18:26 +1300 skrev Amos Jeffries:
Beyond that there is a lot of small pieces of work to make Squid capable
of contacting P2P servers and peers, intercept seed file requests, etc.
There is also the related topic of how to fight bad feeds of corrupted
data (intentionally
mån 2009-10-12 klockan 16:48 +0200 skrev Ralf Hildebrandt:
* Amos Jeffries squ...@treenet.co.nz:
Ralf Hildebrandt wrote:
I'm running squid in this setup:
client - squid - dansguardian - squid - teh interwebs
When using 2.7-STABLE-7 for both squid instances, I saw about 100
mån 2009-10-12 klockan 12:42 -0400 skrev Ross Kovelman:
I just did this which works but:
acl workdays time MTWHF 8:30-12:00
acl free time MTWTF 12:00-13:30
acl workdays time MTWHF 13:30-18:00
#acl free time MTWTF 18:00-24:59
acl free time MTWTF 1:00-8:30
Except I can not get 18:00 to
mån 2009-10-12 klockan 23:12 -0400 skrev Ross Kovelman:
I use a file called bad_url.squid to represent sites I want blocked. I
think I have reached a limit to what it can hold as when I do a reconfigure
it could take a few minutes for the data to be scanned and processing power
gets sucked
tis 2009-10-13 klockan 11:19 -0500 skrev Andres Salazar:
Hello,
Iam wanting to pass the option of tcp_outgoing_address when I run the
command to refresh or reload the config file. This so that every hour
I can rorate with a cron the IP that squid uses to browse the
internet.
Is this
tis 2009-10-13 klockan 16:02 +0200 skrev Maurizio Marini:
i do not want black google, in any way
1255441944.777897 192.168.16.185 TCP_DENIED/403 1914 GET
http://www.google.it/extern_js/f/CgJpdBICaXQrMAo4OywrMA44BywrMBY4ECwrMBc4AywrMBg4BCwrMCU4yYgBLCsw
JjgFLCswJzgCLA/q-yuc4QxqeE.js -
ons 2009-10-14 klockan 07:04 +1300 skrev Pieter De Wit:
Ah - this is what I was looking formakes me wonder...i might change
my setup :)
So tcp_outgoing_address supports ACL's tagged to it, so you could have
something like
Yes.
tis 2009-10-13 klockan 14:52 -0300 skrev Mariel Sebedio:
I can see that when I request a page it takes a long time to appear on
my browser, and If at that moment I look at the option Client-side
Active Requests on the statistics, I can't see anything referring to my
request
Check you
ons 2009-10-14 klockan 07:48 +1300 skrev Pieter De Wit:
If I say something like squid -k reconfigure -f
/etc/squid/squid_other.conf (which has a different pid setting) will it
send the single to the other squid, or all of them ?
Just the pid corresponding to that squid config file
I think you have encountered some internal bug. Please file a bug report
at http://bugs.squid-cache.org/
mån 2009-10-12 klockan 20:13 +0530 skrev sankar m:
Dear Sir,
On Mon, Oct 12, 2009 at 7:51 PM, Henrik Nordstrom
hen...@henriknordstrom.net wrote:
Which Squid version?
Squid 3.0
ons 2009-10-14 klockan 00:19 -0400 skrev Ross Kovelman:
Thanks again! Although the limited searching I have done can you point me
in the direction to find out to bring up the re-writer and its speed? Yes I
am only running 1.
If you are only running 1 and it does not support the concurrent
ons 2009-10-14 klockan 15:17 -0400 skrev Miguel Cruz:
Is there any known security problems for squid when handleing 206
request codes or PROPFIN?
Not that I know of no.
I saw some queries get to my squid servers that are really different
from the rest of the queries, thats why I ask.
tor 2009-10-15 klockan 15:37 +0300 skrev Kaya Saman:
Then I tried adding the proxy=PASS statement to the bottom of the code
as in: cache_peer_access server_1 allow sites_server_1 proxy=PASS
Should be login=PASS, and specified in cache_peer server_1, not
cache_peer_access.
Regards
Henrik
fre 2009-10-16 klockan 15:30 -0500 skrev Andres Salazar:
The problem is that intermittently during the day one or another user
for a few minutes opens pagesand they just take forever to download.
The strange part is that when it happens to some users it doesnt
happen simulteanously to all the
fre 2009-10-16 klockan 20:47 -0400 skrev Matt Weisberg:
Out of curiosity, what happened with 3.0 such that this does not work
in that version?
