Hi.
I want to know if is possible that, for some site (sales.mydomain.com) the
proxy server send the "real ip".
Because i want to see in the logs of sales.mydomain.com the real ip of the
machine that are going (and not the proxy ip).
I know that i can see this in the log of squid... but, i want t
Hi.
I have Squid configured as a proxy reverse.
The DNS are configured too. The clients can access from outside without
problem.
It is working well.
But I want to serve web pages with https and I would like to use Let's
Encrypt (or something similar) so clients do not have to accept an invalid
cer
Thanks to all!!
Now is working fine.
Just, one question to know... i make this accessible from the internet...
so, i create some acl 0.0.0.0/0 and it's working.
But.. this is a security issue??? or it's ok declare that ACL.
Thanks to all.
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.n
Antony Stone wrote
>> I create two entries pointing to squid in DNS now.
>> site1.mydomain.lan
>> site2.mydomain.lan
>
> So, both of those resolve to 192.168.1.21, right?
>
> Yes, the resolve to the ip of squid.
>
>> > The config example you want to follow is
>> > https://wiki.squid-cache.org/Co
> php.mydomain.lan 192.168.1.223
> ticket.mydomain.lan 192.168.1.246
>.. and clients never connect to the above directly. So these domains are
>never to be accessed by users/clients.
The client can connect directly from the domain. (i mean they can connect
directly in work, but i want to do this
Ok, thanks. I change that.
Now, if i go to reverse.mydomain.lan i get this error:
"Unable to forward this request at this time."
1533909140.268 0 192.168.6.20 TCP_IMS_HIT/304 355 GET
http://reverse.mydomain.lan/squid-internal-static/icons/SN.png - HIER_NONE/-
image/png
but what would be th
Hi to all.
I was reading several tutorials and I can not find what I'm doing wrong.
I want to use squid to redirect to these two sites that are both within my
domain.
In my internal dns I have declared both servers, with their corresponding
ips, also squid.
reverse.mydomain.lan 192.168.1.21 (SQUI
Hi, thanks
I try Explorer 8.0 and Chrome 68.0...
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-use
Hi to all.
Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
I follow a lot of tutorial... and cant do it.
The best i have is this (and is strange).
When the pc start i see in log of squid the ip of that pc.
tail -f /var/log/squid/access.log | grep 192.168.6.22
1532616150
Thank you Amos (sorry again Yuri).
And yes, the user are complains.
The problem is this (and sorry for be recurrent with this).
That value avg ms for some times goes up to 3000... and in that moment all
stop.
in the cache.log sometimes, im getting this.
support_sasl.cc(276): pid=3729 :2018/02/
Hi to all.
I dont know why i have this bad values. My network is woking fine. How i can
do to fix this. I think is a high value.
HTTP/1.1 200 OK
Server: squid/3.5.27
Mime-Version: 1.0
Date: Fri, 23 Feb 2018 17:16:25 GMT
Content-Type: text/plain;charset=utf-8
Expires: Fri, 23 Feb 2018 17:16:25 GMT
Hi to all.
Im trying to block some web to a ip group.
[root@squid ips]# cat i-restringidos.lst
192.168.1.42
192.168.1.43
192.168.1.44
192.168.1.45
192.168.1.99
192.168.1.50
192.168.1.128
This same ip group has access to all internet.
[root@squid ips]# cat prensa_isla.lst
192.168.1.42
192.168.1
sorry, yuri, yes is working.
i can connect via ldap and also turn on debug for investigate, and is no
error know...
but time to time, this error is happening... so... is strange.
In the other hand im getting this values with just one machine using the
squid :
Negotiate Authenticator Statistics:
Hi.
The port is open.
There is a way to have a little more log??'
Thanks
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cach
Hi. Im having this problem. Im running squid on a Centos 7 container (lxc on
proxmox).
