Hi,
I've created a patch for squid-deb-proxy-client bug as below.
But I'm not sure it's okay to override conffile under /etc with
symlink. Any comments? If not, I'll upload it.
On Sat, 16 Mar 2019 15:58:30 +0900 Hideki Yamane wrote:
> How about moving 30autoproxy t
Package: wnpp
Severity: wishlist
Owner: Daniel Swarbrick
* Package name: prometheus-squid-exporter
Version : 1.4
Upstream Author : Mohamad Arab
* URL : https://github.com/boynux/squid-exporter
* License : MIT
Programming Lang: Go
Description
Package: wnpp
Severity: wishlist
Owner: hiroshi
* Package name: squid-prefetch
Version : 1.1-3
Upstream Author :
* URL :
* License : (public domain)
Programming Lang: Perl
Description : Simple page-prefetch for Squid3 web proxy
Squid-Prefetch will
Control: reassign -1 wnpp
On Du, 15 sep 13, 15:06:22, Jacques Serfontein wrote:
> Package: squidanalyzer
> Severity: wishlist
> URL: http://squidanalyzer.darold.net
> License: GPL v3
Could you add the long description as well?
Kind regards,
Andrei
--
http://wiki.debian.org/FAQsFromDebianUser
Of
Hi all,
I need some advise from more experienced maintainers on the migration process
from current (2.7) squid packages to the new (3.3) squid3 packages. Until now,
since there was no complete feature compatibility between the two, base
packages (squid{,3}{,-common,-dbg}) have been kept
answere is "in the Debian bugreport" as linked in the
initial mail:
http://lists.debian.org/debian-devel/2010/05/msg00494.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=56
I search a bit around, and discovered that this might be caused by a
bug in the handling of I
Debian bug a while back when first looking at optimizing the
> request parsing for Squid. With the thought of increasing the Squid threshold
> for pipelined requests as many are suggesting.
>
>
> There were a few factors which have so far crushed the idea of solving it in
> Sq
Strange that you should not know where the patch is Goswin since you
were the first and only one to mention it in this thread.
The answer is "in the upstream bug report".
http://bugs.squid-cache.org/show_bug.cgi?id=2624
It should be noted that patch only affects the IMS replies apt gets back
s
On Wed, May 19, 2010 at 03:28:00PM +0200, Bjørn Mork wrote:
> Pierre Habouzit writes:
> > On Wed, May 19, 2010 at 10:42:55AM +0200, Bjørn Mork wrote:
> >
> >> 2) http proxy servers cannot always process pipelined requests due to
> >>the complexity this adds (complexity is always bad for securi
Daniel Burrows writes:
> On Wed, May 19, 2010 at 03:28:00PM +0200, Bjørn Mork was
> heard to say:
>> Pierre Habouzit writes:
>> > This is bullshit. It's *VERY* easy to "support" pipelining: parse one
>> > request at a time, and until you're done with a given request, you just
>> > stop to watc
David Kalnischkies writes:
> Hi all,
>
> i don't want to interrupt your battles so feel free to ignore me,
> but i want to raise some questions (for you and me) none the less:
>
> The notice about the - in the eyes of the writer of this manpage
> section - broken
; many proxy servers.
Sure. I was talking about conformance. A proxy / server that screws that
up deserves to be shot. And from the description of the probem this part
actualy works in squid, people WOULD have noticed otherwise. Squids
problem seems to be that it does break later when processing the
res
y and 2) explain what is
probably happening.
That way most people would get the speed benefit and installations would
still not break when broken software is encountered.
MfG
Goswin
PS: That doesn't mean squid shouldn't be fixed too.
