I noticed that my squid server queries every second for the same destination
(because we have a clients requiring access to this destination). My squid
server does not have the negative_dns_ttl nor the positive_dns_ttl values set
so I would expect that they are using the defaults. The destinatio
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
I'm running Squid 4.14 with the following custom log format:
logformat MyLogFormat ---> local_time="[%tl]" squid_service=%{service}note
squid_status=%Ss squid_hierarchy_status=%Sh ** lb_id=%{X-Request-Id}>h *FLOW0*
orig_src_ip=%{X-Client-Egress-Ip}>h orig_src_port=%{X-Client-Egress-Port}>h
lb_
I am seeing this occasionally in my squid logs and am little confused because I
don't know how to troubleshoot this one. I normally see in the squid logs the
destination IP address as dst_ip in my custom logs but in these cases, the
field is blank. I'd expect the destination IP to be blank when
In my squid.conf, I have the following logformat which passes all the data from
the client via the load balancer to the squid server as headers:
logformat MyLogFormat ---> local_time="[%tl]" squid_service=%{service}note
squid_status=%Ss squid_hierarchy_status=%Sh ** haproxy_id=%{X-Request-Id}>h
Has anyone else noticed that any issues with the expiration of the Sectigo
certificates today that appear to be related to this issue:
https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA03l0117LT
https://support.sectigo.com/Com_KnowledgeDetailPage?Id=kA01N00rgSZ
I started see this i
I am trying to permit access to something like the following,
https://www.example.com/world, without providing access to the whole site.
I have a basic configuration with the pertinent items as follows:
http_port 3128 ssl-bump \
cert=/etc/squid/ssl_certs.d/myCA.pem \
generate-host-certificate
Is there a chart or diagram somewhere to depict what key elements are processed
before others in squid? For instance, is cache_peer traffic handed off to the
other host before SSL decrypt, ICAP, or url writes occurs on the first host? I
would assume so for performance reasons but was hoping to s
I have the following for each of my rules (except for my last rule: http_access
deny all rule):
http_access allow AllowedSrc AllowedInternalDst
note ruleid ACCESS2INTERNAL AllowedSrc AllowedInternalDst
note ruletype ALLOW AllowedSrc AllowedInternalDst
I have the following log-format entry used f
I am using an alternate filename for my squid configuration and am trying to
validate the file below going live with it. Should I be able to use both the –k
parse and the –f filename options at the same time? It looks like “-k parse” is
defaulting to only use only /etc/squid/squid.conf.
# squid
I am trying to separate logs so that in the log entries define why it was
blocked. For example, I have created the following log formats:
logformat MyAllowSuccessLog local_time="[%tl]" action=ALLOW status=SUCCESS **
orig_src_ip=%{X-Forwarded-For}>h proxy_src_ip=%>a proxy_src_port=%>p dst_ip=%Hs
11 matches
Mail list logo