Squid-3 development started from Sqiod-2.5 many years ago, and not all
features added to Squid-2 during Squid-3 were in development have made
it to
mån 2009-10-19 klockan 14:44 +1300 skrev Amos Jeffries:
http_access allow timothy timothys_schooltime whitelist_sos
http_access deny timothy all
The final line there does not permit Squid to challenge for
authentication. I assume you have some other way to make the browser
send it
mån 2009-10-19 klockan 20:33 +1100 skrev Stonie:
https_port 443 cert=/root/mysslsite.crt key=/root/mysslsite.key
defaultsite=www.mysslsite.com.au vhost vport
That should probably be
https_port you.external.ip:443
mån 2009-10-19 klockan 14:26 +0200 skrev anti spamЯ:
I have 4 different squid servers (three running squid-2.7.STABLE7 and
one squid-3.0.STABLE16) working on different subnets, and I'd like to
centralize their access.log entries to a remote log server.
My recommendation would be to log to
mån 2009-10-19 klockan 06:24 -0700 skrev Nadeem Semaan:
I have configured named on the machine running squid to retrieve the
forward and reverse zones from my DNS server (windows). I also have
squid configured to log the fqdn (log_fqdn on). I have also tries
playing around with the
tis 2009-10-20 klockan 07:45 +1100 skrev Stonie:
Thanks for the reply Henrik,
Still the same symptoms with those settings.
I have tried both
https_port my.external.ip:443
https_port my.external.ip:443 cert=/root/mysslsite.crt
key=/root/mysslsite.key defaultsite=www.mysslsite.com.au
tis 2009-10-20 klockan 23:47 +1100 skrev Stonie:
Henrik,
Your help is much appreciated, I have the following after a restart:
r...@squidvm:~# /etc/init.d/squid restart
Restarting Squid HTTP proxy: squidEnter PEM pass phrase:
Right.. that won't work. IF using an encrypted SSL key then you
fre 2009-10-23 klockan 14:27 +0100 skrev Matt Richards:
Is it possible to try this authentication and if it fails then don't
popup a login box but either try another type of authentication or continue.
No, but if you can identify these machines by IP then excluding them
from authentication
mån 2009-10-26 klockan 14:10 +0200 skrev Michael da Silva Pereire:
I was hoping I could use squid and setup a few url rejects on the
standard, INSERT, DELETE, and UPDATE junk.
But doing this for a POST is proving to me more difficult, the url or
auth external scripts aren't passed the
sön 2009-10-25 klockan 23:18 -0500 skrev Dimitri Syuoul:
Iam a squid-2.7.STABLE6 , and iam very curious as to why the twist ?
Ive been noticing that sometimes when the users surf the internet the
browser on specific sites just waits and waits for more data (even
though the site apparently
lör 2009-10-24 klockan 17:23 -0200 skrev Joao S Veiga:
I shrank the script to a minimum, just to isolate the problem:
##
yankee:/var/log/squid3# cat /usr/local/bin/webl.pl
#!/usr/bin/perl
use warnings;
use strict;
$_=1;
here is the error. Should be
sön 2009-10-25 klockan 11:10 + skrev Gavin McCullagh:
does anyone have a definitive answer on this? I get the
collapsed request STALE!
It means collapsed_forwarding_timeout have elapsed for the original
request, and this new request will get forwarded.
harmless issue in terms of
lör 2009-10-24 klockan 11:20 +0700 skrev johan firdianto:
- do squid -z
but it warns Squid is already running! Process ID 15557
any idea ?
Temporarily change squid.conf to use another pid_filename.
I would recommend to also comment out any other cache_dir lines than the
one you want to
lör 2009-10-24 klockan 17:02 -0500 skrev Luis Daniel Lucio Quiroz:
I've configure my squid 3.0.19 tu use https_port but I'm getting these
errors.
My biggest doubt is whoi is FD13 because log does not show it.
What does the cachemgr filedescriptors page say?
Regards
Henrik
mån 2009-10-26 klockan 15:49 -0400 skrev Ross Kovelman:
I get a message from AVC:
Summary:
SELinux is preventing squid (squid_t) write to ./logs (usr_t).
SELinux is preventing squid (squid_t) append to ./access.log (usr_t).
You need to modify your SELinux policy to allow squid_t write
ons 2009-10-28 klockan 11:22 -0600 skrev bergenp...@comcast.net:
When squid is talking to a cache_peer, is there a way to tell squid that
if it gets a 404 back, to then send the request to the origin?