This is cache.log
support_sasl.cc(276): pid=555 :2018/02/20 10:13:34| kerberos_ldap_group:
ERROR: ldap_sasl_interactive_bind_s error: Can't contact LDAP server
support_ldap.cc(957): pid=555 :2018/02/20 10:13:34
Hi.
Im having this warning in cache.log
2018/02/14 15:56:55 kid1| WARNING: All 32/32 ssl_crtd processes are busy.
2018/02/14 15:56:55 kid1| WARNING: 32 pending requests queued
2018/02/14 15:56:55 kid1| WARNING: Consider increasing the number of
ssl_crtd processes in your config file.
2018/02/14
Thanks for your time! Know is working fine.
a little and stupid question where i can found the start script of
squid??? This is a Centos 7.
I want put this
KRB5RCACHETYPE=none
export KRB5RCACHETYPE
[root@squid etc]# cat /usr/lib/systemd/system/squid.service
## Copyright (C) 1996-2015 The Sq
Ok.
Thanks
Know the ticket is fine, and is working (people are going throug internet
and i see in access.log there user names) but... im having this error in
the log.
2018/02/05 12:56:46 kid1| ERROR: Negotiate Authentication validating user.
Result: {result=BH, notes={message: gss_accept_sec
Hi to all.
The squid was working fine, but i made a mistake and... delete the
proxy.keytab. I try to do it again, but make a mistake in the syntax
wrong syntax (the real name is not squidproxy.domain.lan is
squid.domain.lan):
msktutil -c -b "CN=COMPUTERS" -s HTTP/squidproxy.domain.lan -k
/etc/sq
Hi.
I want to put that command
reference_age 1 week
i see that in a lot of tutorial, but... squid give me a error, and stop the
service.
dont recognice the command... that command doesnt exist anymore??
Thanks
pd:there is another way to tell squid how manage the time for the cache
objets??
--
Im having this warning in the log.
I dont find anything related to this in google, so.
What could be??
this is my config
GRUPOS DE IP
acl sin_autenticacion src "/etc/squid/listas/sin_autenticacion.lst"
###Kerberos Auth with ActiveDirectory###
auth_param negotiate program /lib64/squid/nego
Hi to all.
Im having some things in the log.
Like this:
-Vary object loop
-Could not parse headers from on disk object
-varyEvaluateMatch: Oops
ipcacheParse No Address records in response to (i supposed this is not a
problem)
And a lot more as you can see.
2017/12/12 16:09:50 kid1| ipcacheParse
Thanks.
I update to 3.5.27 and now i dont have this problem.
But, i have this doubt... so, this was a problem of my certificate or a bug
from squid???
Thanks
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
Ok, thanks for your time.
This "fix" the problem...
reg add HKLM\Software\Policies\Google\Chrome /v
EnableCommonNameFallbackForLocalAnchors /t REG_DWORD /d 1
When i wrote that command, the problem is gone.
but, i want to know about that fix that you are telling me.
Im using this version Squid C
Yes, Chrome tell this when i look the certificate
"The certificate for this site does not contain a Subject Alternative Name
extension containing a domain name or IP address."
So, my certificate does not have a Subject Alternative Name.
But, this is not a problem with Firefox.
I have to change m
When i put the in Chrome
https://.sdfasdfasdfasdfasd.com
it produces the same error...
but this just happend with "https" and with chrome.. not with
firefox.
With firefox i get the error web pager from squid
Unable to determine IP address from host name
"www.sdfasdfasdfasdfa
Hi, and thanks.
But, i dont get it, how this is possible, if the bumping is working well. I
mean, if all https is working with my certificate, except for those that i
block (from chrome). But the bumping is working well in Chrome and Firefox.
This is log from Chrome with port
1512501177.181
"Does that error match the generated certificate sent by Squid to a
blocked Chrome user? In other words, does that certificate have an
invalid common name (CN) field? "
No, is the same certificate.
"I suggest comparing the following two certificates:
* the certificate sent by Squid to a blocke
Hi to all.
I block some webs for a group of users.
