By now i not see anymore the single squid process taking all the resources,
using the multi process the load is spread and all seem work really well. I
see only sometimes the clam-d service hitting 100% for few istants but i
think that is normal, as it's a single process, but not cause any slowdown
Maybe i've spotted what was. Trendmicro Antivirus (cloud version). Was
generating a lot of TCP_MISS with status code 200. Added the domain
.trendmicro.com to the "not bumped" domains (with some microsoft domains
used for the update processes) and the cache file is so much clean!
--
Sent from
For now i've tried with the "workers 3" directive, i can see 3 squid process,
seem that they span quite evenly the load and the page loading seem better.
Hope that fix the bottlenek...
In any case, i not know if there is somtheing wrong in the config that can
hurt the performance
--
Sent fro
How i can find what is the problematic CA?
On the cache.log i have hundreds of this (aroung 10 per second), but in the
access.log i have really few TCP_DENIED connections or in general other
errors that can indicate what's causing that problem.
Thanks!!
--
Sent from:
http://squid-web-proxy-cac
Hi!
I've enabled the ssl-bump with following directives:
acl no_ssl_interception dstdomain .somedomain.com
ssl_bump none localhost
ssl_bump none no_ssl_interception
ssl_bump stare
ssl_bump bump all
http_port 8080 ssl-bump cert=/etc/squid/ca.pem generate-host-certificates=on
dynamic_cert_mem_cach
Wow, a lot to read (and understand, for a newbie like me :-|)
From what i've seen it's sufficient to insert the "workers n" directive in
the conf (n number of workers). With some limitations with the features that
support SMP (delay pools, cache, etc - i not think to use any of them)
--
Sent
Hi!
I've configured squid with ssl_bump and now the squid process (not the
helpers) takes quite load. There aren't too much clients on it (max 50).
This is the config (ripped some acl to make it readable):
--
cache_mgr x...@xxx.com
visible_hostn
I've tried to comment out the "tcp_outgoing_address 0.0.0.0 all" directive as
you suggested, and actually all work as it should. Not know why in the past
had to add it.
By now, only one site has problem with ssl_bump and ipv6, and it's
wiki.squid-cache.org (quite hilarious). If i bump it i get the
But why with that 2 directives (tcp_outgoing_address and dns_v4_first,
dns_v4_first alone wasn't working) time ago fixed my problem with squid
trying always to use ipv6? Never had any problem with ip-v6 after that.
Until now...
And, why NOW i have problems with ipv6 with some sites (for example
h
Hi...
I'm trying to limit download bandwidth to some user groups based on AD using
external helpers, using the following command:
delay_pools 1
delay_class 1 1
delay_access 1 allow InternetLimitato InternetLibero InternetCentralino
!CONNECT
delay_parameters 1 50/50
"InternetLimitato Intern
After futher search seem that the webpage now is trying to get files from
cdnjs.cloudflare.com, but it resolves as an ipv6 address. My network is not
ready for ipv6. I've already shut off ipv6 on the interface, used the
"dns_v4_first on" and "tcp_outgoing_address 0.0.0.0", but still no luck
It
I'll doubt is a chrome bug, as with direct connection i've not any problem...
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-and-site-ryanair-com-tp4669105p4669366.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
Found it!
I get the following errors:
(index):6 GET
http://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.3.6/slick.css
(index):240 GET
http://cdnjs.cloudflare.com/ajax/libs/require.js/2.1.5/require.min.js
(index):250 Uncaught ReferenceError: require is not defined(index):250
(anonymous function
I'm using chrome as browser, and i not find the developer/network trafic
section where check if there is something that the browser can't get...
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-and-site-ryanair-com-tp4669105p4669203.html
Sent from the Sq
No JS blocking... I've problems only with this site
Now i'm duplicating the squid VM to try to debug better on an isolated
enviroment.
I've posted my squid.conf, maybe someone see something wrong that i not
see...
