[squid-users] New log message: "Bad header encountered from..."

r.md5 current master transaction: master46663356 quite often. What is the bad header here: HTTP/1.0 200 OK Server: ID DIACOS App-Server Date: Tue Sep 01 09:50:41 CEST 2020 Content-Length: 74 Last Modified: Thu Feb 13 13:06:30 CET 2020 Ralf Hildebrandt Charité - Universitätsmedizin B

[squid-users] Change of server hardware (?) resulted in massive increase of crashes

nationsEnd current master transaction: master359979 My infrastructure generates backtraces upon crash, but in the case I'm not getting any. Which is odd, given I start squid in gdb with "/usr/sbin/squid -sYNC" -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschä

Re: [squid-users] Change of server hardware (?) resulted in massive increase of crashes

* Ralf Hildebrandt : > 2020/09/22 09:34:07| FATAL: check failed: opening() > exception location: tunnel.cc(1305) noteDestinationsEnd > current master transaction: master359979 I had to go back as far as 5.0.2 to exclude master commit 25b0ce4, now it's stable (running for a

Re: [squid-users] [ext] Re: Change of server hardware (?) resulted in massive increase of crashes

similar minor/innocent changes that result in slightly > different Squid state and more exceptions. I would not spend time trying > to pinpoint the exact trigger. > > I updated bug #5055 with a patch that covers the tunneling case: > https://bugs.squid-cache.org/show_bug.cgi?id=5055#c5

Re: [squid-users] [ext] Re: Change of server hardware (?) resulted in massive increase of crashes

nnections for testing (in contrast to the usual 25%) 5.0.2 (running on the other 3 nodes) gives us about 21.7h average uptime with a median uptime of 28.6h -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1.

[squid-users] Odd log entries

/- text/html accessRule=notsslports - 1601383160.341435 10.47.52.135 TCP_DENIED/403 4057 CONNECT:5001 - HIER_NONE/- text/html accessRule=notsslports - CONNECT, yes, but why is the host missing? Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus

[squid-users] ERR_TUNNEL_CONNECTION_FAILED

laborberlin.com 607748248.dracoon.cloud. # dig +short @141.42.5.157 607748248.dracoon.cloud 213.95.134.242 So what is the reason for the NONE_NONE/500 error? Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1

Re: [squid-users] [ext] ERR_TUNNEL_CONNECTION_FAILED

* Ralf Hildebrandt : > I'm getting "ERR_TUNNEL_CONNECTION_FAILED" errors in Chrome when > connecting to https://securefiles.laborberlin.com/ And Firefox! > # dig +short @141.42.5.156 607748248.dracoon.cloud > 213.95.134.242 https://607748248.dracoon.cloud/ ist wo

Re: [squid-users] [ext] ERR_TUNNEL_CONNECTION_FAILED

57 iris.charite.de charite.science-it.ch. # dig +short @141.42.5.157 charite.science-it.ch iris.science-it.ch. 35.180.69.77 Huh? No valid address records? Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum

Re: [squid-users] [ext] Re: I want to know the concerns of load testing

t; If not, what are you using as an alternative? I had a look at dante https://www.inet.no/dante/ FYI: for a company with about 15.000 machines we're using a cluster of 4 proxies. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin F

Re: [squid-users] [ext] Re: What is the state of V5 branch? Can I try to publish some RPMS?

ttps://bugs.squid-cache.org/show_bug.cgi?id=4832> > <https://bugs.squid-cache.org/show_bug.cgi?id=4872> And of course http://bugs.squid-cache.org/show_bug.cgi?id=5055 which is affecting v5 and v6. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Ca

[squid-users] Squid vs. Telegram

67.92 alike. I know Telegram has a huge influx of new users, probably due to the recent changes in WhatsApp. But is what I'm seeing normal? --- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG

Re: [squid-users] [SPAM] [ext] Squid 5.1 memory usage

bug.cgi?id=5132 is somewhat related Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charit

