Re: squid-users-digest Digest V99 #449

From: <jebga@dont-contact.us>
Date: Wed, 1 Dec 1999 14:08:09 +0100

Why my squid can't write on my cache & logs dirs even if i'm root and
even if I've tried chmod 777 on both???
I've 2.2STABLE5

Renato Gallo

> squid-users-digest Digest Volume 99 : Issue 449
>
> Today's Topics:
> Re: Chaining problem [ Henrik Nordstrom
<hno@hem.passagen.
> ]
> what might cause this? [ Jon Mansey
<jon@interpacket.net> ]
> Delay pool problem? [ Craig Heading
<tasdevil@winsoft.net
> ]
> Re: SSL to login.oscar.aol.com:5190 [ Jeffrey Borg
<jeffrey@borgs.net> ]
> Peers don't work ? [ list-squid@news.cistron.nl
(Miquel
> ]
> Re: Peers don't work ? [ Henrik Nordstrom
<hno@hem.passagen.
> ]
> PPP must be connected [ Derek Del Conte
<derek@gambitdesign
> ]
> Restirct number of sessions/Web abus [ Trevor Palmer
<trevor@afs.net.au> ]
> Re: Delay pool problem? [ david@luyer.net ]
> allowing access to secured sites [ Motley Fool
<mdewar@fiber-net.com>
> ]
> Re: Restirct number of sessions/Web [ visolve cache
<visolve_cache@yahoo.
> ]
> Re: Peers don't work ? [ Awais Riaz
<awais@isb.pol.com.pk> ]
> Re: allowing access to secured sites [ Tilman Schmidt
<Tilman.Schmidt@sema
> ]
> Serving outside with internal domain [ Richard van Denzel
<richardd@intera
> ]
> invalid request [ "Saheed Akhtar"
<S.Akhtar@talis.com
> ]
> expiry and ims question [ dean.scothern@wwgsolutions.com
]
> Squid and RH6.1 [ "CarolB" <edluzen@buffnet.net>
]
> please help! [ "M. Richardson"
<mikerich@big.net.a
> ]
> Unsubscribing Help [ "Guillermo Garron"
<ggarron@zuper.n
> ]
> no_cache do not work [ Mehrdad Fatemi
<fatemi@afranet.com>
> ]
> Real audio problem [ Todd Vinson
<tvinson@uswest.com> ]
> Ftp ACL. [ Marcelo Carneiro Rodrigues
<marcelo
> ]
> Re: Peers don't work ? [ list-squid@news.cistron.nl
(Miquel
> ]
> Re: Peers don't work ? [ list-squid@news.cistron.nl
(Miquel
> ]
>
> John Doe wrote:
>
> > But I want my users to access my local domain web and ftp site
directly.
>
> See always_direct
>
> --
> Henrik Nordstrom
> Squid hacker
>
> 1999/11/26 13:00:27| WARNING: FD 37635 has handlers, but it's invalid.
> 1999/11/26 13:00:27| FD 37635 is a None
> 1999/11/26 13:00:27| -->
> 1999/11/26 13:00:27| tmout:0x0 read:0x0 write:0x0
> 1999/11/26 13:00:27| WARNING: FD 402995332 has handlers, but it's
invalid.
> FATAL: Received Segment Violation...dying.
> 1999/11/26 13:00:27| storeDirWriteCleanLogs: Starting...
>
> According to the docs, the max/restore/current figures are specified in
> characters per second. So to achieve the figures as shown below by cache
> manager would indicate a link of at least a meg would it not? We dont
> quite have that much bandwith so I'm curious as to what is going on? (I
> set the high max/restore to see what the current figure would show).
>
> Using latest 2.2.5 (i think) with patch #1 (that fixes the linux poll
> problem).
> any help appreaciated.
> thanks
>
>
> Pool: 3
> Class: 2
>
> Aggregate:
> Max: 935000
> Restore: 948000
> Current: 934911
>
> Individual:
> Max: 35840
> Rate: 7168
> Current: 0:35840 138:17831 1:17920
>
> >
> > I think this is AOL Instant Messenger at work?