That users can use internet without problem, but... i block some web (social
networks).
In firefox, all work fine, when someone try to go to facebook for example,
they found with "access denied" (web from squid).
But, in Chrome.. they get this err
Thanks Amos.
Let's be clear ... this configuration was working exactly as I wanted it to.
The users in each of those groups (i-full, sin_autenticacion, i-limitados)
navigated without problems. So that they did not navigate, I simply took
them out of one of those groups, period. Everything works as
mmm
Ok, thanks
i do that but, with users (calling a new group in the domain). Instead of
this i can do a list of users in a file??
Anyway, i do that, but instead of
http access deny acl acl
i do
http access allow acl !acl
This will be the problem? or is the same? (the same "in other words")
But, that's exactly the problem.
Thats what i do.
I do a have this large group
i-full
and a small group with a few users from i-full, the small group is called
i-restringidos.
And put i-restringidos in the top... (as you can see in my config file)
But, is not working. They can go trough the web
Sorry, i dont understand.
Just enumerate the user in a acl?
a common acl or a kerberos acl??
can you put me a example please?
Thanks
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing
I dont know if i explain well myself...
i just want block some web access (facebook, web.whatsapp, etc.) to just a
few users from a large group.
Thanks
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squ
Hi to all.
I want to block web.whatsapp.com in some users.
But i already have those users in other group.
I suppose this is not a problem if i put the acl in some order... but its
not working.
For example, i have group
I-FULL: user1, user2, user3
I-RESTRINGIDOS: user1
This is my config file
###
Hi.
I want to do a redirect to a user.
For example if the user want to go to google, i redirect to some particular
web.
Can you tell me how??
i have config the http access trough user (with kerberos).
Thanks to all
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-
Hi. What you think about using certificate for bump from
https://letsencrypt.org???
Thanks to all.
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lists.squid-cache.o
Sorry, i found where
/etc/sysconfig/squid
And was good, already have that config, so i dont know why is failing.
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lis
Hi.
I follow this guide
https://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
But, i dont know where put this
Add the following configuration to /etc/default/squid3
KRB5_KTNAME=/etc/squid3/PROXY.keytab
export KRB5_KTNAME
i dont have that file /etc/default/squid3
Squi
Sorry, but, the problem with the certificate is a problem from the web?? i
mean, is not a problem of "my squid".
So better i exclude that web... but, so strange, squid webpage wiki with
problem in certificate???
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f10190
Ok, thats a error from chrome.
Another thing with just that web, that if i disable dns_ipv4_first.
I get this:
--
The following error was encount
this is weird.
This just happend to me with that web... i mean, with
https://wiki.squid-cache.org/ (not with google, not with facebook).
But the weird is that if i go trough a authenticate machine for ip, i
receive that ipv6. but if i go throug a authenticate kerberos machine i get
this net::err
Hi.
Im getting this kind of error:
--
The following error was encountered while trying to retrieve the URL:
https://wiki.squid-cache.org/*
Connection to 2001:4801:7827:102:ad34:6f78:b6dc:fbed failed.
The
Hi.
All is working fine, but im having this error in the mail of root
--
From r...@squid.domain.lan Tue Oct 3 04:00:02 2017
Return-Path:
X-Original-To: root
Delivered-To: r...@squid
Sorry, this is part of my config
###Kerberos Auth with ActiveDirectory###
auth_param negotiate program /lib64/squid/negotiate_kerberos_auth -s
HTTP/squid.domain@domain.lan
auth_param negotiate children 45 startup=0 idle=1
auth_param negotiate keep_alive on
external_acl_type i-full %LOGIN /us
but, why so slow then???
"
For Negotiate and NTLM the credentials are supposed to be unique per
connection, so each TCP connection requires separate lookup. But
followup pipelined requests on a connection should not need auth helper
lookups as they share the already authenticated credentials.
*gr
Hi.
Thanks.
But there is some Time to live, for config in the squid, so the service is
not asking every time for authenticate??