Not sure.. it may if you respond with 500, but not sure about 404..
And why do you need it
ons 2009-10-28 klockan 16:13 -0600 skrev bergenp...@comcast.net:
Does sibling require ICP? I thought by setting the no-query option, ICP
wasn't used to that cache_peer... ?
cache-digests also works..
it needs some means of knowing what content is held by the sibling,
otherwise no requests
tor 2009-10-29 klockan 12:30 -0700 skrev ant2ne:
Can squid do redirection? For example, instead of microsoft's run once
website loading (http://runonce.msn.com/runonce2.aspx), I'd like to redirect
the browser to our internal home page.
Yes.
How would I accomplish this?
Either using
tor 2009-10-29 klockan 11:55 -0700 skrev Evuraan:
ref, http://www.squid-cache.org/Doc/config/refresh_pattern/
if i wanted to ensure that *all* objects without explicit expiry time
should be considered fresh for 4320
seconds, what do I set?
#1:
refresh_pattern . 0 20%
fre 2009-10-30 klockan 13:33 +1300 skrev Amos Jeffries:
Yes. The magic is not complete and has a point of failure.
Another idea. Why don't we address this in another way, making
tcp_outgoing_address select an IPv4+IPv6 pair of addresses?
I don't see how it can be made to work properly for
fre 2009-10-30 klockan 14:01 +1300 skrev Amos Jeffries:
I'm looking at a few approaches;
having Squid kick off the DNS test earlier on in the processing. So
that the data may be available later as needed, but not hold up the
processing.
I think the right there is to move tcp_outgoing_*
lör 2009-10-31 klockan 21:23 +0800 skrev Hendrik Suantio:
Basically internet explorer or other browser will automatically insert
username foo\jack and password the same as login password for the
authentication, but when I check with :
No it won't.
MSIE can perform authmatic NTLM
lör 2009-10-31 klockan 15:32 -0700 skrev nitinnitin18:
I configured squid to use redirector behind another squid proxy of our
institute.
It is working fine when i am using it to redirect it to another constant url
like http://www.google.com/
what i want to do is to redirect each request url
sön 2009-11-01 klockan 03:19 -0500 skrev Celejar:
1257062417.219 0 127.0.0.1 TCP_HIT/200 43846 GET
http://wordpress.org/development/feed/ - NONE/- text/xml
1257062446.025129 127.0.0.1 TCP_REFRESH_HIT/304 461 GET
http://wordpress.org/development/feed/ - DIRECT/72.233.56.138
fre 2009-10-30 klockan 22:40 -0400 skrev Brian J. Murrell:
On Sat, 2009-10-31 at 12:00 +1300, Amos Jeffries wrote:
An option to simply turn IPv6 off is not possible at run time. A rebuild
of Squid is needed to fully disable IPv6.
:-( But I don't even really want to disable IPv6. My
mån 2009-11-02 klockan 23:42 +1300 skrev Amos Jeffries:
IME, I think sending the correct realm or domain in the NTLM or
Negotiate auth headers may prevent clients attempting auth with a known
mechanism if they are not part of the domain.
If Microsoft had thought about using the required
mån 2009-11-02 klockan 23:47 +1300 skrev Amos Jeffries:
Make sure that the mib.txt you/mrtg are using came from the 3.1 source
code. There have been major changes to the MIB numbering in 3.1.
Hmm.. what kind of changes?
MIB numbering should never change. Old numbers may cease to exists when
mån 2009-11-02 klockan 09:23 -0500 skrev Roth, Joe:
I compiled 3.1.0.14 with the --enable-linux-netfilter option and
installed.
Is there any way for me to check that squid is properly enabling the
kernel option?
The needed kernel option is enabled by iptables, not Squid.
The compile +
mån 2009-11-02 klockan 16:07 + skrev Adam Binks:
My question is, without using routed static IP's at each site, is it
possible to have squid detect the different end users at each site ?
Only if you figure out some other means of differentiating the users at
the TCP/IP level. I don't.
tis 2009-11-03 klockan 11:26 +1300 skrev Amos Jeffries:
This requirement is met by adding a cache_peer directive for each back-end
Apache server. Then using cache_peer_access and ACL of the myip type
limiting the requests passed to each peer to be those received on the
matching input IP.
But
501 - 600 of 11697 matches
Mail list logo