> >
> > 943629433.296 2 192.168.0.2 TCP_DENIED/403 984 CONNECT
> login.oscar.aol.com:5190 - NONE/- -
>
> Yes
>
> because a HTTPS proxy is just a tcp plug really it's picked up a https
> setting say from netscape browser config or ie config and it's trying to
> use it not knowing that by default squid.conf file has all ports blocked
> for connect method except 443 (which is normal ssl)
>
> A) you can just add it to your safe ports list for ssl
> B) as you have a private ip address there you might just want to use ip
> masquerading /nat etc......
>
> oh yes it could even be msn messanger
> anything which uses TCP can work thru the connect method! that's why it's
> restricted because anybody can do telnet/ftp/pop/smtp any other tcp based
> protocol through it
>
> Jeff
>
> I recently had a look at the cache manager output for my squid, which
> I hadn't done for way to long. Squid-2.2STABLE5.
>
> If I restart squid, the "peer cache statistics" seem to work OK for
> some time, and then LAST QUERY and LAST REPLY jump to a very big
> number and the other output doesn't make sense anymore either.
>
> Looks like this:
>
> Sibling : toutatis.xs4all.nl/8080/3130
> Flags : no-digest
> Address[0] : 194.109.6.90
> Address[1] : 194.109.6.96
> Status : Up
> AVG RTT : 0 msec
> LAST QUERY : 943808872 seconds ago
> LAST REPLY : 943808872 seconds ago
> PINGS SENT : 0
> PINGS ACKED: 0 0%
> FETCHES : 0 0%
> IGNORED : 0 0%
> Histogram of PINGS ACKED:
> keep-alive ratio: 0%
>
> Squid has only been running for an hour or so, not 943808872
> seconds. OTOH, 943808872 looks a lot like a time_t:
>
> % perl -e 'print scalar localtime 943808872, "\n";'
> Sun Nov 28 18:07:52 1999
>
> Is this a known bug? I didn't find any mention of this on the current
> STABLE5 bug list (I did apply all patches there).
>
> Mike.
> --
> First things first, but not necessarily in that order.
> --
> The From: and Reply-To: addresses are internal news2mail gateway
addresses.
> Reply to the list or to miquels@cistron.nl (Miquel van Smoorenburg)
>
> Miquel van Smoorenburg wrote:
>
> > If I restart squid, the "peer cache statistics" seem to work OK for
> > some time, and then LAST QUERY and LAST REPLY jump to a very big
> > number and the other output doesn't make sense anymore either.
>
> Are you sure it works in the beginning? From the status shown it looks
> like your sibling never got queried (or used).
>
> How are your peers configured?
>
> --
> Henrik Nordstrom
> Squid hacker
>
> Hi,
>
> (If this is in a manual or FAQ, let me know.)
>
> I have a machine running RH 6.1 acting as a file server for several
> Windows 98 machines. What I've found is that PPP must be connected in
> order for the Windows machines to connect to the RH box. Now this is
not a
> big deal because PPP is connected all day, but I would really like to
know
> if there is a way that PPP doesn't need to be connected for Samba to
> work. Thank You.
>
>
> Derek Del Conte - derek@gambitdesign.com
> ____
> Gambit Design Internet Services - http://www.gambitdesign.com
>
> I have a 64K ISDN internet connection which is often saturated by users
> downloading junk from the web.
> I don't particularly want to deny access, just slow them down.
> Can squid be configured to restrict the number of sessions per PC and/or
> restrict the maximum bandwidth to a PC.
>
> Thanks in advance,
> Trevor Palmer.
>
> > According to the docs, the max/restore/current figures are specified in
> > characters per second. So to achieve the figures as shown below by
cache
> > manager would indicate a link of at least a meg would it not?
>
> Max = max bytes in pool (from config)
> Restore = bytes/sec restore rate (from config)
> Current = current pool value
>
> The figures don't tell you much about your link capacity.
>
> David.