Thanks!
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing
Hi.
Im traying to improve the dns response because im having this times:
Negotiate Authenticator Statistics:
program: /lib64/squid/negotiate_kerberos_auth
number active: 32 of 32 (0 shutting down)
requests sent: 72241
replies received: 72241
queue length: 0
avg service time: 56 msec
ID #
Ok, thanks
i grow the swap
[root@squid /]# free -h
totalusedfree shared buff/cache
available
Mem: 3,7G1,0G117M 29M2,6G
2,4G
Swap: 6,0G124M5,9G
related to swappiness what would be a go
By the way,
totalusedfree shared buff/cache
available
Mem: 3,7G3,0G122M 13M554M
422M
Swap: 2,0G160M1,8G
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-
Hi to all.
all was working fine.. but today Im having this issue
2017/09/07 11:34:49 kid1| Starting new negotiateauthenticator helpers...
2017/09/07 11:34:49 kid1| helperOpenServers: Starting 1/35
'negotiate_kerberos_auth' processes
2017/09/07 11:34:50 kid1| Starting new negotiateauthenticator he
Hi.
There is a way to know what can be happend with this failure?
Thanks to all.
Internal DNS Statistics:
The Queue:
DELAY SINCE
ID SIZE SENDS FIRST SEND LAST SEND M FQDN
-- - -- - -
DNS jumbo-grams: not working
Nameservers:
IP ADDRES
Hi.
Im having a lot of this in cache.log... is this normal?? The https is access
is working fine... but i have those error.
2017/09/04 13:10:58 kid1| Error negotiating SSL on FD 467:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed (
1/-1/0)
2017/09/04 13:10:58 kid
Hi, and thanks
The ROUTERWIFI is a TpLink TL-WR940N i dont see in this router any Nat
option :-(
This is the router table of the SquidBox
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse
Iface
0.0.0.0 10.1.158.1 0.0.0.0 UG
Hi, and thank you all.
Well this is the diagram.
INTERNET
+
+
FIREWALL (10.1.158.1/24)
+
+
+
SQUID (2 interfaces) 10.1.158.2/24
192.168.1.20/24
+
+
+
ROUTERWIFI( WANstatic ip 192.168.1.40/24 gw 192.168.1.20) LAN
192.168.0.1/24)
squid config:
acl red1 src 19
Ok Yuri, im re re re reading... :-)
And probe another configs, like this
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect
and nothing, i dont get where i fail.
Squid, it is config in interception mode.
cache.log
2017/07/11 14:15:43 kid1| Accepting HTTP Socket connections
Thanks
Yes, im looking the wiki and follow this
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat
And, it is not working. Nothing it is going to squid.
I can go to internet because
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
but, nothing throug squid.
What can be? Ano
Hi to all.
Im having this warning
2017/07/11 11:37:44 kid1| WARNING: Disk space over limit: 17241692.00 KB >
1536 KB
2017/07/11 11:37:56 kid1| WARNING: Disk space over limit: 16800692.00 KB >
1536 KB
2017/07/11 11:38:07 kid1| WARNING: Disk space over limit: 16466860.00 KB >
1536 KB
201
Hi, and thanks.
Maybe i dont explain well.
I just want this:
WanRouter---Squid-switch--PC
I want to declare in "PC" IP, MASK, AND GATEWAY, instead of the WanRouter, i
want that PC have for gateway the ip of the Squid.
I do this by now.
sudo iptables -A PREROUTING -t nat -s 192.
Hi.
It's possible to put the squid server as gateway??? and config to ear in
port 80 instead of 3128? This will work?
Thanks to all.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022.html
Sent from the Squid - Users mailing list archi
Ok, thank you all!
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/The-best-way-to-start-stop-reload-status-tp4682998p4683005.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mail
Hi. I have this in my cache.log
ad_block, is a list for block publicity.
there is a best way to do that??
