Re: [squid-users] 3.1.x compile errors using ssl_crtd

From: Linos <info_at_linos.es>
Date: Tue, 29 May 2012 23:23:14 +0200

El 29/05/12 19:32, Eliezer Croitoru escribió:
> On 29/05/2012 17:23, Linos wrote:
>> El 29/05/12 15:43, Eliezer Croitoru escribió:
>>> well i have tried compiling squid 3.2.0.17 and it was built fine.
>>>
>>> i wrote a basic way to compile squid on ubuntu 10.04 and 12.04 with all the dev
>>> dependencies required to compile it at:
>>>
>>> http://ubuntuforums.org/showpost.php?p=11958889&postcount=2
>>>
>>> Eliezer
>>>
>>
>> I am using squid-3.2.0.17-20120527-r11561 (the last daily build) right now, it
>> compiles cleanly but have any bugs (well it is a beta version so it isn't
>> unexpected), i have reported one at
>> http://bugs.squid-cache.org/show_bug.cgi?id=3556
>>
>> So i can't compile stable versions and beta versions have bugs, given this is a
>> production machine i don't have still a working solution.
>>
>> Regards,
>> Miguel Angel.
> as i wrote.. i have compiled the stable versions without any problem.
> can you share you squid.conf?
>
> Eliezer
>

you wrote that you compiled 3.2.0.17, like you can see here
http://www.squid-cache.org/Versions/ 3.2.0.17 it's a beta version, like i wrote
i have compiled this too and found any bugs in it.

I am not sure what it is the value of squid.conf in a compilation problem but
anyway this are the uncommented lines:

external_acl_type request_body children-max=20 %{Content-Length}
/etc/squid3/request_body_max_size.sh
acl request_max_aulas external request_body 104857
acl srv_aulas src 192.168.2.200/32
acl oficinas src 192.168.0.0/24
acl aulas1 src 192.168.2.0/24
acl aulas2 src 192.168.3.0/24
acl wifi_alumnos src 192.168.4.71-192.168.4.254/32
acl wifi_profesores src 192.168.4.1-192.168.4.70/32
acl hostsprohibidos src "/etc/squid3/hostsprohibidos"
acl urlaprobadas url_regex -i "/etc/squid3/urlaprobadas"
acl urlprohibidasaulas url_regex -i "/etc/squid3/urlprohibidasaulas"
acl urlprohibidasoficinas url_regex -i "/etc/squid3/urlprohibidasoficinas"
acl extensionesprohibidas url_regex -i "/etc/squid3/extensionesprohibidas"
acl whitenet src "/etc/squid3/whitehosts"
acl maniana time SMTWHFA 06:00-16:00
acl tarde time SMTWHFA 16:00-23:59 00:00-06:00
acl extensionestarde url_regex -i "/etc/squid3/extensionestarde"
acl msnmsg url_regex ^http://gateway\.messenger\.hotmail\.com/gateway/gateway\.dll
acl msnmsg url_regex ^http://64\.4\.[^/]*/gateway/gateway\.dll
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny aulas1 request_max_aulas
http_access deny aulas2 request_max_aulas
http_access allow whitenet
http_access allow all urlaprobadas
http_access allow oficinas !urlprohibidasoficinas
http_access allow wifi_alumnos !urlprohibidasoficinas
http_access allow wifi_profesores !urlprohibidasoficinas
http_access allow aulas1 maniana !msnmsg !hostsprohibidos !urlprohibidasaulas
!extensionesprohibidas
http_access allow aulas2 maniana !msnmsg !hostsprohibidos !urlprohibidasaulas
!extensionesprohibidas
http_access allow aulas1 tarde !msnmsg !hostsprohibidos !urlprohibidasaulas
!extensionestarde
http_access allow aulas2 tarde !msnmsg !hostsprohibidos !urlprohibidasaulas
!extensionestarde
http_access deny all
http_port 3128 transparent
http_port 3150 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=16MB cert=/etc/squid3/ssl_cert/cert.pem
always_direct allow all
ssl_bump allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /var/spool/squid_ssl_db -M 16MB
sslcrtd_children 16
memory_replacement_policy heap LFUDA
cache_replacement_policy heap LFUDA
cache_dir aufs /var/spool/squid3 15000 16 256
maximum_object_size 40960 KB
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern . 0 20% 4320
store_avg_object_size 50 KB
delay_pools 2
delay_class 1 2 # pool 1 is a class 2 pool
delay_class 2 2 # pool 2 is a class 2 pool
delay_access 1 allow oficinas
delay_access 1 allow wifi_profesores
delay_access 1 deny all
delay_access 2 allow wifi_alumnos
delay_access 2 allow aulas1
delay_access 2 allow aulas2
delay_access 2 deny all
delay_parameters 1 2500000/3125000 1024000/1296000
delay_parameters 2 2500000/3125000 512000/600000
delay_initial_bucket_level 90
dns_nameservers 80.58.61.250 8.8.8.8

Regards,
Miguel Angel.
Received on Tue May 29 2012 - 21:23:22 MDT

This archive was generated by hypermail 2.2.0 : Wed May 30 2012 - 12:00:06 MDT