Hi Alex
Thanks
The information provided is very useful.
Although ICAP is not used, the log configuration is active.
Let's validate the first leads you've given us
regards
Le 18/03/2025 à 15:07, Alex Rousskov a écrit :
On 2025-03-18 06:25, David Touzeau wrote:
We note that Squid
We note that Squid performs a client DNS PTR query each time client
sends query.
We have taken care to ensure that
* that the log model does not use machine names
* No acls concerning workstation hostnames are added.
We use kerberos authentication with Squid: is
negotiate_kerberos_auth/p
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-u
Hello
Is there any way or development plan to include “proxy-protocol” in
cache_peer?
Squid is able to listen for proxy-protocol, but I haven't seen how to
use this protocol when redirecting to Squid parents with proxy-protocol
enabled.
Thank you very much.
Thanks Alex
It Works by adding --without-gnutls !
Le 21/08/2024 à 16:02, Alex Rousskov a écrit :
On 2024-08-21 09:37, David Touzeau wrote:
Configure:
./configure --prefix=/usr --build=x86_64-linux-gnu
--includedir=/include --mandir=/share/man --infodir=/share/info
--localstatedir=/var
erence to
`EVP_MD_type'
How i can fix it ?
--
David Touzeau - Artica Tech France
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
Do you consider pfsense freebsd or openbsd based, becaause it does work,
it does not in squid 6.6 requires a different ./ command in squid 5.8 you
can just enable it
On Sat, 13 Jul 2024, Andrea Venturoli wrote:
On 7/13/24 00:28, Jonathan Lee wrote:
For the HTTP and https derivative is it bet
or testing performance but
well-known and very simple.
Alex.
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team, level
Date: Thu, 11 Apr 2024 09:55:14 +
From: PinPin Poola
To:"squid-users@lists.squid-cache.org"
Subject: [squid-users] Squid as a http/https transparent web proxy in
2024 do I still have to build from source?
Message-ID:
Content-Type: text/plain; charset="is
http-only site.
David
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
liezer
___
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
mailto:squid-users@lists.squid-cache.org
https://lists.sq
Thank Alex
This will fix the issue!
Le 31/01/2024 à 17:43, Alex Rousskov a écrit :
On 2024-01-31 09:23, David Touzeau wrote:
Hi %note is used by our external_acls and for log other tokens
And we use also Group as token.
it can disabled by direcly removing source kerberos code before
Hi %note is used by our external_acls and for log other tokens
And we use also Group as token.
it can disabled by direcly removing source kerberos code before
compiling but i would like to know if there is another way
Le 31/01/2024 à 14:36, Andrey K a écrit :
Hello, David,
> Anyway
Anyway to remove these entries from the log ?
Le 31/01/2024 à 10:01, Andrey K a écrit :
Hello, David,
group values in your logs are BASE64-encoded binary AD-groups SIDs.
You can try to decode them by a simple perl script sid-reader.pl
<http://sid-reader.pl> (see below):
BIB%0D%0Aaccessrule:%20final_allow%0D%0Afirst:%20ERROR%0D%0Awebfilter:%20pass%0D%0Aexterr:%20invalid_code_431%0D%0A
ua="-" exterr="-|-"|
--
David Touzeau - Artica Tech France
Development team, level 3 support
--
P: +33 6 58 44 69 46
www:https:
On 11/27/23 11:36, Amos Jeffries wrote:
On 27/11/23 23:05, David Komanek wrote:
On 11/27/23 10:40, Amos Jeffries wrote:
On 27/11/23 22:21, David Komanek wrote:
here are the debug logs (IP addresses redacted) after connection
attempt to https://samba.org/ :
...
2023/11/27 09:58:07.370
On 11/27/23 11:36, Amos Jeffries wrote:
On 27/11/23 23:05, David Komanek wrote:
On 11/27/23 10:40, Amos Jeffries wrote:
On 27/11/23 22:21, David Komanek wrote:
here are the debug logs (IP addresses redacted) after connection
attempt to https://samba.org/ :
...