2017/07/06 10:35:49| /etc/squid/squid.conf line 55: acl ads dstdom_regex
"/etc/squid/listas/ad_block.lst"
2017/07/06 10:35:49| WARNING: there are more than 100 regular expressions.
Consider
Hi.
mmm... im having a doubt.
I usually use Systemctl for start, stop, reload, and status; but sometimes i
heard that it was not the best way to do these actions.
Way? I heard something wrong?
And if not the best way, what would it be?
1) squid -z
2) squid
???
And from there, how i can stop and
Hi.
Why you say "This is because you use two commands"?
i use systemctl reload squid. or systemctl stop, start
This is the cache.log
Thanks to all.
2017/07/05 07:41:07 kid1| Error negotiating SSL on FD 161:
error::lib(0):func(0):reason(0) (5/-1/104)
2017/07/05 07:42:29 kid1| Error n
Hi.
Im using CentOS Linux release 7.2.1511 (Core)
"Your Squid has received more concurrent negotiateauthenticator requests
than it is configured to handle. FWIW, Squid v4+ can be configured to
drop extra requests"... are you telling me it's time to update??? :-(
--
View this message in conte
Hi.
What's going on here?
Can somebody give me a hand?
I dont make any change so... what's going on??
2017/07/03 12:44:41 kid1| Error negotiating SSL on FD 481:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
fai
led (1/-1/0)
2017/07/03 12:45:38 kid1| Closing HTTP po
oh ok!
so... dosent have any sense try to have a big ttl?
because ok, if i use just a own dns resolver then "they" have just one ttl
and no one for each user.
But, would not be better have long ttl???
the ip attached to a domain name it's changing so quickly (15', for
example)?? i dont understand
Hi. For what I understood. It is important ttl of dns names. So, I wanted to
know when the squid server would ask for resolution again. That is, how long
was the record kept.
Thanks
pd.:whitout -x
[root@squid ~]# dig yahoo.com
; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> yahoo.com
;; global opt
Amos Jeffries wrote
> The core issue is the speed at which that service rotates its response
> IP lists, which is directly related to each request going to entirely
> different server in their farm. Simply having a single (and maybe more
> sane regarding TTLs) resolver as a networks focal point
"If I assume that its doing what you want there are still two major
issues that can be seen.". i think it was...
"1) Mixing interception and authentication (ssl-bump is a type of
interception, at least on the https:// traffic). Intercepted messages
cannot be authenticated - though
acl local_machines dst 192.168.1.0/24
###Kerberos Auth with ActiveDirectory###
auth_param negotiate program /lib64/squid/negotiate_kerberos_auth -s
HTTP/squid.xxx@xxx.lan
auth_param negotiate children 25 startup=0 idle=1
auth_param negotiate keep_alive on
external_acl_type i-full %LO
Hi to all.
This is strange...
if a put "date" i get the actual time. I mean the time it's correct.
More or less in this moment it is
[root@squid ~]# date
mié may 24 15:59:59 ART 2017
in the same moment (more or less) access.log
24/May/2017:19:00:21
same moment (more or less)
[root@squid ~]#
Hi to all.
Im having too much "avg service time" in the negotiate kerberos helper. Amos
tell me that it's a configuration related to the AD. Can somebody give me a
hand to tune that? or tell me where find information about?
Thanks
Negotiate Authenticator Statistics:
program: /lib64/squid/negotiat
thanks and sorry, i have just two.
In one of them (the more "important") i have SSO, and in the other i have
access per ip.
So, i need to have the two squid servers equally or not?
In the other hand I do not mind the use of bandwidth but serve as fast as
possible.
how i would config this??
thanks
Hi.
I have working a squid server. we have 110 pc.
I have two virtualized squids.
One of them is working, and the other i use for testing purpose. but, i want
to know if i could take that of "testing purpose" and put to work with
"cache peers or neighbors"??
It would be better?? it give some benef
Ok,
Thanks.
We are using a windows server 2012...