--
To UNSUBSCRIBE, email to d
On Wed, May 19, 2010 at 03:28:00PM +0200, Bjørn Mork was heard
to say:
> Pierre Habouzit writes:
> > This is bullshit. It's *VERY* easy to "support" pipelining: parse one
> > request at a time, and until you're done with a given request, you just
> > stop to watch the socket/file-descriptor for
Hi all,
i don't want to interrupt your battles so feel free to ignore me,
but i want to raise some questions (for you and me) none the less:
The notice about the - in the eyes of the writer of this manpage
section - broken squid version 2.0.2 in the apt.conf manpage
was changed the last ti
proxy server if it
can either forward a pipelined request or parallelize it. That's where
we get the complexity.
If you keep your simple serial strategy, then a pipelined request will
be slower than a parallel one.
> And your argument 1 applies perfectly to fixing squid by the way. It
> shoul
#include
* Robert Collins [Tue, May 18 2010, 02:02:59PM]:
> Given that pipelining is broken by design, that the HTTP WG has
And if not? Counter example, it seems to work just fine with my
apt-cacher-ng proxy, at least bug reports related to that have appeared
for about a year now.
> increased th
Bjørn Mork writes:
> Pierre Habouzit writes:
>> On Wed, May 19, 2010 at 10:42:55AM +0200, Bjørn Mork wrote:
>>
>>> 2) http proxy servers cannot always process pipelined requests due to
>>>the complexity this adds (complexity is always bad for security), and
>>
>> This is bullshit. It's *VE
e cause and a workaround.
>
> And FWIW I have experienced this problem for years too, but never
> figured out why until this discussion came up. And I do want to claim
> more than common user knowledge of http proxy servers. Still, it never
> occured to me that my spurious apt proble
On 2010-05-19, Goswin von Brederlow wrote:
> Reading that I don't think that is really a pipelining issue. You do not
> need pipelineing for it to work. The real problem is keep-alive. The
> connection isn't destroyed after each request so you can put multiple
> requests into the stream and exploi
Robert Collins writes:
> Well, I don't know why something has 'suddenly' become a problem: its
> a known issue for years. The HTTP smuggling
> [http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf]
> attacks made that very obvious 5 years ago now.
Reading that I don't think that is real
Pierre Habouzit writes:
> On Wed, May 19, 2010 at 10:42:55AM +0200, Bjørn Mork wrote:
>
>> 2) http proxy servers cannot always process pipelined requests due to
>>the complexity this adds (complexity is always bad for security), and
>
> This is bullshit. It's *VERY* easy to "support" pipelinin
just fine.
In addition to that, multiplying the tcp connections means more file
descriptors to be used at the http-server side, which is way inferior to
pipelining.
If squid fails when apt uses pipelining then squid is to be fixed.
I'd say that mentioning in the README.Debian of apt that disabling
d this problem for years too, but never
figured out why until this discussion came up. And I do want to claim
more than common user knowledge of http proxy servers. Still, it never
occured to me that my spurious apt problems could be caused by proxies.
And no, it's not just squid - I've
[Roger Lynn]
> But apt has been using pipelining for years. Why has this only just
> become a problem?
It has been a problem in Debian Edu for years. Just recently I
figured out the cause and a workaround.
Happy hacking,
--
Petter Reinholdtsen
--
To UNSUBSCRIBE, email to debian-devel-requ..
Bah, link staleness.
http://www.cgisecurity.com/lib/HTTP-Request-Smuggling.pdf just worked for me.
Also, I realise that there may be a disconnect here: squid *shouldn't*
break if a client attempts to pipeline through it - if it is, thats a
bug to be fixed, squid just will not read the s
On 19 May 2010 13:51, Robert Collins wrote:
> Well, I don't know why something has 'suddenly' become a problem: its
> a known issue for years. The HTTP smuggling
> [http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf]
> attacks made that very obvious 5 years ago now.
>From my Internet c
Well, I don't know why something has 'suddenly' become a problem: its
a known issue for years. The HTTP smuggling
[http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf]
attacks made that very obvious 5 years ago now.
http://en.wikipedia.org/wiki/HTTP_pipelining has a decent overview.