Re: [squid-users] [SPAM] [ext] Squid 5.1 memory usage

d SSL bump. > > > > https://bugs.squid-cache.org/show_bug.cgi?id=5132 > > is somewhat related > > > > There's squid-5.2. Does it also have this problem? Quite sure, since I've been testing Squid-5-HEAD before it became 5.2 But to be sure, I'm deply

Re: [squid-users] [SPAM] [ext] Squid 5.1 memory usage

* Ralf Hildebrandt : > > There's squid-5.2. Does it also have this problem? > > Quite sure, since I've been testing Squid-5-HEAD before it became 5.2 > But to be sure, I'm deplyoing it right now. Yep, squid-5.2 is also leaking. Ralf Hildebrandt Charit

Re: [squid-users] [SPAM] Re: [SPAM] [ext] Squid 5.1 memory usage

* Steve Hill : > On 12/10/2021 09:34, Ralf Hildebrandt wrote: > > > > Quite sure, since I've been testing Squid-5-HEAD before it became 5.2 > > > But to be sure, I'm deplyoing it right now. > > > > Yep, squid-5.2 is also leaking. > > :( >

Re: [squid-users] [ext] Re: Significant memory leak with version 5.x (not with 4.17)

ut what exactly is hitting you. Update (checked this morning): memory consumption (squid 5.3) seems to be stable. I'll upgrade to 6.0 with the proposed fix, since bug 5055 becomes the more pressing issue after the memleak is gone. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Gesc

[squid-users] Absolute upper limit for filedescriptors in squid-6?

What is the absolute upper limit for filedescriptor in squid-6? Am I limited to 64k dues to use of select(), or are larger numbers possible? -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105

Re: [squid-users] [ext] Re: Absolute upper limit for filedescriptors in squid-6?

768 configure: Default number of filedescriptors: 131072 ... Yes, I set "ulimit -n 131072" before running configure -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm

Re: [squid-users] [ext] Re: Absolute upper limit for filedescriptors in squid-6?

ng just fine with --with-filedescriptors=262144 -- that is up to now :) Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebra..

Re: [squid-users] [ext] Re: Absolute upper limit for filedescriptors in squid-6?

* NgTech LTD : > Hey Ralph, > > Did you tried to configure the squid proxy systemd service and squid conf > with the mentioned max fd? I'm not using systemd to start squid (using runit here) Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung

Re: [squid-users] [ext] Re: Absolute upper limit for filedescriptors in squid-6?

* Eliezer Croitoru : > What OS are you using exactly? Ubuntu 20.04 on amd64 Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570

[squid-users] auto-generated release on http://www.squid-cache.org/Versions/v6/ somewhat stale?

Are the auto-generated releases on http://www.squid-cache.org/Versions/v6/ simply broken or is there another reason for a recent tarball since 07.02.2022? Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG

[squid-users] Identify websockets traffic in the log?

Is it possible to identify websockets traffic in the log (using squid-6 here)? Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155

[squid-users] OT: calamaris log parsing...

o the internet... Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite.de https://www.chari

[squid-users] dns_nameservers directive

" defaults to 30s. Is there any way of making squid mark the first server as "dead" (for e.g. 5 minutes) and use the next server instead? -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG

Re: [squid-users] [ext] Re: dns_nameservers directive

d nameserver is perfectly healthy > :-(. Yes, that's what I observed here :) -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berli

[squid-users] Disable IPV6 for certain destinations only?

they don't (yet) know is our ipv6 range. Thus arises the need to "fall back" to ipv4 in the unlikely case some publisher already has ipv6, we connect via ipv6 and suddenly are not allowed to download the publications. Is there an acl for that kind of need? -- Ralf Hildebrandt Charit

Re: [squid-users] [ext] Re: Disable IPV6 for certain destinations only?

blem temporarily, add the IPv4 only > address to the /etc/hosts of the proxy server(s). This will resolve the > address to your override. You can also do this with a local recursive DNS > server (like Bind) too. Will do that, thanks! -- Ralf Hildebrandt Charité - Universitätsmedizin B

Re: [squid-users] [ext] Re: Disable IPV6 for certain destinations only?

o connect using IPv4 only (for this destination)". Exactly! -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 ralf.hildebra..

