On 08/01/2025 23:33, Orion Poplawski wrote:
We use e2guardian and squid in a combined method were requests can either go
to e2guardian first and get forwarded to squid, or go directly to squid.
I would like to be able to have squid allow connections for certain remote
client IPs without requirin
On 20/02/2024 08:06, Dsant wrote:
Hello, I set up a squid proxy, I want to allow some sites, Google
recaptcha and block everything else.
acl mydest dstdomain .projet-voltaire.fr
http_access allow mydest
acl google_recaptcha url_regex ^www.google.com/recaptcha/$
http_access allow google_recaptc
On 12/02/2024 12:02, Stephen Borrill wrote:
On 12/02/2024 11:48, NgTech LTD wrote:
What distro are you using?
NetBSD 9.2_STABLE and building with gcc 8.5.0
I will stick with 6.6 for the debugging due to the missing files in 6.7
(I'm one of the maintainers of the pkgsrc port for squi
I see the translations of error messages have been removed from 6.7
compared to 6.6 (and earlier), but I see no mention of this in the
changelog:
https://github.com/squid-cache/squid/blob/552c2ceef220f3bbcdbedf194eae419fc791098e/ChangeLog
Was this change intentional and, if so, why isn't it doc
On 12/02/2024 11:48, NgTech LTD wrote:
What distro are you using?
NetBSD 9.2_STABLE and building with gcc 8.5.0
בתאריך יום ב׳, 12 בפבר׳ 2024, 13:47, מאת Stephen Borrill
mailto:sq...@borrill.org.uk>>:
On 16/01/2024 14:37, Alex Rousskov wrote:
> On 2024-01-16 06:01, Stephe
On 16/01/2024 14:37, Alex Rousskov wrote:
On 2024-01-16 06:01, Stephen Borrill wrote:
The problem is no different with 6.6. Is there any more debugging I
can provide, Alex?
Yes, but I need to give you a patch that adds that (temporary) debugging
first (assuming I fail to reproduce the
On 16/01/2024 14:43, Stephen Borrill wrote:
On 16/01/2024 14:37, Alex Rousskov wrote:
On 2024-01-16 06:01, Stephen Borrill wrote:
The problem is no different with 6.6. Is there any more debugging I
can provide, Alex?
Yes, but I need to give you a patch that adds that (temporary)
debugging
On 16/01/2024 14:37, Alex Rousskov wrote:
On 2024-01-16 06:01, Stephen Borrill wrote:
The problem is no different with 6.6. Is there any more debugging I
can provide, Alex?
Yes, but I need to give you a patch that adds that (temporary) debugging
first (assuming I fail to reproduce the
The problem is no different with 6.6. Is there any more debugging I can
provide, Alex?
On 10/01/2024 12:40, Stephen Borrill wrote:
On 09/01/2024 15:42, Alex Rousskov wrote:
On 2024-01-09 05:56, Stephen Borrill wrote:
On 09/01/2024 09:51, Stephen Borrill wrote:
On 09/01/2024 03:41, Alex
On 09/01/2024 15:42, Alex Rousskov wrote:
On 2024-01-09 05:56, Stephen Borrill wrote:
On 09/01/2024 09:51, Stephen Borrill wrote:
On 09/01/2024 03:41, Alex Rousskov wrote:
On 2024-01-08 08:31, Stephen Borrill wrote:
I'm trying to determine why squid 6.x (seen with 6.5) connected via
On 09/01/2024 09:51, Stephen Borrill wrote:
On 09/01/2024 03:41, Alex Rousskov wrote:
On 2024-01-08 08:31, Stephen Borrill wrote:
I'm trying to determine why squid 6.x (seen with 6.5) connected via
IPv4-only periodically fails to connect to the destination and then
requires a restart t
On 09/01/2024 03:41, Alex Rousskov wrote:
On 2024-01-08 08:31, Stephen Borrill wrote:
I'm trying to determine why squid 6.x (seen with 6.5) connected via
IPv4-only periodically fails to connect to the destination and then
requires a restart to fix it (reload is not sufficient).
The pr
I'm trying to determine why squid 6.x (seen with 6.5) connected via
IPv4-only periodically fails to connect to the destination and then
requires a restart to fix it (reload is not sufficient).
The problem appears to be that a host that has one address each of IPv4
and IPv6 occasionally has its
On 21/11/2023 15:55, Alex Rousskov wrote:
On 2023-11-21 08:38, Stephen Borrill wrote:
On 15/11/2023 21:55, Alex Rousskov wrote:
On 2023-11-10 05:46, Stephen Borrill wrote:
With 6.x (currently 6.5) there are very frequent (every 10 seconds
or so) messages like:
2023/11/10 10:25:43 kid1
On 15/11/2023 21:55, Alex Rousskov wrote:
On 2023-11-10 05:46, Stephen Borrill wrote:
With 6.x (currently 6.5) there are very frequent (every 10 seconds or
so) messages like:
2023/11/10 10:25:43 kid1| ERROR: Connection to 127.0.0.1:8123 failed
why is this logged as a connection failure
For reasons I won't go into, we are running two copies of squid. One
(main squid) is client-facing and uses the other (peer squid) as the
upstream cache_peer which is a non-caching fetcher.
Main squid is configured like this:
cache_peer 127.0.0.1 parent 8123 0 no-query no-digest no-netdb-excha
On 31/10/2023 13:08, Stephen Borrill wrote:
On 18th April 2023 Alex Rousskov wrote:
On 4/18/23 03:38, Ralf Hildebrandt wrote:
We're using squid-6, currently v4 only. The use case for us is mostly
our users using our proxy to retrieve full text publications of
several thousand medical jou
On 18th April 2023 Alex Rousskov wrote:
On 4/18/23 03:38, Ralf Hildebrandt wrote:
We're using squid-6, currently v4 only. The use case for us is mostly
our users using our proxy to retrieve full text publications of
several thousand medical journals... via IPv4.