> --
> David Luyer . . www.zipworld.net
> Network Engineer . zipworld Zip World is
> Phone: +61 2 9253 5755 . . proudly part of the
> Fax: +61 2 9247 5276 . . Pacific Internet Group
>
> NOt sure this got thru.
> haven't seen it show up so will try again.
>
> running the nt version of squid (no flames please). the version by romeo.
>
> anyhow it is working fine except for when we try to get to like
nationbanks
> secrued site to check bank account or authorize net to do our credit card
> transactions the sites will not come up.
> i assume its a setting in squid.conf but i can not find it. does squid
> allow for these type of sites ? if so what setting do i need to enable.
> i have read the faq on the squid home page and searched the archives but
> found nothing that seemed to be related.
>
> thanks
> mark
>
> Hi
> You can use DELAY POOL PARAMETERS directives
> available in squid configuration file.
>
> regards
> visolve cache
>
> --- Trevor Palmer <trevor@afs.net.au> wrote:
> > I have a 64K ISDN internet connection which is often
> > saturated by users
> > downloading junk from the web.
> > I don't particularly want to deny access, just slow
> > them down.
> > Can squid be configured to restrict the number of
> > sessions per PC and/or
> > restrict the maximum bandwidth to a PC.
> >
> > Thanks in advance,
> > Trevor Palmer.
> >
> >
>
> __________________________________________________
> Do You Yahoo!?
> Thousands of Stores. Millions of Products. All in one place.
> Yahoo! Shopping: http://shopping.yahoo.com
>
> Looks like your dead peer timeout value is being reached. Most probably
> no ICP queries are exchanged and squid stops trying after dead peer
> timeout miliseconds.
>
> Awais
>
>
>
>
>
> > Miquel van Smoorenburg wrote:
> >
> > > If I restart squid, the "peer cache statistics" seem to work OK for
> > > some time, and then LAST QUERY and LAST REPLY jump to a very big
> > > number and the other output doesn't make sense anymore either.
>
> At 21:28 28.11.99 -0500, Motley Fool wrote:
> >NOt sure this got thru.
>
> It did. But it was weekend, and some people (like me) were with
> their families instead of reading squid-users.
>
> >anyhow it is working fine except for when we try to get to like
nationbanks
> >secrued site to check bank account or authorize net to do our credit
card
> >transactions the sites will not come up.
>
> Did you configure the browser to use your Squid as a security as
> well as HTTP proxy? If you are using Netscape, did you vary the
> capitalization of the proxy server's name between "HTTP" and
> "Security" to avoid its "sending clear text" bug?
>
> --
> Tilman Schmidt E-Mail: Tilman.Schmidt@sema.de (office)
> Sema Group Koeln, Germany tilman@schmidt.bn.uunet.de (private)
>
> Hi,
>
> Our domain (interaccess.nl) is used internally, except for our
> web-server (www.interaccess.nl) which is located at an ISP here in
> Holland.
>
> Is it possible to configure squid to server this web-server, e.g. how do
> I convince squid that the web-server in not located internal, but this
> one should be looked up outside our domain.
>
> Regards,
>
> Richard.
>
> I am using squid version 2.0 patch-level 2
>
> I am getting the following error message :
>
> Nov 29 12:22:13 orac squid[29083]: clientReadRequest: FD 13 Invalid
Request
>
> any ideas ??
>
> Hello,
>
> I'm having a problem understanding how squid interacts with a web server
(in
> this case apache 1.3.9) and solving a file update problem:
>
> 1) I create a file on the server eg aazz.ppt or bbtz.exe (size 46k)
> 2) I use wget to fetch it via squid.
> 3) I modify it (size 75k)
> 3) I get it again using wget.
>
> Well it doesn't always update correctly and I'm pulling my hair out to
work
> out
> why.
> Basically it takes a while to update, usually a few minutes, but
sometimes
> never.
> After I've done this a few times it tends to settle down and updates work
> fine.
> I don't want to go trolling through my squid deleting files so what can
I do?
>
> I thought that this sort of thing was automatic, and that squid does a
ims
> check
> with the web server.
>
> The squid cache has one sibling for the domain, is this important?.
>
> Please help.