Re: [squid-users] [ext] Re: Disable IPV6 for certain destinations only?

be to add a static > 'reject' route to the IPv6 block used by this publisher on the proxy (it > could be kept up-to-date by a dns lookup script). That's less of a > liability than forcing resolution to a particular IP. Also a nice option. -- Ralf Hildebrandt Charité - Uni

[squid-users] ftp related crash in squid-6.0.0-20220905-r9358e99f9

= { _vptr.AsyncEngine = 0x55b6ea10 }, } comm_engine = { = { _vptr.AsyncEngine = 0x55b7e138 }, } time_engine = { _vptr.Engine = 0x55b8dad0 } #21 0x5555557fa0fa in SquidMainSafe (argv=0x7fffed4

Re: [squid-users] [ext] Re: ftp related crash in squid-6.0.0-20220905-r9358e99f9

ef = false, dir_slash = false, root_dir = false, no_dotdot = false, binary = false, try_slash_hack = false, put = false, put_mkdir = false, listformat_unknown = false, listing = true, completed_forwarding = true } } -- Ralf Hildebrandt Charité - Universitätsmedizi

Re: [squid-users] [ext] FATAL: Dying from an exception handling failure; exception: [no active exception]

full generate-core-file quit # snip I hope this helps. -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570

Re: [squid-users] [ext] Re: FATAL: Dying from an exception handling failure; exception: [no active exception]

race shows functions with letters "Ftp" in their names, then you are > probably hitting that bug. That bug has a proposed fix. If you can, please > test it: https://bugs.squid-cache.org/show_bug.cgi?id=5290#c2 -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäf

[squid-users] Some requests not being passed/processed by squid

== What are TCP_REFRESH_ABORTED/200 and (which looks more dire) NONE_NONE_ABORTED/000? -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 1

[squid-users] no more cache_object://127.0.0.1/counters URL in 6.3?

ation: cache_manager.cc(193) ParseUrl current master transaction: master59170 -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration Invalidenstraße 120/121 | D-10115 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite.de

Re: [squid-users] [ext] no more cache_object://127.0.0.1/counters URL in 6.3?

* Ralf Hildebrandt : > We're relying on > > /usr/bin/squidclient -h 127.0.0.1 -p 8080 cache_object://127.0.0.1/counters > > for monitoring purposes and 6.3 reports an error when accessing that > resource: > > 2023/09/27 22:42:57| ERROR: Squid BUG:

Re: [squid-users] [ext] no more cache_object://127.0.0.1/counters URL in 6.3?

. I figured as much, but wasn't able to find the "new style" > The "mgr:foo" shorthand used to expand to cache_object://host/foo > It now expands to http://host/squid-internal-mgr/foo > You are welcome to use the latter explicitly if you prefer. Indeed, I'm now usin

Re: [squid-users] [ext] Squid quits while starting?!

-M 4MB" by hand (as the squid user, I guess) Also read https://squid-users.squid-cache.narkive.com/w0JgcN24/need-assistance-debugging-squid-error-ssl-ctrd-helpers-crashing-too-quickly which seems to imply that you need to initialize the DB first: /usr/libexec/ssl_crtd -c -s /var/lib/ssl_db -- R

Re: [squid-users] [ext] Squid quits while starting?!

uot;, so simply use ./ssl_crtd -c -s /var/lib/ssl_db instead. -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration Invalidenstraße 120/121 | D-10115 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite.de https://www.charite.d

Re: [squid-users] [ext] Squid quits while starting?!

e. Squid writes as much information as it can about the problem > to log, stderr, and if possible the system message log. There is nothing > else a process like Squid can do. Squid COULD have initialized the DB itself. That's the criticism I'm willing to allow. If it KNOWS wha

Re: [squid-users] [ext] Squid quits while starting?!

; that a partition is not mounted - refusing to start at least makes it > obvious that there's a problem. Yup. I'm always joking: "Professional(n.): User who can read & understand error messages" -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsb

[squid-users] Squid Caching Proxy Security Audit: 55 vulnerabilities and 35 0days

This caught my attention: https://github.com/MegaManSec/Squid-Security-Audit -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration Invalidenstraße 120/121 | D-10115 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite.de https

[squid-users] Security advisories pointing to Squid 6.4, but no download (yer)?