2023/11/27 09:58:07.370
On 11/27/23 10:40, Amos Jeffries wrote:
On 27/11/23 22:21, David Komanek wrote:
here are the debug logs (IP addresses redacted) after connection
attempt to https://samba.org/ :
...
2023/11/27 09:58:07.370 kid1| 11,2| Stream.cc(274)
sendStartOfMessage: HTTP Client REPLY:
-
HTTP/1.1
Date: Thu, 23 Nov 2023 01:44:30 +1300
From: Amos Jeffries
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] how to avoid use http/1.0 between squid and
the target
Message-ID:
Content-Type: text/plain; charset=UTF-8; format=flowed
On 22/11/23 23:03, David Komanek wrote
? I am not aware
of any configuration directives which could cause this.
browsers: chrome, firefox (both updated)
squid: freebsd package (now version 6.5, but the I had the same problem
with 5.9 before)
Thanks in advance for some hints here.
Best regards,
David Komanek
Charles University
d to keep splay tree searching predictable
2023/10/02 20:18:50| WARNING: You should probably remove
'64.34.72.230' from the ACL named 'GlobalWhitelistDSTNet'
2023/10/02 20:18:50| WARNING: (B) '64.34.72.232' is a subnetwork of
(A) '64.34.72.232'
According
0/02 20:18:50| WARNING: You should probably remove '64.34.72.230'
from the ACL named 'GlobalWhitelistDSTNet'
2023/10/02 20:18:50| WARNING: (B) '64.34.72.232' is a subnetwork of (A)
'64.34.72.232'
According to all warning, Squid won't start with this error
*202
Many thanks Francesco !!
On 17/09/2023 16:55, Francesco Chemolli wrote:
Hi David,
PR 1481 <https://github.com/squid-cache/squid/pull/1481> should
address your problem, it needs to be reviewed,
merged to trunk, and backported to v6 so don't hold your breath,
but it should be just
.
regards
On 28/08/2023 22:46, Francesco Chemolli wrote:
Hi David,
you should use
itchart_=PASS
The trailing underscore signals Squid that this is a custom header.
On Mon, Aug 28, 2023 at 3:54 PM David Touzeau
wrote:
Hi
Since 6.2 ( aka migrating from 5.8 )
Squid claim about
e: If this is a custom annotation, rename it to add a trailing
underscore: itchart_
current master transaction: master278
Did the helper instead of "itchart=PASS" must send
"itchart_=PASS"
or
"itchart_PASS"
?
--
David Touzeau - Artica Tech
l
disable all "deny" rules.
I'm wrong ?
On 24/04/2023 11:22, Amos Jeffries wrote:
On 24/04/2023 11:33 am, David Touzeau wrote:
We have a "problem" with ACLs, and I don't know how to address this
situation in Squid 5.8
Let me explain:
We have an Active Director
We have a "problem" with ACLs, and I don't know how to address this
situation in Squid 5.8
Let me explain:
We have an Active Directory group named limited_users that is only
allowed to surf on a very limited list of websites.
These users are therefore forbidden to surf on all sites not listed in
Thanks Amos for this clarification,
We also have the same needs and indeed, we face with the same approach.
It is possible that the structure of Squid could not, in some cases,
recovering this type of information.
Although the concept of a proxy is neither more nor less than a big
browser that
Thanks Amos for this clarification,
We also have the same needs and indeed, we face with the same approach.
It is possible that the structure of Squid could not, in some cases,
recovering this type of information.
Although the concept of a proxy is neither more nor less than a big
browser that
/uisproxy-rop@***.***.CORP
3 11/16/2022 11:30:50 host/uisproxy-rop@***.***.CORP
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development team
cover a LOT of things. All of which are outside of Squid's domain.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
David Touzeau - Artica Tech France
Development t
mote=192.168.1.13:62858 FD 21 flags=1
2022/10/12 22:29:49.477 kid3| 11,2| Stream.cc(280) sendStartOfMessage:
HTTP Client REPLY:
-
HTTP/1.1 502 Bad Gateway
Mime-Version: 1.0
Date: Wed, 12 Oct 2022 20:29:49 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 506470
X-Squid-Error: ERR_READ_ERRO
Hi
We using squid 5.7 after adding ssl-bump we have sometimes several 502
error with extended error ERR_READ_ERROR|WITH_SERVER
1665589818.831 11 192.168.1.13 NONE_NONE/502 192616 OPTIONS
https://www2.deepl.com/jsonrpc?method=LMT_split_text - HIER_NONE/-:-
text/html mac="68:54:5a:94:e7:5
Hi
We have some experience on cluster configuration.
