On Wed, 2014-11-19 at 19:06 +0530, Nishant Sharma wrote:
>
> On 19 November 2014 6:41:44 pm IST, brendan kearney wrote:
>
> >it
> >if the Content-Type header is not set to
> >"application/x-ns-proxy-autoconfig".
> >
>
> Ah so that is why most of the java applets don't honour PAC settings and I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 20/11/2014 2:11 a.m., brendan kearney wrote:
> Yes and it seems java is even more sensitive. I had an array
> member defined on a line that was not terminated with a semicolon
> and browsers did not throw errors, but java did. Pactester did not
>
On 19 November 2014 6:41:44 pm IST, brendan kearney wrote:
>it
>if the Content-Type header is not set to
>"application/x-ns-proxy-autoconfig".
>
Ah so that is why most of the java applets don't honour PAC settings and I was
blaming poor coding of those applets.
I usually serve PAC file with
On 19 November 2014 6:41:44 pm IST, brendan kearney wrote:
>Yes and it seems java is even more sensitive. I had an array member
>defined on a line that was not terminated with a semicolon and browsers
>did
>not throw errors, but java did. Pactester did not catch this. Missing
>curly braces an
Yes and it seems java is even more sensitive. I had an array member
defined on a line that was not terminated with a semicolon and browsers did
not throw errors, but java did. Pactester did not catch this. Missing
curly braces and I think quotes are caught.
Also of note, you have to set the con
One word of caution: pactester uses the Firefox JavaScript engine, which is
more forgiving than MSIE's. So while it is a very useful tool, it may let
some errors slip through.
On Nov 18, 2014 9:45 PM, "Jason Haar" wrote:
> On 19/11/14 01:39, Brendan Kearney wrote:
> > i would suggest that if you
On 19/11/14 01:39, Brendan Kearney wrote:
> i would suggest that if you use a pac/wpad solution, you look into
> pactester, which is a google summer of code project that executes pac
> files and provides output indicating what actions would be returned to
> the browser, given a URL.
couldn't agree
On Tue, 2014-11-18 at 08:35 -0300, Carlos Defoe wrote:
> Well, you just wrote a load balancer in PHP, with a load balancing
> algorithm in it. It serves the same purpose as HAproxy (I don't really
> use HAproxy, so I don't know, but I use the F5 big-ip which is
> perfectly capable of testing Intern
Well, you just wrote a load balancer in PHP, with a load balancing
algorithm in it. It serves the same purpose as HAproxy (I don't really
use HAproxy, so I don't know, but I use the F5 big-ip which is
perfectly capable of testing Internet links behind squid). In you
scheme, WPAD is being used to te
On 18/11/14 16:07, Carlos Defoe wrote:
> As for my scenario, I also use wpad to configure some exceptions, some
> clients that will use a completely different proxy, etc...
Our "wpad.dat" is actually a PHP script which tests that the "official"
proxy (per client subnet) is actually working (with ca
I don't meant to use wpad as a load balancer. I would not do it, wpad
and pac are not designed for doing that, although it is (roughly)
possible to do it.
The load balancer device, if there is one, have one and only name, eg,
"proxy.your.domain". All the clients must point to that very same
name,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 18/11/2014 12:39 a.m., Carlos Defoe wrote:
> Use a load balancer. HAproxy will do the trick, if you don't want
> to spend some money on a professional load balancer like F5
> big-ip.
Or even, taddah ... Squid!
see cache_peer for the many load bala
On Monday 17 November 2014 at 22:01:29 (EU time), Alexander Samad wrote:
> Why haproxy instead of a pacemaker. I have 2 dmz boxes I setup in a
> cluster. so I have 2 vips for the squid proxies. and dns setup to
> round robin to the vip's.
>
> I see sort of even distribution but I don't have a sin
Why haproxy instead of a pacemaker. I have 2 dmz boxes I setup in a
cluster. so I have 2 vips for the squid proxies. and dns setup to
round robin to the vip's.
I see sort of even distribution but I don't have a single point of
failure. if 1 node failes the vip moves over to the other node..
O
Use a load balancer. HAproxy will do the trick, if you don't want to
spend some money on a professional load balancer like F5 big-ip.
Don't drop the use of wpad. You can send the balancer name (eg.
proxy.your.domain) as a default for every client, and send the names
of the proxy nodes as a failove
On Mon, Nov 17, 2014 at 3:04 AM, Marcus Kool
wrote:
> Let me start to say that I am biased since I am the author of ufdbGuard.
> If you have worked with squidGuard than you will find that ufdbGuard is an
> excellent replacement since ufdbGuard was forked in 2005 from squidGuard
> and has since ga
Let me start to say that I am biased since I am the author of ufdbGuard.
If you have worked with squidGuard than you will find that ufdbGuard is an
excellent replacement since ufdbGuard was forked in 2005 from squidGuard and
has since gained many features.
And I suggest to apply for a trial lice
Https is no issue. The ssl session will persist to the same proxy for the
duration of the session. I have no problems at all.
On Nov 16, 2014 3:58 PM, "alberto" wrote:
> Ok, thank you very much. I think this is a good solution, maybe with an
> active/passive HAProxy with keepalived.
> Are you a
Ok, thank you very much. I think this is a good solution, maybe with an
active/passive HAProxy with keepalived.
Are you able to serve also https without any problem through HAProxy or
only http request?
regards,
a.
On Sun, Nov 16, 2014 at 8:00 PM, brendan kearney wrote:
> I use kerberos auth
I use kerberos auth and do not have issues. You have to pay attention to
the details with kerberos auth (dns name and principals need to match,
specific options set in squid configs), but it is working very well for me
On Nov 16, 2014 12:32 PM, "alberto" wrote:
> Hi Brendan
>
> On Sun, Nov 16,
Hi Brendan
On Sun, Nov 16, 2014 at 5:51 PM, Brendan Kearney wrote:
> i use HAProxy to load balance based on the least number of connections
>
Do you use kerberos/AD authentication?
Any issues with HAPROXY in front of the squid nodes?
Thx,
a.
___
squi
On Sun, 2014-11-16 at 17:22 +0100, Kinkie wrote:
> On Sun, Nov 16, 2014 at 4:54 PM, alberto wrote:
> > Hello everyone,
> > first of all thanks to the community of squid for such a great job.
>
> Hello Alberto,
>
> [...]
>
> > I have some questions that I would like to share with you:
> >
> > 1.
On Sun, Nov 16, 2014 at 4:54 PM, alberto wrote:
> Hello everyone,
> first of all thanks to the community of squid for such a great job.
Hello Alberto,
[...]
> I have some questions that I would like to share with you:
>
> 1. I would like to leave the solution we are using now (wpad balancing).
Hello everyone,
first of all thanks to the community of squid for such a great job.
I'm writing because I have to revise the current implementation of squid in
my company so I would like to share with you some design ideas and possibly
have some suggestions from you.
The group I work for has six
24 matches
Mail list logo