>
> 2.2STABLE4
>
> Regards
>
> Dino
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META content="text/html; charset=iso-8859-1"
http-equiv=Content-Type>
> <META content="MSHTML 5.00.2722.2800" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV><FONT face=Arial size=2>Something very simple is going wrong,
but I'm too
>
> new to Llinux to catch it.</FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>I have taken the following
steps:</FONT></DIV>
> <DIV><FONT face=Arial size=2>1.&nbsp; Installed squid using rpm
> -e</FONT></DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; -squid installs,
although in a
>
> different directory pattern than the faq recommends</FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>2.&nbsp; Edited the squid.conf to look
> approximately like the sample&nbsp; (am wondering if my problem is in
this
> script edit ... if I do nothing, will squid -z just use the 'default'
> values?)</FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>3.&nbsp; Typed squid -z</FONT></DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; -caches created, and
> logs</FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>4.&nbsp; looked to run RunCache &amp;
-- can't
> find
> it anywhere.&nbsp; sigh.&nbsp; </FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>Could someone please explain what I
should
> do?</FONT></DIV></BODY></HTML>
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META content="text/html; charset=iso-8859-1"
http-equiv=Content-Type>
> <META content="MSHTML 5.00.2314.1000" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV><FONT face=Arial size=2>Hi there, thanks for
reading...&nbsp;&nbsp;&nbsp;
>
> </FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; I'm running Squid
2.1 Patch 2
> on
> a Debian system. This machine was recently rebooted without unmounting
the hard
>
> disks and squid has been having problems since. </FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; What actually
happens is that
>
> the RunCache process will die after about 30 - 120 minutes of activity,
but the
>
> 'squid -D -sNY' process will stay active... making the proxy server
online, but
>
> incredibly slow, often causing timeouts. </FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; I've tried
debugging... and I
>
> get the error message 'FATAL: could not find or read error text file'
> </FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; I've searched every
where I
> could to try and find this file, or any reference to it in
> squid.conf.</FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>&nbsp;&nbsp;&nbsp; Also, is there a way
I can find
>
> out what configuration squid is using by default... as there are several
on
> this
> system and I could easily be editing the wrong one.</FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>Thankyou in advance, </FONT></DIV>
> <DIV>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>Michael.</FONT></DIV></BODY></HTML>
>
> Please ,
>
> can anyone please tell me how to unsuscribe from this list?
>
> Thanks a lot.
>
> Guillermo Garron
>
> I'm running squid 22s4 on redhat 6.0
> I set to not cache some sites like cnn,ft,..
> But the no_cache tag doesn't work with my acl's
> Like :
> acl nocache1 url_regex cnn.com
> no_cache deny nocache1
> any info appreciated
>
> All,
>
> I have been using Squid ver 2.2STABLE5 for some time now with great
> results except for Real Audio content. Before using Squid I was using
> NS Proxy 3.52 which did not seem to exhibit the same behavior. Here is
> what happens when I try to connect to let's say www.abcnews.go.com:
>
> 1. Click on RA link.
> 2. Player executes.
> 3. Real audio content buffers at over 200K per second.
> 4. As soon as buffering is complete, I receive "Connection to server
> has been lost, you may be experiencing network problems."
>
> I have verified that it is not a network problem. Also, as a point to
> note, my RA player is the G2 version using an http based proxy - Squid.
> All settings are to "use http only" under transport.
>
> Any and all help/experiences would be great!
>
>
> the last thing i need to finish setting my squid :
>
> how to block access to all ftp sites, except the sites included in a
> predefined list ?
>
> example:
>
>
> need to access ftp://ftp.symantec.com and ftp://ftp.netscape.com, but
> block all others.
>
>
> thanks for any help,
>
>
> Marcelo
>
> In article <cistron.3841BB59.7398B9F@hem.passagen.se>,
> Henrik Nordstrom <hno@hem.passagen.se> wrote:
> >Miquel van Smoorenburg wrote:
> >
> >> If I restart squid, the "peer cache statistics" seem to work OK for
> >> some time, and then LAST QUERY and LAST REPLY jump to a very big
> >> number and the other output doesn't make sense anymore either.