https://wiki.articatech.com/en/proxy-service/hacluster
As using Kubernetes for Squid and for 40K users is a very "risky adventure".
Squid requires a very high disk performance (I/O) which means both a
good hard disk drive and a decent contr
Hi Eric.
We had the same restrictions with the fast or slow ACLs.
Have you thought about creating a squid helper that calculates your needs?
So maybe you can get around this by using the acl "note" acl note xxx
xxx which turns your helper results (slow) into "fast".
Le 05/09/2022 à 14:56, PE
GMT
Server: Apache/2.4.6 (CentOS) PHP/7.1.26
Set-Cookie: tickets[InDesign]=1ae95903t3jY2HDSgfvoEsfpsibbkf9mlNZ4eDjA;
expires=Wed, 31-Aug-2022 10:52:05 GMT; Max-Age=86400; path=/webserver;
HttpOnly
X-Powered-By: PHP/7.1.26
Content-Length: 266
Connection: keep-alive
Again thank you for you time.
David
22 01:31, David Ferreira wrote:
> > Hi Amos,
> >
> > Thank you for the reply,
> >
> > here's my squid.conf, by default our client's(localnet) do not have
> > internet access and only match windows services acl's unless they are in
> > a
86_64/squid-4.15-3.module_el8.6.0+3010+383bc947.1.x86_64.rpm.html
Rocky 9 :
https://almalinux.pkgs.org/9/almalinux-appstream-x86_64/squid-5.2-1.el9_0.1.x86_64.rpm.html
Thank you!
On Mon, 29 Aug 2022 at 13:36, Amos Jeffries wrote:
> On 29/08/22 22:17, David Ferreira wrote:
> > hi,
>
00
Send failure: Connection was aborted (55)
"
Thanks in advance,
David
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
http://lists.squid-cache.org/listinfo/squid-users
--
Technical Support
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*
P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
___
Hi Eliezer
if you want to do transparent mode without having to put squid squidboix
in front of your fortinet.
If you want to do transparent mode while your fortinet aggregates
several VLANs, the WCCP mode is necessary
So you can control everything through your fortigate
By the way, fortin
CCP server available.
Le 23/06/2022 à 18:33, ngtech1...@gmail.com a écrit :
Hey David,
Just trying to understand something:
Aren’t Fortinet something that should replace squid?
I assumed that it should do a much better job then Squid in many aeras.
What a Fortinet(I have one…) is not coverin
testing to be done.
Le 23/06/2022 à 14:44, Alex Rousskov a écrit :
On 6/21/22 07:43, David Touzeau wrote:
We trying to using WCCP with Fortigate without success Squid version
5.5 always claim "Ignoring WCCPv2 message: truncated record"
What can be the cause ?
The most likely cause a
Hi
We trying to using WCCP with Fortigate without success Squid version
5.5 always claim "Ignoring WCCPv2 message: truncated record"
What can be the cause ?
We have added a service ID 80 on fortigate
config system wccp
edit "80"
set router-id 10.10.50.1
set group-address
al Support
*David Touzeau*
Orgerus, Yvelines, France
*Artica Tech*
P: +33 6 58 44 69 46
www: wiki.articatech.com <https://wiki.articatech.com>
www: articatech.net <http://articatech.net>
___
squid-users mailing list
squid-users@list
Hi
added exterr="%err_code|%err_detail" in logging and result return some
request with ERR_PROTOCOL_UNKNOWN|exception=18686e4e
1646498399.887 46 176.12.1.2 NONE_NONE/000 0 CONNECT 62.67.238.138:443 -
HIER_NONE/-:- exterr="ERR_PROTOCOL_UNKNOWN|exception=18686e4e"
What does "exception=18686e
o place the user=xxx switch for the next processing.