Hi! The recent four Security advisories are pointing to Squid 6.4, but I'm not seeing that one for download yet... -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration Invalidenstraße 120/121 | D-10115 Berlin Tel. +49 3

Re: [squid-users] [ext] Re: Security advisories pointing to Squid 6.4, but no download (yer)?

* Francesco Chemolli : > Hi Ralf, >It might be some delay in propagating to the mirrors. I see 6.4 is > available at http://static.squid-cache.org/Versions/v6/ . Yep, working now (not on the v6 mirror, though) -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsb

[squid-users] Squid 6.4 assertion errors: FATAL: assertion failed: stmem.cc:98: "lowestOffset () <= target_offset" current master transaction: master655 (backtrace)]

}, } comm_engine = { = { _vptr.AsyncEngine = 0x55b84c08 }, } time_engine = { _vptr.Engine = 0x55b93ac8 } #25 0x5580603a in SquidMainSafe (argv=0x7fffed48, a

Re: [squid-users] [ext] Re: Squid 6.4 assertion errors: FATAL: assertion failed: stmem.cc:98: "lowestOffset () <= target_offset" current master transaction: master655 (backtrace)]

at all), and will also try 7.0/master -- Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration Invalidenstraße 120/121 | D-10115 Berlin Tel. +49 30 450 570 155 ralf.hildebra...@charite

[squid-users] Bypass a ICAP error in Squid?

How can I bypass an ICAP error in Squid (currently squid5)? Background: We're using Squid with C-icap, and recently had (like anybody else) huge issues with clamd not working properly. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@chari

Re: [squid-users] Bypass a ICAP error in Squid?

* Alex Rousskov : > On 01/30/2018 06:27 AM, Ralf Hildebrandt wrote: > > How can I bypass an ICAP error in Squid (currently squid5)? > > See the bypass option of the icap_service directive but keep in mind > http://lists.squid-cache.org/pipermail/squid-users/2018-January/017484.h

[squid-users] cacheHttpAllSvcTime quite high

rySvcTime.5 = 0 cacheIcpReplySvcTime.5 = 0 cacheDnsSvcTime.5 = 30 Why is cacheHttpAllSvcTime so much higher than cacheHttpMissSvcTime.5 ? The proxy doesn't appear to be slow or sluggish. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Ben

Re: [squid-users] [ext] Re: cacheHttpAllSvcTime quite high

* Amos Jeffries : > On 14/06/18 23:04, Ralf Hildebrandt wrote: > > We're using squid 5.0.0-20180202-r51e09c0 and I recently realized that > > the values for "cacheHttpAllSvcTime" are quite high > > > > cacheHttpAllSvcTime.5 = 288 > > cacheHtt

Re: [squid-users] [ext] when will squid 4 be production ready?

* Gordon Hsiao : > squid4 has been released for quite a while, when will it be production > ready or any rough timeline on the horizon? I'm using annotate_transaction extensively. Is that available in Squid-4? -- Ralf Hildebrandt Charite Universitätsmed

Re: [squid-users] [ext] new ecap gzip + deflat adapter

* joseph : > https://github.com/yvoinov/squid-ecap-gzip URL returns 404! -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich

[squid-users] A logging only ACL?

haus markURLhaus --- nsip --- How? Underlying problem: https://urlhaus.abuse.ch/ is offering a plain-text URL list here https://urlhaus.abuse.ch/downloads/text/ But in squid I must used "url_regex" - meaning I'll have to escape the likes of .^$*+?()[{\| -- Ralf Hildebrandt

[squid-users] Very basic peek & splice

I recompiled my squid-5 with openssl and added ssl_bump peek all ssl_bump splice all to my squid.conf. What logging should I expect to verify it's actually working? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Ben

Re: [squid-users] [ext] Netdb. state too big

* Antonino Sanacori : >  Hello. > > My log/squid/netdb.state is 534MB, how can i reduce his size? > > On my Debian 9 can I use logrotate to rotate the file? You could disable it: http://www.squid-cache.org/Doc/config/netdb_filename/ -- Ralf Hildebrandt