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nab
Still have problems... I've tried in different ways and i'm unable to get it
work...
This is my config:
#
# Recommended minimum configuration:
#
### cache manager
cache_mgr cache...@domain.com
visible_hostnameServ07.domain.com
authenticate_ip_ttl 1 hour
### negotiate kerberos and ntlm
I've also tried to add the domain ryanair.com to the domains that return
DIRECT on the wpad file (for bypass squid), but also in this way that things
on the site doesn't work.
They work only if i disable totally the proxy.
Any ideas? Thanks!
--
View this message in context:
http://squid-web-pro
Hi!
I have squid/3.3.13 on a centos 6.5, configured with ntlm and kerberos auth.
I'm having throubles to get work the http site ryanair.com.
The dynamic content of the page (the find flights button and the calendars,
that as far i can see are js+css) are not working (the calendars does not
open and
Hi!
I'm trying to check if a user is present in a Group, and now i'm using the
following config:
external_acl_type memberof ttl=30 %LOGIN
/usr/local/squid/libexec/ext_ldap_group_acl -v 3 -R -K -b
"dc=domain,dc=local" -D squid@domain.local -W /etc/squid/ldappass.txt -f
"(&(objectclass=person)(sAMAc
Same here, i'm waiting the right time to go to the customer and try the debug
suggested by Amos Jeffries on 3.4.x codes to help to find where is the
performance issue.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/3-3-x-3-4-x-huge-performance-regression-tp4
I've noticed that also others had problems on 3.4.x with high cpu usage using
ntlm auth, and i would be happy to help and support the project. But i don't
know too much about linux (are only few month that i play with it) and know
squid only a bit. I not know if i can be much useful. And the system
Ok, i've tried to comment out and leave only one helper at time, and i can
get work only one helper.
If i have only basic helper, and other commented out, it work (asking the
password with the correct realm text), but if i enable other helpers, only
work the one that is first in order on the conf f
Nothing to do, seem that if squid fails one of the negotiate_wrapper methods
doesn't use any other method, asking that password (that as you say isn't a
basic auth, as the realm part isn't displayed).
In the logs i get only negotiate_wrapper events. I've also tried to comment
out the pure ntlm and
hi! thanks for the answer!
I've already added the -d option on all helpers, i get kerberos and ntlm
tickets but never basic auth... Most of them came from the negotiate
wrapper.
I've noticed as you say that the realm part isn't displayed in the password
prompt box, so the prompt doesn't came form t
Hi to all!
I'm having an issue on squid 3.3.13 using basic_ldap_auth.
I'm using the following helpers:
auth_param negotiate program /usr/local/bin/negotiate_wrapper --ntlm
/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --domain=DOMAIN
--kerberos /usr/local/bin/squid_kerb_auth -s GSS_C_NO_NA
Thanks for the answer, i'll try that when i have some time :)
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Kerberos-auth-not-working-tp4667646p4667735.html
Sent from the Squid - Users mailing list archive at Nabble.com.
All solved!
Seem that kerberos is ALWAYS not working only on a specific worstation.
If i use kerberos from any other pc it works as excepted.
What can cause the error on that specific workstation? I've reinstalled the
os due to this problem, and it's still there (os preinstalled, so i've used
the r
Hi to all! I've a 'little' problem
I've followed the instruction of this guide:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
And i've setup successfully the ntlm and basic authentication. browser and
application works well, most of them use ntlm...
But now i've
I can confirm that on 3.3.13 all is working correctly, the cpu usage is
really low.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-3-4-uses-100-cpu-with-ntlm-auth-tp4664169p4667645.html
Sent from the Squid - Users mailing list archive at Nabble.com.
__
Same problem here... 3.4.7 with NTLM and i have huge cpu utilization
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-3-4-uses-100-cpu-with-ntlm-auth-tp4664169p4667634.html
Sent from the Squid - Users mailing list archive at Nabble.com.
_
30 matches
Mail list logo