It almost looks like the "ident" method
http://www.squid-cache.org/Misc/ident.html
Without having to install a piece of software and a listening port on
all the computers in the network
Le 14/02/2022 à 19:50, Eliezer Croitoru a écr
te.
I try to find a way directly in the HTTP protocol.
This is the reason why a fake could be a solution.
But I think I'm trying to catch a chimera and we'll have to redesign the
network architecture.
regards
Le 12/02/2022 à 06:27, Eliezer Croitoru a écrit :
Hey David,
The general
tabase and will be rejected.
I don't need to argue about the security value of this method. It saves
us from setting up a gas factory to make a kind of HotSpot
Le 11/02/2022 à 05:55, Dieter Bloms a écrit :
Hello David,
for me it looks like you want to use kerberos authentication
atabase.
This is to avoid any connection to an Active Directory
Maybe this is impossible
Le 10/02/2022 à 05:03, Amos Jeffries a écrit :
On 10/02/22 01:43, David Touzeau wrote:
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support
new protocols
ntlm_* helpers are specific to
Hi
I would like to sponsor the improvement of ntlm_fake_auth to support new
protocols or go further produce a new negotiate_kerberos_auth_fake
Who should start the challenge?
regards___
squid-users mailing list
squid-users@lists.squid-cache.org
http
You are the best,
We will launch a benchmark to see the diff
Le 07/02/2022 à 16:14, Eliezer Croitoru a écrit :
Hey David,
Since the handle_stdout runs in it’s own thread it’s sole purpose is
to send results to stdout.
If I will run the next code in a simple software without the 0.5 sleep
?
Le 06/02/2022 à 11:46, Eliezer Croitoru a écrit :
Hey David,
Not a fully completed helper but it seems to works pretty nice and
might be better then what exist already:
https://gist.githubusercontent.com/elico/03938e3a796c53f7c925872bade78195/raw/21ff1bbc0cf3d91719db27d9d027652e8bd3de4e
00:27 2:54 python
/lib/squid3/external_acl_first
squid 105858 91.8 0.6 367228 49728 ? SNl 00:27 2:52 python
/lib/squid3/external_acl_first
I did not find where it should be...
Le 06/02/2022 à 11:46, Eliezer Croitoru a écrit :
Hey David,
Not a fully completed helper but it
Elizer,
Thanks for all this advice and indeed your arguments are valid between
opening a socket, sending data, receiving data and closing the socket
unlike direct access to a regex or a memory entry even if the
calculation has already been done.
But what surprises me the most is that we have
Hi Elizer
You are right in a way but when squid loads multiple helpers, each
helper will use its own cache.
Using a shared "base" allows helpers to avoid having to compute a query
already found by another helper who already has the answer.
Concerning PHP what we find strange is that with our
Is adapted_http_access supporting url_rewrite_program ? It seems only
supports ecap/icap
Le 31/01/2022 à 03:52, Amos Jeffries a écrit :
On 31/01/22 13:20, David Touzeau wrote:
But it makes 2 connections to the squid for just stopping queries.
It seems not really optimized.
The joys of
Hi
I have built my own squid url_rewrite_program
protocol requires answering with
# OK status=301|302 url=
Or
# OK rewrite-url="http://blablaba";
In my case, especially for trackers/ads i would like to say to browsers:
"Go away !" without need them to redirect.
Sure i can use these methods
Hi
We used Squid 5.2 and we see that security_file_certgen consume I/O
Is there any way to put the ssldb in memory without need to mount a tmpfs ?
regards
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/list
Hi
Working like a charm !!!
Many thanks!!
Le 26/11/2021 à 17:43, Alex Rousskov a écrit :
On 11/25/21 4:46 PM, David Touzeau wrote:
We need to add %note added from external helper using a deny_info and
specific squid error page.
tried with %o or %m without success
Is there a token to build
Hi,
We need to add %note added from external helper using a deny_info and
specific squid error page.
tried with %o or %m without success
Is there a token to build an error page with an external acl helper output ?