Re: [squid-users] [ext] Netdb. state too big

* Ralf Hildebrandt : > * Antonino Sanacori : > >  Hello. > > > > My log/squid/netdb.state is 534MB, how can i reduce his size? > > > > On my Debian 9 can I use logrotate to rotate the file? > > You could disable it: > http://www.squid-cache.org/Doc/con

Re: [squid-users] [ext] Netdb. state too big

www.squid-cache.org/mail-archive/squid-users/27/0384.html seems to imply that it's only useful in a parent-child setup (or cache hierarchy). -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Fr

Re: [squid-users] [ext] Netdb. state too big

tup (users are behind 4 proxies which connect them to the Internet), does use of Netdb make sense? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berl

Re: [squid-users] [ext] Re: squid hanging in 100% steal

> > What does "100% steal" mean? http://blog.scoutapp.com/articles/2013/07/25/understanding-cpu-steal-time-when-should-you-be-worried -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://ww

[squid-users] Squid-5 vs. FTP:// URLs

mputer.com/news/google/chrome-and-firefox-developers-aim-to-remove-support-for-ftp/ The URL scheme is ftp://, the data returned by the proxy is text/html, and since that's the case, the data is being downloaded instead of being displayed directly. Is there any way around this? -- R

[squid-users] Current downloads on http://www.squid-cache.org/Versions/v5/

The most recent download is squid-5.0.0-20190331-rf5e179474 while changesets lists a few more changes. Is the autogeneration of the tarballs broken? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https

Re: [squid-users] [ext] Re: Current downloads on http://www.squid-cache.org/Versions/v5/

Happy to wait then :) -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon:

[squid-users] Log resolved IP somehow?

p -c 95.100.198 /etc/squid5/manual-ensilo-ipblocklist.acl 0 # fgrep -c 95.100 /etc/squid5/manual-ensilo-ipblocklist.acl 0 So, I guss the IP must have change between to time "trx.adscale.de" was blocked and now. How can I log the IP "trx.adscale.de" resolved to when the reject

Re: [squid-users] [ext] Re: Log resolved IP somehow?

; > Other than that, your best bet would be the debug trace of what ACLs are > matching. "debug_options 28,4" should do it. Well, I do know which ACL is matching, just not which line. I'll go for the query log. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin

Re: [squid-users] [ext] Re: Log resolved IP somehow?

* Ralf Hildebrandt : > I'll go for the query log. Jun 18 16:29:08 proxy-cvk-1 unbound[42287]: [1560868148] unbound[42287:1] info: response for ih.adscale.de. A IN Jun 18 16:29:08 proxy-cvk-1 unbound[42287]: [1560868148] unbound[42287:1] info: reply from 193.108.91.117#53 ... Jun 18

[squid-users] Squid-5.0.1 affected by the recent advisories?

Yesterdays advisories didn't list squid-5.x, but is squid-5.x really not affected? Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 57

[squid-users] Development goals in Squid-6?

What are the main development goals for Squid-6? I wonder if I should already start tracking HEAD with at least one machine. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30

Re: [squid-users] [ext] Re: Development goals in Squid-6?

* Amos Jeffries : > On 17/02/20 9:48 pm, Ralf Hildebrandt wrote: > > What are the main development goals for Squid-6? > > I wonder if I should already start tracking HEAD with at least one > > machine. > > We do not have a goal for v6 yet. It is just accumulating code

Re: [squid-users] [ext] Re: Squid and DoH

s someone maintaining such a list? There's one in the wikipedia entry. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570

Re: [squid-users] [ext] Re: Squid and DoH

* Ralf Hildebrandt : > * Andrea Venturoli : > > On 2020-02-29 14:17, Matus UHLAR - fantomas wrote: > > > > > I guess DoH means dns over https and thus needs sslbump enabled.  the easy > > > but limited way would be to disable connections to publicly available D