Can you explain to me how the negotiate authenticator works??
how works? when a user want browser to a page, the squid, use the
authenticator for know if can browse?? every time? for every single web
pages?
Thanks
--
View this message in contex
Hi again.
Just boot up
11:43
number active: 14 of 25 (0 shutting down)
requests sent: 166348
replies received: 166348
queue length: 0
avg service time: 34 msec
ID # FD PID # Requests # Replies Flags Time Offset
Request
366 97 13237 510 5
/utbrE1SqqfBwTvqMYcj74pHTZWDvMUKYP1nf0bZgSALdDEATutes5b0vB12TnyVHz53PC7loe0sDti4761U7djBT5yT9AYBQACGWX2CsOjvNbszTOxHtgG1ry3T45UIomlL5XqcMfUS8fqlpVbEnEfmiFjagWDDdrqntgxaRJmZPTrc8X2yBvexO4UkLo/qsyJbm32N2LjAtP0MhJeHHTOk5PFNrgyG+/lIaikXmCV2pOzeZvcDBYRvUBqgW8pIdjvrw8SUhZarZ65JQNxQ5u409tPiqDRH/3bXQ88+RNnoWD6HzfT2y5+DTUN+mwkNlwBPIgp\n
220
erdosain9 wrote
> ETC
> and 35, someone it's eating...and by the way the first "error" (a
and 35, someone it's eating...and by the way the first "error" (a lot of
numbers and letters its happening)
Negotiate Authenticator Statistics:
program: /lib64/squid/negotiate_kerberos_auth
number active: 35 of 35 (0 shutting down)
requests sent: 35222
replies received: 35221
queue length: 0
avg s
Look this
Negotiate Authenticator Statistics:
program: /lib64/squid/negotiate_kerberos_auth
number active: 25 of 25 (0 shutting down)
requests sent: 27331
replies received: 27306
queue length: 11
avg service time: 389 msec
I change to 25... and in this moment i have queue length 11... there i
Thanks you all!
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Documentation-for-squidclient-tp4682457p4682464.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing list
squid
And... for last
How i read this??
Delay pools configured: 5
Pool: 1
Class: 2
Aggregate:
Max: 100
Restore: 100
Current: 100
Individual:
Max: 512000
Restore: 5
And for example, if i have this
Negotiate Authenticator Statistics:
program: /lib64/squid/negotiate_kerberos_auth
number active: 20 of 20 (0 shutting down)
requests sent: 23980
replies received: 23980
queue length: 0
avg service time: 8 msec
ID # FD PID # Requests # Replies
Hi.
Where i can find documentation for the opcion on squidclient, many of them
are self-explanatory but for example this:
[root@squid ~]# squidclient mgr:external_acl
HTTP/1.1 200 OK
Server: squid/3.5.20
Mime-Version: 1.0
Date: Thu, 18 May 2017 12:40:54 GMT
Content-Type: text/plain;charset=utf-8
E
Sorry now squidclient it's working! was the ipv6.
Thanks!
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/WARNING-All-20-20-negotiateauthenticator-processes-are-busy-tp4682362p4682444.html
Sent from the Squid - Users mailing list archive at Nabble.com.
__
And if i do this
http_port 127.0.0.1:3128
The i get this
[root@squid ~]# squidclient -vv mgr:menu
verbosity level set to 2
Request:
GET cache_object://localhost/menu HTTP/1.0
Host: localhost
User-Agent: squidclient/3.5.20
Accept: */*
Connection: close
.
Transport detected: IPv4-mapped and IP
Thanks, now i have "access denied"...why???
[root@squid ~]# squidclient -vv -h 192.168.1.215 mgr:info
verbosity level set to 2
Request:
GET cache_object://192.168.1.215/info HTTP/1.0
Host: 192.168.1.215
User-Agent: squidclient/3.5.20
Accept: */*
Connection: close
.
Transport detected: IPv4-m
Hi.
The server is serving web pages very slow.
Not related to bandwith of delay pools...