Regards___
squid-users mailing li
Hi
According to your documentation,
cache dir rock : objects larger than 32,000 bytes cannot be cached
if aufs cannot be implemented in SMP configuration how can we handle
larger files in cache ?
Le 23/11/2021 à 11:01, David Touzeau a écrit :
Ok thanks, we will investigate in this way
Le 22
Hi community,
tlu.dl.delivery.mp.microsoft.com is from the app store and it encounters
an issue with high bandwidth usage.
We think that it was caused because Squid filtering the HTTP Range
header from the HTTP requests.
This caused the app store download everything in an endless loop
We know
Ok thanks, we will investigate in this way
Le 22/11/2021 à 19:33, Alex Rousskov a écrit :
On 11/22/21 12:48 PM, David Touzeau wrote:
Here our SMP configuration:
workers 2
cache_dir rock /home/squid/cache/rock 0 min-size=0 max-size=131072
slot-size=32000
if ${process_number} = 1
256
min-size=131072 max-size=3221225472
endif
if ${process_number} = 2
memory_cache_mode always
cpu_affinity_map process_numbers=${process_number} cores=2
endif
where is the false settings ?
Missing cache_dir ?
Le 22/11/2021 à 18:18, Alex Rousskov a écrit :
On 11/22/21 11:55 AM, David Touzeau
Hi, community
What does mean this error :
2021/11/21 17:23:06 kid1| assertion failed: Controller.cc:930:
"!transients || e.hasTransients()"
current master transaction: master69
We are unable to start the service it always crashes.
How can we can fix it ( purge cache , reboot )... ?__
Hi,
For us it is Squid v4.17
Le 16/11/2021 à 17:40, Graminsta a écrit :
Hey folks ;)
What is the most stable squid version for production on Ubuntu 18 or 20?
Marcelo
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squ
Any tips,
Is someone using Fake NTLM with modern browsers ?
Le 11/11/2021 à 13:16, David Touzeau a écrit :
Thanks Amos it will help understand something
I think modern browser sending NTLMv2 as the ntlm_fake_auth
understanding only NTLMv1 ( perhaps )
Using curl with --proxy-ntlm option is
as currently stable .
Also the Squid 4 working very well on Debian 10
Le 11/11/2021 à 20:58, Flashdown a écrit :
Hi David,
well I am curious, where did you set the max filedescriptors? Only in
the OS configuration? If so, you also need to define it in the
squid.conf as well ->
h
Hi
Just for information and i hope it will help.
We have installed Squid 5.1 and Squid 5.2 in production mode.
It seems that after several days, the Squid become very unstable.
We mention that when switching to 4.x we did not encounter these errors
with the same configuration, same users, same
00 00 00 00 00 3A 00 57 4F 52 4B 47 52 4F 55 WORKGROU
Le 11/11/2021 à 08:40, Amos Jeffries a écrit :
On 11/11/21 14:12, David Touzeau wrote:
Hi,
i would like to use ntlm_fake_auth but it seems Squid refuse to
switch to authenticated user and return a 407 to the browser a
Hi,
i would like to use ntlm_fake_auth but it seems Squid refuse to switch
to authenticated user and return a 407 to the browser and squid never
accept credentials.
What i missing ?
Configuration seems simple:
auth_param ntlm program /lib/squid3/ntlm_fake_auth -v
auth_param ntlm children 20
request.
Le 02/11/2021 à 16:17, Alex Rousskov a écrit :
On 11/2/21 10:40 AM, David Touzeau wrote:
2021/11/01 16:50:48.787 kid1| 93,3| Http::Tunneler::handleReadyRead(conn9812727
local=127.0.0.1:23408 remote=127.0.0.1:2320 FIRSTUP_PARENT)
2021/11/01 16:50:48.787 kid1| 74,5| parse: status
Hi,
Take time to enable the debug log an parsing the 10GB of logs
Here the piece of code:
2021/11/01 16:50:48.786 kid1| 33,5| AsyncCall.cc(30) AsyncCall: The
AsyncCall Server::clientWriteDone constructed, this=0x55849cb132b0
[call252226641]
2021/11/01 16:50:48.786 kid1| 5,5| Write.cc(37) Writ
Hello Community,
We use child Squid proxies that connect to boxes that act as parents.