The publishers "know" our IPv4
On Mon Oct 23 11:39:52 UTC 2023 Ralf Hildebrandt wrote:
I upgraded from 6.3 to 6.4 today and it INSTANTLY began crashing
(frequently!)
The Log messages in cache.log:
...
2023/10/23 09:57:21| Beginning Validation Procedure
2023/10/23 09:57:21| Completed Validation Procedure
Validated 237163
On 30/06/2022 18:00, ngtech1...@gmail.com wrote:
Hey,
I have tried to download blacklists from couple sites that was
publishing these in the past and all of them are gone.
The only free resource I have found was DNS blacklists.
I just wrote a dstdomain external helper that can work with a SQ
On 15/10/2020 16:02, Alex Rousskov wrote:
> On 10/15/20 10:06 AM, Stephen Borrill wrote:
>> I have also been pointed to your comment here:
>> https://bugs.squid-cache.org/show_bug.cgi?id=5069#c1
>
> Aha, I thought there was another related bug but did not check. Glad you
On 15/10/2020 14:59, Alex Rousskov wrote:
> On 10/15/20 4:07 AM, Stephen Borrill wrote:
>> At a few installations of squid 4.12 (patched for GREASE) on NetBSD
>> 9, I'm seeing that occasionally one of the listening ports no longer
>> accepts connections (it doesn'
At a few installations of squid 4.12 (patched for GREASE) on NetBSD 9,
I'm seeing that occasionally one of the listening ports no longer
accepts connections (it doesn't reject them, but a connection does not
get established). The port appears random; it's not the same every time
and isn't related t
(old thread revived)
A common problem is with sites that have very short TTLs.
For instance login.live.com sometimes has a TTL of 60 seconds. The squid
server is using BIND as a recursive DNS resolver and clients are using
the same BIND instance too. All clients (iOS, Windows, Android)
sometimes
On 29/10/2018 15:20, Uchenna Nebedum wrote:
> Good Day All,
> I have setup squid 3.5 with mikrotik, and ssl bumping is enabled. after
> accepting the certificate on the browser prompt, Squid throws an error
> on the browser, "*unable to forward this request at this time.*" it
> throws this error fo
On 04/10/2016 14:10, Amos Jeffries wrote:
> On 5/10/2016 1:16 a.m., Egerváry Gergely wrote:
>>> Getting closer, but still not there...
>>
>> Hah, we need to apply the kern/50198 patch to ipnat_6.c too.
>>
>> --- ip_nat6.c.orig 2015-08-08 18:31:21.0 +0200
>> +++ ip_nat6.c 2016-10-04 1
On 01/10/2016 23:48, Egerváry Gergely wrote:
> Hi,
>
> Should "intercept" work with IPv6 on NetBSD 7-STABLE and IPFilter 5.1?
>
> I have the patch applied for kern/50198, and it's working fine with
> IPv4. I only get a connection reset by peer on IPv6.
I found the IPv4 bug and that PR and patch
On 27/06/2016 12:35, Silamael wrote:
> On 27.06.2016 13:19, Amos Jeffries wrote:
>> On 27/06/2016 9:16 p.m., Silamael wrote:
>>> Hi,
>>>
>>> I'm playing around with the SMP feature on OpenBSD 5.9 and noticed that
>>> Squid does not run due to hard coded limits for the receive and send
>>> buffer si
Is there a way to log which ACL caused a block with http_access? This
information is present for deny_info to use, but I cannot see a entry I
can add to logformat to present such a thing in a custom log format (if
using an external acl helper, you can spoof something up with the et and
ea formats).
On 16/01/2016 13:16, Egerváry Gergely wrote:
> Hi,
>
> I'm running on:
> - NetBSD 7.0_STABLE (checked out today)
> - Squid 3.5.12 from NetBSD pkgsrc 2015Q4
> - IP Filter: v5.1.2 (536)
>
> Configured with "--enable-ipf-transparent":
>
> $ ./configure --sysconfdir=/usr/pkg/etc/squid
> --localsta
On 10/07/2015 14:34, David Touzeau wrote:
Many thanks Amos
With your suggests, we have found that the issue is generated by Palo
Alto Client for Citrix
https://live.paloaltonetworks.com/docs/DOC-1321
And not from SQUID...
Or Citrix...
--
Stephen
_
On 08/07/2015 19:26, David Touzeau wrote:
Dear
I would like to share a strange behavior.
We have servers that stores Citrix application.
Each Citrix server run about 10 users/session
Each session execute browsers connected to squid 3.5.6 or 3.3.13.
After opening 10 tabs, browsers generates er
On 27/05/2015 16:52, James Lay wrote:
On 2015-05-27 09:45 AM, Stephen Borrill wrote:
I have:
Squid Cache: Version 3.5.4
Service Name: squid
configure options: '--sysconfdir=/usr/pkg/etc/squid'
'--localstatedir=/var/squid' '--datarootdir=/usr/pkg/share/squid'
&#
I have:
Squid Cache: Version 3.5.4
Service Name: squid
configure options: '--sysconfdir=/usr/pkg/etc/squid'
'--localstatedir=/var/squid' '--datarootdir=/usr/pkg/share/squid'
'--disable-strict-error-checking' '--enable-auth'
'--enable-cachemgr-hostname=localhost' '--enable-delay-pools'
'--enable-i
34 matches
Mail list logo