> >
> >Are you sure it works in the beginning? From the status shown it looks
> >like your sibling never got queried (or used).
>
> Yes, it does work. When I restart squid it looks like:
>
> Sibling : toutatis.xs4all.nl/8080/3130
> Flags : no-digest
> Address[0] : 194.109.6.96
> Address[1] : 194.109.6.90
> Status : Up
> AVG RTT : 372 msec
> LAST QUERY : 84 seconds ago
> LAST REPLY : 83 seconds ago
> PINGS SENT : 3
> PINGS ACKED: 3 100%
> FETCHES : 0 0%
> IGNORED : 1 33%
> Histogram of PINGS ACKED:
> ICP_MISS : 3 100%
> keep-alive ratio: 0%
>
> Then LAST QUERY and LAST REPLY grow bigger and bigger. Of all my peers
> they are the _exact_ same value.
>
> It looks like the peers are only queried once, at startup, and never
> again after that. Configuration looks like this:
>
> cache_peer toutatis.xs4all.nl sibling 8080 3130 no-digest
>
> And they are most definitely talking:
>
> 20:29:19.756474 holodeck.cistron.nl.icpv2 > twasnix.xs4all.nl.icpv2: udp
66
> 20:29:19.976710 twasnix.xs4all.nl.icpv2 > holodeck.cistron.nl.icpv2: udp
74
> 20:29:19.978395 holodeck.cistron.nl.icpv2 > twasnix.xs4all.nl.icpv2: udp
70
> 20:29:20.602411 twasnix.xs4all.nl.icpv2 > holodeck.cistron.nl.icpv2: udp
71
> [lots and lots of this]
>
> And it now looks like:
>
> Sibling : toutatis.xs4all.nl/8080/3130
> Flags : no-digest
> Address[0] : 194.109.6.96
> Address[1] : 194.109.6.90
> Status : Up
> AVG RTT : 372 msec
> LAST QUERY : 693 seconds ago
> LAST REPLY : 692 seconds ago
> PINGS SENT : 3
> PINGS ACKED: 3 100%
> FETCHES : 0 0%
> IGNORED : 1 33%
> Histogram of PINGS ACKED:
> ICP_MISS : 3 100%
> keep-alive ratio: 0%
>
> Mike.
> --
> First things first, but not necessarily in that order.
> --
> The From: and Reply-To: addresses are internal news2mail gateway
addresses.
> Reply to the list or to miquels@cistron.nl (Miquel van Smoorenburg)
>
> In article
>
<cistron.Pine.LNX.3.96.991128224518.4331A-100000@cal026031.student.utwente.nl>,
>
> Mark Visser <mark@cal026031.student.utwente.nl> wrote:
> >> I recently had a look at the cache manager output for my squid, which
> >> I hadn't done for way to long. Squid-2.2STABLE5.
> >>
> >> If I restart squid, the "peer cache statistics" seem to work OK for
> >> some time, and then LAST QUERY and LAST REPLY jump to a very big
> >> number and the other output doesn't make sense anymore either.
>
> I found out why this is. At startup, all peers are dead. Then after
> some time all peers are _reported_ to be alive for a certain period.
> Then they are dead again.
>
> It has to do with something that I traced back to neighbors.c, and
> then I found out what caused it: I never queried any neighbors at all.
>
> >Hmm..je config is fout dan ;)
> >Guess more a config bugje...Have seen it a few times before.
>
> Indeed, I had an "always_direct allow cisnet" where "cisnet" is
> my local network .. but ofcourse you need to define that as
> a "dst" ACL, not a "src" ACL :/
>
> The output from "peer cache statistics" could be improved though;
> if it had told me none of the peers were ever queried I would have
> found the solution a lot earlier.
>
> Mike.
> --
> First things first, but not necessarily in that order.
> --
> The From: and Reply-To: addresses are internal news2mail gateway
addresses.
> Reply to the list or to miquels@cistron.nl (Miquel van Smoorenburg)
Received on Wed Dec 01 1999 - 06:29:39 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:41 MST