Re: [squid-users] [ext] Squid + ClamAV

* Andrea Venturoli : > Hello. > > Is this the right place to discuss Squid + C-ICAP + SquidClamAV + ClamAV? What do you need SquidClamAV for? I'm running Squid + C-ICAP + ClamAV only. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk C

Re: [squid-users] [ext] Squid + ClamAV

* Andrea Venturoli : > On 2020-03-06 16:24, Ralf Hildebrandt wrote: > > * Andrea Venturoli : > > > Hello. > > > > > > Is this the right place to discuss Squid + C-ICAP + SquidClamAV + ClamAV? > > > > What do you need SquidClamAV for? > > In

Re: [squid-users] [ext] Squid + ClamAV

APHICS STREAM DOCUMENT (as you see in my example above, Shockwave Flash is grouped under GRAPHICS) They probably fall into the TEXT category. Ralf Hildebrandt Charité - Universitätsmedizin Berlin Geschäftsbereich IT | Abteilung Netzwerk Campus Benjamin Franklin (CBF) Haus I | 1. OG | Raum 105 Hin

Re: [squid-users] compression in Squid

or expensive link (ie satellite). So the proxies are compressing everything (between them? between proxy and internet? between client and proxy?) -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite

Re: [squid-users] compression in Squid

* Ralf Hildebrandt : > I don't understand this feature. Why is the compressed data not simply > passed on to the client? > > > The primary use-case is for Squid installations where two proxies are > > used to reduce bandwidth over a slow or expensive link (ie satellite

Re: [squid-users] squid restarts too often.

halfClosedReader != NULL" http://lists.squid-cache.org/pipermail/squid-users/2015-June/003977.html But hey, 3.5.22 is the most recent 3.5.x version. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http:/

Re: [squid-users] Squid 4.0.x = SNI Support

* sebastien.boulia...@cpu.ca : > Hi all, > > Anyone can confirm me if Squid 4.0.x support SNI ? SNI when doing what? ssl bump? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.c

[squid-users] URL sometimes reurns empty response

length of "Microsoft NCSI"). < Cache-Control: max-age=30,must-revalidate Immediatly after revalidating, the problem occurs. I tried this with 5.0.0-20170421-r15126 as well as 4.0.19 - same result. -- Ralf Hildebrandt Charite Universitätsmedizin Berl

Re: [squid-users] URL sometimes reurns empty response

* Yuri Voinov : > If you add this URL to cache deny rule - problem still exists? Using this: # START acl nocaching url_regex "^http://www\.(msftconnecttest|msftncsi)\.com" cache deny nocaching # ENDE And yes, problem still exists... -- Ralf Hildebrandt

Re: [squid-users] URL sometimes reurns empty response

n a non pipelined read: excess = 14 url = /ncsi.txt > > (zero-length body) It seems that squid is returning an incorrect Content-Lenght: header while the revalidation is still fresh/ongoing. I haven't yet tried tcpdumping the response to check if the 14 bytes do indeed contain the corr

Re: [squid-users] URL sometimes reurns empty response

* Ralf Hildebrandt : > It seems that squid is returning an incorrect Content-Lenght: header > while the revalidation is still fresh/ongoing. > > I haven't yet tried tcpdumping the response to check if the 14 bytes > do indeed contain the correct string. And voila - here w

Re: [squid-users] URL sometimes reurns empty response

E2DB26E51E59C50B50A Ref B: AMS04EDGE0506 Ref C: Sat Apr 29 05:30:12 2017 PST Date: Tue, 02 May 2017 13:27:27 GMT Age: 1 X-Cache: HIT from proxy-cbf-1 Via: 1.1 proxy-cbf-1 (squid/5.0.0-20170429-r15127) Connection: keep-alive Länge: 0 [text/plain] -- Ralf Hildebrandt

[squid-users] Tagged ACLs?

agging" rejects or logging the ACL that caused the rejection? (Using squid-5 HEAD here) -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Ges

[squid-users] Reverse DNS Lookup for client IPs

mber of reverse lookups dropped considerably. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49

Re: [squid-users] FATAL error while using dstdomain directive

gle.com' is a subdomain of 'google.com' > 2017/06/20 15:37:37| ERROR: You need to remove '.google.com' from the ACL > named 'ban_list' It SAYS what you need to do... > erickom@proxy:/etc/squid3$ cat ban_list > google.com Remove .google.com > yout

[squid-users] Squid-5 ETA?

