On 25/09/2015 4:09 a.m., Alex Rousskov wrote:
>
> The attached patch for Squid v3.3.11 changes the port sharing algorithm
> to minimize memory usage (at the expense of registration time). Please
> see the patch preamble for technical details. The patch worked with 3K
> ports (24 workers * 128 http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Absolutely.
25.09.15 2:13, Amos Jeffries пишет:
> Problems with SSL-Bump are more legal related than technical.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQEcBAEBCAAGBQJWBGMTAAoJENNXIZxhPexGd78H/2LyU5wK7nlOgbWUVE2jGUAm
Y6paNJn8yi+Erv5+rAS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Aha. Good news. This is something already.
25.09.15 1:57, Amos Jeffries пишет:
> On 25/09/2015 2:13 a.m., Yuri Voinov wrote:
>>
>> 24.09.15 7:12, Amos Jeffries пишет:
>>> On 24/09/2015 2:04 a.m., Yuri Voinov wrote:
Through assertion and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Heh. The same question I've asked early.
Condolences. You can try at your own risk. But B1 security and your
full responsibility.
25.09.15 1:32, Jorgeley Junior пишет:
> So, if my traffic are more https than http there's no need to use squid.
On 25/09/2015 2:15 a.m., FredB wrote:
> Hi,
>
> I have a problem with acl and cache_peer
>
> I'm trying to allow (and deny for others) a list of destinations,
> destinations only used by some browsers with this cache_peer
> Something like this
>
> acl webnoid dstdomain test.fr
>
> acl browsen
On 25/09/2015 8:26 a.m., Alex Rousskov wrote:
> On 09/24/2015 02:10 PM, Ahmad Alzaeem wrote:
>
>> If I use 2k ips with 2 worker , squid works ok If I use 10kbports without
>> SMP , squid is ok
>> With 10K + 2 workers , we have reg timeout
>
> The bigger (workers * ports) product is, the more li
On 09/24/2015 02:10 PM, Ahmad Alzaeem wrote:
> If I use 2k ips with 2 worker , squid works ok If I use 10kbports without SMP
> , squid is ok
> With 10K + 2 workers , we have reg timeout
The bigger (workers * ports) product is, the more likely you are to run
out of the UDS buffer space because u
On 25/09/2015 7:13 a.m., Yuri Voinov wrote:
>
> First. This is potentially dangerous. Can you guarantee your proxy never
> has physical/network access by intruders? HTTPS can contain sensitive
> data. You really sure you want problems with users? AS a minimum you
> need protect your proxy at level
Hi alex
Thanks for answering me
As I told you
If I use 2k ips with 2 worker , squid works ok If I use 10kbports without SMP ,
squid is ok
With 10K + 2 workers , we have reg timeout
I have already added that key u mentioned below which is :
net.local.dgram.recvspace = 1262144
But I have
Wh
On 25/09/2015 2:13 a.m., Yuri Voinov wrote:
>
> 24.09.15 7:12, Amos Jeffries пишет:
>> On 24/09/2015 2:04 a.m., Yuri Voinov wrote:
>>>
>>> Through assertion and then restarts squid:
>>>
>>> 2015/09/23 20:03:25 kid1| Validated 35899 Entries
>>> 2015/09/23 20:03:25 kid1| store_swap_size = 173076
On 25/09/2015 12:55 a.m., sabriasat Nouri wrote:
> any one can share SQUID 3.3.8 config with me ? i want that config
> allow only ips range 197.9.x.x and 197.8.x.xi want that config
> disallow access to cgi-bin urls too and any good optimisation are
> welcome
>
The FAQ on access controls is at
So, if my traffic are more https than http there's no need to use squid.
Man, most of sites are https, what's the purpose of using squid?
2015-09-24 16:13 GMT-03:00 Yuri Voinov :
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> First. This is potentially dangerous. Can you guarantee your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
First. This is potentially dangerous. Can you guarantee your proxy never
has physical/network access by intruders? HTTPS can contain sensitive
data. You really sure you want problems with users? AS a minimum you
need protect your proxy at level B2
On 09/24/2015 08:54 AM, Ahmad Alzaeem wrote:
> If I run it with no SMP 1 listenting ports , it works ok and problem
>
> If I run squid with 1 listening port with 2 workers èkid timeout
> registeration
> 2015/09/24 14:51:25 kid2| Closing HTTP port [::]:29995
> 2015/09/24 14:51:25 kid2|
So stupid, just a problem with webnoid dstdomain - "."test.fr was needed for
some requests -
acl all-of his a very great feature !
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Hi support .
Im using my squid as proxy for IPV6
I can use 2000 ips with 2 workers and no problem
The problem is
If I run it with no SMP 1 listenting ports , it works ok and problem
If I run squid with 1 listening port with 2 workers ==>kid timeout
registeration
If I run it wi
Can we do that to cache https?
http_port 3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/etc/monkey.pem
2015-09-24 11:24 GMT-03:00 Jorgeley Junior :
> Is it not possible to cache the https due the encryption?
>
> 2015-09-18 9:44 GMT-03:00 Antony S
Is it not possible to cache the https due the encryption?
2015-09-18 9:44 GMT-03:00 Antony Stone :
> On Friday 18 September 2015 at 14:27:42, Jorgeley Junior wrote:
>
> > there is a way to improve it?
>
> Improve what? The percentage of your traffic which is cached, or the
> accuracy
> of the in
Hi,
I have a problem with acl and cache_peer
I'm trying to allow (and deny for others) a list of destinations, destinations
only used by some browsers with this cache_peer
Something like this
acl webnoid dstdomain test.fr
acl browsenoid "/etc/squid/browser"
cache_peer_access test2 allow brow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
24.09.15 7:12, Amos Jeffries пишет:
> On 24/09/2015 2:04 a.m., Yuri Voinov wrote:
>>
>> Through assertion and then restarts squid:
>>
>> 2015/09/23 20:03:25 kid1| Validated 35899 Entries
>> 2015/09/23 20:03:25 kid1| store_swap_size = 1730768.
any one can share SQUID 3.3.8 config with me ?
i want that config allow only ips range 197.9.x.x and 197.8.x.xi want that
config disallow access to cgi-bin urls too and any good optimisation are welcome
thank you __
On 24/09/2015 7:30 p.m., Marko Cupać wrote:
> On Sun, 20 Sep 2015 21:43:26 +1200
> Amos Jeffries wrote:
>
>> On 17/09/2015 7:24 p.m., Marko Cupać wrote:
>>> On Thu, 17 Sep 2015 03:00:56 +1200
>>> Amos Jeffries wrote:
>>>
On 17/09/2015 12:37 a.m., Marko Cupać wrote:
> Hi,
>
> I'm
On Sun, 20 Sep 2015 21:43:26 +1200
Amos Jeffries wrote:
> On 17/09/2015 7:24 p.m., Marko Cupać wrote:
> > On Thu, 17 Sep 2015 03:00:56 +1200
> > Amos Jeffries wrote:
> >
> >> On 17/09/2015 12:37 a.m., Marko Cupać wrote:
> >>> Hi,
> >>>
> >>> I'm trying to setup squid in a way that it authentica
>
> If you want to achieve highest performance it is best to resolve that
> process collision issue. The wrongly indexed entries will be causing
> others to get expired earlier and maybe reduce HIT rate on them.
>
> The (rather large amount of) extra work Squid is doing to cope with
> the
> miss
24 matches
Mail list logo