Thanks
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Slow-server-tp4682400p4682440.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
Hi.
this is my config file
GRUPOS DE IP
acl sin_autenticacion src "/etc/squid/listas/sin_autenticacion.lst"
acl red6 src 192.168.6.0/24
###Kerberos Auth with ActiveDirectory###
auth_param negotiate program /lib64/squid/negotiate_kerberos_auth -s
HTTP/squid.xxx@xxx.lan
auth_param
Hi.
Can somebody tell why the squid server it's going slow???
top - 15:05:21 up 3:52, 1 user, load average: 0,93, 2,15, 10,85
Tasks: 186 total, 1 running, 185 sleeping, 0 stopped, 0 zombie
%Cpu(s): 1,7 us, 0,5 sy, 0,0 ni, 97,2 id, 0,7 wa, 0,0 hi, 0,0 si, 0,0
st
KiB Mem : 3882708 t
Hi.
Thanks!
We have 100 users... What would you think is a good "auth_param
negotiate children"??
I cant run squidclient
[root@squid ~]# squidclient mgr:negotiate_authenticator
ERROR: Cannot connect to [::1]:3128
[root@squid ~]# squidclient -vv mgr:negotiate_authenticator
verbosity lev
how you do the option 1???
Thanks
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/How-to-make-sslbump-ing-more-robust-option-to-continue-tp4682359p4682364.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
Hi.
Im having this problem.
may 11 11:26:23 squid..lan squid[32138]: WARNING: All 30/30
negotiateauthenticator processes are busy.
may 11 11:26:23 squid..lan squid[32138]: WARNING: 30 pending requests
queued
may 11 11:26:23 squid..lan squid[32138]: WARNING: Consider increasing
the numb
Im having this problem too
mar 01 12:23:37 squid.x.lan squid[17628]: Error negotiating
SSL connection on FD 181: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher (1/-1)
mar 01 12:23:38 squid.x.lan squid[17628]: Error negotiating
SSL connection on FD
Hi.
Now squid stop... abnormaly.
2017/03/01 12:04:31 kid1| helperOpenServers: Starting 5/32 'ssl_crtd'
processes
FATAL: Ipc::Mem::Segment::open failed to
shm_open(/squid-ssl_session_cache.shm): (2) No such file or directory
Squid Cache (Version 3.5.20): Terminated abnormally.
CPU Usage: 0.095 sec
Hi.
Today the users cant go to internet because the web browser asking everytime
the user and pass, constantly.
This is the error in cache.log:
2017/03/01 08:22:16 kid1| ERROR: Negotiate Authentication validating user.
Result: {result=BH, notes={message: gss_accept_sec_context() failed:
Unspecifi
Hi.
I have running two squid servers.
One with ip access and another with users.
(the machine users are configure with "proxy.blabla.lan" (the squid with ip
access)
I want to know if it is possible do balance between them.
The problem, for me it is that the "server with ip access" it is refer with
Hi, again.
Well i installed squidclamav, c-icap, and clamav; and its working all fine,
but... the download is too slow, the download of a file. There is a way to
accelerate this??
Also, when the file its a virus, the message "this is a virus bla bla", go
fast... i mean the slow download its for al
Hi, again.
Now, i do this
[root@squid ips]# ps aux | grep squid
root 2228 0.0 0.0 130900 344 ?Ss ene24 0:00
/usr/sbin/squid -sYC
squid 2230 6.2 64.9 1341864 1205160 ? Rene24 263:30 (squid-1)
-sYC
squid 2231 0.4 0.1 68196 1948 ?Sene24 20:35 (ss
Ok, thanks.
But something more its wrong look up this:
[root@squid ips]# squid -k restart
squid: ERROR: Could not send signal 21 to process 8083: (3) No such process
[root@squid ips]# squid -k shutdown
squid: ERROR: Could not send signal 15 to process 8083: (3) No such process
[root@squid ip
1 - 100 of 184 matches
Mail list logo