Is there any ETA for squid5? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155

Re: [squid-users] Squid-5 ETA?

* Amos Jeffries : > On 19/07/17 21:52, Ralf Hildebrandt wrote: > > Is there any ETA for squid5? > > > > If I'm optimistic and assume that development gets back into the old rythmn > we had going for most of 3.x, then sometime late 2018 or early 2019. > > Or di

[squid-users] Lots of "error:transaction-end-before-headers" in my log

579 1931714 1.9% access.log-20170807 303962 7472408 4% I'm using squid-5.0.0-20170709-r15238. Is there any way of finding out what kind of queries cause this? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin ht

[squid-users] Upper limit on the number of regular expressions in url_regex?

8 15:56:45.431| 28,2| RegexData.cc(125) compileRE: compiled 'http://027tzx.com/lscpv' with flags 9 ... But why is it failing? Background: === Running squid with > 1 regular expressions causes all kinds of strange behaviour - that'S why I noticed the problem in th

Re: [squid-users] Upper limit on the number of regular expressions in url_regex?

* Ralf Hildebrandt : > But why is it failing? I reordered the file sort -r /etc/squid5/generated-rw_urlbl.acl > /etc/squid5/generated-rw_urlbl.acl.new mv /etc/squid5/generated-rw_urlbl.acl.new /etc/squid5/generated-rw_urlbl.acl and reconfigured squid: 2017/08/08 16:27:50.463

Re: [squid-users] Upper limit on the number of regular expressions in url_regex?

e regular expressions for a list of 1+ _fixed_ URLs ? What is the alternative? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsb

Re: [squid-users] Lots of "error:transaction-end-before-headers" in my log

eries", > but if you want to learn more about them and/or to check Squid's > classification, consider collecting a packet capture (and access-log > client ports so that it is easier to find the matching packets in the > capture). I found that some portion is caused by &q

Re: [squid-users] Lots of "error:transaction-end-before-headers" in my log

* Alex Rousskov : > On 08/09/2017 02:21 AM, Ralf Hildebrandt wrote: > > > I found that some portion is caused by "ldirectord" probing if the > > proxy service on port 8080 is still active & working. > > "active" -- maybe, but "working"

[squid-users] Lots of "BUG 3279: HTTP reply without Date:" after update to squid-5.0.0-20171117-r4d27d0a

DATED 2017/11/22 11:16:03| StoreEntry->swap_dirn: -1 2017/11/22 11:16:03| StoreEntry->swap_filen: -1 2017/11/22 11:16:03| StoreEntry->lock_count: 3 2017/11/22 11:16:03| StoreEntry->mem_status: 0 2017/11/22 11:16:03| StoreEntry->ping_status: 2 2017/11/22 11:16:03| StoreEntr

[squid-users] Logging/stats for Delay Pools Under Squid?

I do know how to set-up delay pools, but how can I verify that they're working? Are there any logs or statictics? -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin https://www.charite.de Hindenbur

Re: [squid-users] [squid 3.5.5] security Update Advisory SQUID-2016:2

47> I tried today's snapshot and yes, it crashes for me. Will produce a backtrace -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.deCampus Benjamin Franklin http://www.charite.de Hindenburg

Re: [squid-users] [squid 3.5.5] security Update Advisory SQUID-2016:2

* Ralf Hildebrandt : > > Maybe yes, maye no. It seems to be one of those things that passes all > > testing, then hits in production. > > > > A few people seem to encounter it immediately, though I dont have a > > clear picture yet about whether it affects e

Re: [squid-users] Squid 3.5.16 and vary loop objects (bug ?)

* Silamael : > As I'm currently updating too: is this a bug or have I only to clear the > old cache directories to prevent these error messages? Clearing the cache doesn't help (for long). It's a bug. -- Ralf Hildebrandt Charite Universitätsmedizin

  1   2   >