In version 4.x this configuration does not pose any problem.
In version 5.2, since, we have a lot of errors like :
01h 47mn kid1| TCP connection to 10.32.0.18/3150 failed
01h 47mn kid1| TCP connection to 10.32
Hi
Just to mention, we discover high memory usage too without ICAP and SSL bump
after several days, need to restart the service.
Le 08/10/2021 à 10:56, Steve Hill a écrit :
I'm seeing high memory usage on Squid 5.1. Caching is disabled, so
I'd expect memory usage to be fairly low (and it was
Thanks amos !!
I think auth_schemes can be a workaround.
I will try it !
Le 21/09/2021 à 02:49, Amos Jeffries a écrit :
On 21/09/21 11:49 am, David Touzeau wrote:
When edge, chrome and IE try to establish a session, Squid claim
2021/09/21 01:17:27 kid1| ERROR: Negotiate Authentication
n im setting
It up, i'll document it and make and howto of it.
Greetz,
Louis
Van: squid-users [mailto:squid-users-boun...@lists.squid-cache.org]
Namens David Touzeau
Verzonden: dinsdag 21 september 2021 1:49
Aan: squid-users@l
Hi all
i have setup Kerberos authentication with Windows 2019 domain using
Squid 5.1 ( The Squid version did not fix the issue - Tested 4.x and 5.x)
In some cases, some computers are not joined to the domain and ween need
to allow authenticate on Squid
To allow this, Basic Authentication is
Thanks, i will try in this way
Le 16/09/2021 à 21:03, Alex Rousskov a écrit :
On 9/16/21 2:52 PM, David Touzeau wrote:
It is true that it would be possible to use an external_acl in the
http_reply_access.
Do you think that adding it in this position I would be able to use
squid's resol
that adding it in this position I would be able to use
squid's resolution results ?
Le 16/09/2021 à 19:43, Alex Rousskov a écrit :
On 9/16/21 1:30 PM, David Touzeau wrote:
I'm turning to create a DNS resolution dev and I'm giving up looking
retreive this information through Squi
Amos,
Thank you for your response and kindness,
I'm turning to create a DNS resolution dev and I'm giving up looking
retreive this information through Squid.
Le 16/09/2021 à 19:13, Amos Jeffries a écrit :
On 17/09/21 2:42 am, David Touzeau wrote:
Thanks Amos for quick answer.
Ca
:
On 16/09/21 10:09 pm, David Touzeau wrote:
Hi comunity, Squid fans
I would like to use an external acl process for Geoip processing
i have tried to setup squid to send the remote peer address using %code but it always reply with a "-"
external_acl_type MyGeopip ttl=3600 negativ
Hi comunity, Squid fans
I would like to use an external acl process for Geoip processing
i have tried to setup squid to send the remote peer address using %code but it always reply with a "-"
external_acl_type MyGeopip ttl=3600 negative_ttl=3600 children-startup=2
children-idle=2 children-max
0922
Tel (Intl) : +44 1305 898033
https://www.lubefinder.com
*From:* squid-users on
behalf of David Touzeau
*Sent:* Wednesday, September 15, 2021 11:40:04 AM
*To:* squid-users@lists.squid-cache.org
*Subject:* [squid
On Debian 10 64bits with squid 5.1 we have thousand warning as this:
2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not
permitted
2021/09/15 08:00:18 kid2| WARNING: no_suid: setuid(0): (1) Operation not
permitted
2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1)
Basically syslogd can do what you want : send via TCP, HTTP, UDP
So the deal is to use
logformat my_metrics [statsd] %icap::tt %
Hi
Is there a way to configure Squid to output the logs to statsd rather
than a file?
Today I have this:
+logformat my_metrics %icap::tt %However I would
ry much for your help.
