I have squid installed on a NAT instance in AWS. I installed squid using
yum. The OS is amazon linux. When squid is not running I am able to send
traffic through the nat box from private subnets but when I start squid I am
not.
This is the default iptables rules:
[admin@box1 ~]# iptables -t
Hi :
Thanks Amos Jeffries, i updated to squid 3.5.2 and
tested QQ and other application at two different environment ( between
intercept and tproxy ) in according to your advisement .
result is ok as your saying .
Thanks again .
but i checked cache log and found ( WARNING: disk-cache maximum
On 02.03.15 02:33, Amos Jeffries wrote:
These people are plain wrong about how the basic protocol works and yet
they are treated with must-accept policies by so many networks.
Yep, one of the really big problems we have is the "it works when we're
not using the proxy, so the proxy must be b
On 4/03/2015 2:30 a.m., laxcat wrote:
> I have squid installed on a NAT instance in AWS. I installed squid using
> yum. The OS is amazon linux. When squid is not running I am able to send
> traffic through the nat box from private subnets but when I start squid I am
> not.
Please follow this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Feel free to use Squid Wiki:
http://wiki.squid-cache.org/ConfigExamples/Intercept
03.03.15 19:30, laxcat пишет:
> I have squid installed on a NAT instance in AWS. I installed squid
> using yum. The OS is amazon linux. When squid is not running I
On 4/03/2015 3:12 a.m., johnzeng wrote:
>
> Hi :
>
> Thanks Amos Jeffries, i updated to squid 3.5.2 and
>
> tested QQ and other application at two different environment ( between
> intercept and tproxy ) in according to your advisement .
>
> result is ok as your saying .
>
> Thanks again .
>
This used to work in 3.3.x:
wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_source priority=240
ports=80,81,83,591,8008,8080,443
squid 3.4.12 fails:
2015/03/03 11:02:33.109| cache_cf.cc(556) parseOneConfigFile: Processing:
wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You cannot combine HTTP and HTTPS in one WCCP service.
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
03.03.15 23:04, Guy Helmer пишет:
> This used to work in 3.3.x:
>
> wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,po
Hi,
I would like to know whether a single squid server can handle 1Gbps traffic?
Consider I have hardware configuration of 64 GB RAM, 12 Core processor and 10
GB NIC. Is it possible?
- SP ___
squid-users mailing list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
There is no slow servers. There are slow brains system administrators.
IMO - with an excess of.
03.03.15 23:15, siva prakash пишет:
> Hi, I would like to know whether a single squid server can handle
> 1Gbps traffic? Consider I have hardware configur
It has worked in the past with WCCP2 dynamic services at multiple sites.
I’ve uncovered the wccp2_service_info ports parsing error:
--- src/wccp2.cc.ORIG 2015-03-03 11:08:18.0 -0600
+++ src/wccp2.cc2015-03-03 11:10:37.0 -0600
@@ -2264,7 +2264,10 @@
if (i >= WCCP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Please, read Cisco iOS WCCPv2 manual first.
This one:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf018.html
and this one:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fc
> I would like to know whether a single squid server can handle 1Gbps
> traffic?
>
>
> Consider I have hardware configuration of 64 GB RAM, 12 Core
> processor and 10 GB NIC. Is it possible?
>
>
Depends on what the users are doing, there is a big difference between
A) One user is download
Thanks Yuri -- I have thoroughly read Cisco IOS configuration manuals
pertaining to WCCP2. From what I have read, there is no strict requirement for
separate configurations for standard web-cache port 80 and dynamic service for
non-port 80 — wccp2 dynamic services allow redirection of any ports
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don't think this is bug.
You got very custom configuration, which can not be common.
As I said, HTTP ports other than 80 is very rarely used in WAN's. And
be better to separate HTTPS port from HTTP.
Modern iOS can not accept your configuration. Bewa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Fred,
don't think so.
This is big enough box.
And files above 1 Gb is not downloaded all time.
Main question - what loads planned?
Medium office generates this throughtput easily, and this box
processed it all without warms up.
Medium ISP is anot
Disregarding the complaints about Cisco configuration, here is a simple
example: If I want to intercept plain HTTP on ports 8008 and 8080:
wccp2_service_info 94 protocol=tcp flags=dst_ip_hash,ports_source priority=240
ports=8008,8080
Squid 3.4.12 will still give this incorrect error:
FATAL: Bu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
In this case you can simple open bug on Bugzilla.
04.03.15 0:46, Guy Helmer пишет:
> Disregarding the complaints about Cisco configuration, here is a
> simple example: If I want to intercept plain HTTP on ports 8008 and
> 8080:
>
> wccp2_service_info
Hello everyone, I'm experimenting with cache_peer directive and node.js:
cache_peer 10.0.0.90 parent 0 no-query no-digest proxy-only name=test
in that port I have a node.js Proxy receiveing connections in the same
host, it extracts some information I need and saves it to a DB, then
redire
Hi All,
Does someone know why the "*client_dst_passthru*" does not work in TProxy
mode ?
From the Squid wiki, we can read that:
"/Regardless of this option setting, when dealing with intercepted
traffic Squid will verify the Host: header and any traffic which
fails Host verification will be treat
Hey Fred,
It is unclear what doesn't work for you.
What would you expect to work and how it works or doesn't work from a
user perspective rather then an admin?
Is there any trouble from the user side about this issue?
Eliezer
On 04/03/2015 00:14, Stakres wrote:
Hi All,
Does someone know why
On 4/03/2015 9:35 a.m., Sebastian Goicochea wrote:
> Hello everyone, I'm experimenting with cache_peer directive and node.js:
>
> cache_peer 10.0.0.90 parent 0 no-query no-digest proxy-only name=test
>
> in that port I have a node.js Proxy receiveing connections in the same
> host, it extrac
Hello Dear Sebastian:
i am thinking about node.js + squid at
isp environment for video file cache or big file cache recently ,
Which useful public info will we will
obtain from internet ?
if y
On 4/03/2015 7:20 a.m., Yuri Voinov wrote:
> Fred,
>
> don't think so.
>
> This is big enough box.
>
> And files above 1 Gb is not downloaded all time.
>
> Main question - what loads planned?
That was Fred's point.
The question as asked was meaningless. Yes a single Squid can reach
that speed
Hi Eliezer,
Well, we have done many tests with Squid (3.1 to 3.5.x), disabling
"client_dst_passthru" (off) will stop the DNS entry as explained in the
wiki, the option directly acts on the flag "ORIGINAL_DST".
As you know, ORIGINAL_DST switches the optimization off (ex: StoreID) then
it's not poss
25 matches
Mail list logo