Regards,
David Mills
Senior DevOps Engineer
E: david.mi...@acusensus.com
M: +61 411 513 404
W: acusensus.com
On Sun, 18 Jul 2021 at 16:45, Amos Jeffries wrote:
> On 16/07/21 4:38 pm, David Mills wrote:
> > Hi Amos,
> >
> > sorry for the b
Hi Amos,
You said
> The traffic from Squid to the AArnet server is apparently using IPv6. Is
> that routing setup properly too?
>
The output of "ip address" shows both IPv4 and IPv6. What led you to make
the above conclusion?
Regards,
David Mills
Senior DevOps Eng
Hi Amos,
Thanks for the info.
Yes, "mirror.aarnet.edu.au" is in the whitelist. IPv6 could be an issue as
I believe AWS ELBs may not support.
We'll try the logging you suggest and perhaps an upgrade to 4.0 if we have
no joy with 3.5.
Regards,
David Mills
Senior DevOps Enginee
lru'
> '--enable-snmp' '--enable-ssl-crtd' '--enable-storeio=aufs,diskd,rock,ufs'
> '--enable-wccpv2' '--enable-esi' '--enable-ecap' '--with-aio'
> '--with-default-user=squid' '--with-dl' '-
itory creation and user
> configuration details.
>
While running, the line
> 0% [Connecting to HTTP proxy (
> http://vpn-proxy-d68aca8a8f7f81d6.elb.ap-southeast-2.amazonaws.com:3128)]
>
appears often and hang for a while.
I've tried upping the squid logging and allowing a
ists/squid/msg93659.html
Many users says there is no impact on helpers and performance as it is
just a warning...
Did you confirm it ?
Le 28/02/2021 à 01:58, Alex Rousskov a écrit :
On 2/27/21 7:22 PM, David Touzeau wrote:
Hi, regulary i have this error :
2021/02/28 01:18:43 k
Hi, regulary i have this error :
2021/02/28 01:18:43 kid1| helperOpenServers: Starting 5/32
'security_file_certgen' processes
2021/02/28 01:18:43 kid1| WARNING: no_suid: setuid(0): (1) Operation not
permitted
i have set the setuid permission
chown root:squid security_file_certgen
chmod 0475
-enable-epoll'
'--enable-async-io=128' '--enable-zph-qos' '--enable-delay-pools'
'--enable-http-violations' '--enable-url-maps' '--enable-ecap'
'--enable-ssl' '--with-openssl' '--enable-ssl-crtd'
'--enable
Hi
This error is generated every 15 minutes when using any authenticator
helper (ntlm, kerberos...)
Is there a way to investigate on this issue ?
kidxx| WARNING: no_suid: setuid(0): (1) Operation not permitted
Sometimes, after rebooting the system, issue is fixed for an
undetermined period
Yes this an hton of the IP address (ip2long) , remove the .addr and
switch to long2ip
Le 04/01/2021 à 14:56, ngtech1...@gmail.com a écrit :
Thanks David,
I don’t understand something:
1490677018.addr
Are these integers representing of ip addresses?
Eliezer
Eliezer Croitoru
Tech
Hi Eliezer:
http://articatech.net/tmpf/categories/banking.gz
http://articatech.net/tmpf/categories/cleaning.gz
Le 04/01/2021 à 10:27, ngtech1...@gmail.com a écrit :
Hey David.
Indeed it should be done with the local websites however, These sites
are pretty static.
Would it be OK to
Hi Eiezer,
I can help you by giving a list but
Just by using "main domains":
* Banking/transcations : 27 646 websites.
* AV sofwtare and updates sites (fw, routers...) : 133 295 websites
I can give it to you the lists , they are incomplete and it should
decrease squid performance by loadin
Thanks Amos
You means using "login=PASS" in peer settings and in Proxy parent B and
C use the "basic_fake_auth" helper to "simulate" the requested auth ?
Le 17/11/2020 à 11:43, Amos Jeffries a écrit :
On 17/11/20 9:27 pm, David Touzeau wrote:
Hi,
W
1 - 100 of 234 matches
Mail list logo