Its
On 18/05/10 03:10, Robert Collins wrote:
> Given that pipelining is broken by design, that the HTTP WG has
> increased the number of concurrent connections that are recommended,
> and removed the upper limit - no. I don't think that disabling
> pipelining hurts anyone - just use a couple more concu
Luigi Gangitano writes:
> Il giorno 17/mag/2010, alle ore 09.02, Goswin von Brederlow ha scritto:
>> Given that squid already has a patch, although only for newer versions,
>> this really seems to be a squid bug. As such it should be fixed in
>> squid as not only apt migh
On Tue, May 18, 2010 at 02:09:13PM +0200, Mike Hommey wrote:
> Mozilla browsers have had pipelining disabled for years, because
> reality is that a whole lot of servers don't implement it properly if at
> all.
Actually, I've had pipelining enabled for some time, and it works just
fine for me. I h
Il giorno 17/mag/2010, alle ore 09.02, Goswin von Brederlow ha scritto:
> Given that squid already has a patch, although only for newer versions,
> this really seems to be a squid bug. As such it should be fixed in
> squid as not only apt might trigger the problem.
Goswin, can you please
On Mon, May 17, 2010 at 09:54:28PM +0200, Florian Weimer wrote:
> * Petter Reinholdtsen:
>
> > I am bothered by http://bugs.debian.org/56 >, and the fact
> > that apt(-get,itude) do not work with Squid as a proxy. I would very
> > much like to have apt work o
* Goswin von Brederlow [100518 02:53]:
> Marvin Renich writes:
> > Documenting this problem somewhere that an admin would look when seeing
> > the offending "Hash sum mismatch" message would also help. Turning off
> > pipelining by default for everybody seems like the wrong solution to
> > this
* Robert Collins [100517 22:03]:
> Given that pipelining is broken by design, that the HTTP WG has
> increased the number of concurrent connections that are recommended,
> and removed the upper limit - no. I don't think that disabling
> pipelining hurts anyone - just use a couple more concurrent
>
Marvin Renich writes:
> * Robert Collins [100517 17:42]:
>> Due to the widespread usage of intercepting proxies, its very hard, if
>> not impossible, to determine if a proxy is in use. Its unwise, at
>> best, to assume that no proxy configured == no proxy processing your
>> traffic :(.
>>
>> -R
yone - just use a couple more concurrent
> connections.
Lots of [new] users are using Debian in Non-Debian infrastructure, which
may use unpatched squid. They would get a bad initial perception of
Debian, if it wasn't working with standard setup.
My 2cents,
Franklin
--
To UNSUBSCRIBE, e
Given that pipelining is broken by design, that the HTTP WG has
increased the number of concurrent connections that are recommended,
and removed the upper limit - no. I don't think that disabling
pipelining hurts anyone - just use a couple more concurrent
connections.
-Rob
--
To UNSUBSCRIBE, em
* Robert Collins [100517 17:42]:
> Due to the widespread usage of intercepting proxies, its very hard, if
> not impossible, to determine if a proxy is in use. Its unwise, at
> best, to assume that no proxy configured == no proxy processing your
> traffic :(.
>
> -Rob
IANADD, but if I had filed b
Due to the widespread usage of intercepting proxies, its very hard, if
not impossible, to determine if a proxy is in use. Its unwise, at
best, to assume that no proxy configured == no proxy processing your
traffic :(.
-Rob
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a
* Petter Reinholdtsen:
> I am bothered by http://bugs.debian.org/56 >, and the fact
> that apt(-get,itude) do not work with Squid as a proxy. I would very
> much like to have apt work out of the box with Squid in Squeeze. To
> fix it one can either change Squid to work with
Petter Reinholdtsen writes:
> I am bothered by http://bugs.debian.org/56 >, and the fact
> that apt(-get,itude) do not work with Squid as a proxy. I would very
> much like to have apt work out of the box with Squid in Squeeze. To
> fix it one can either change Squid to work
I am bothered by http://bugs.debian.org/56 >, and the fact
that apt(-get,itude) do not work with Squid as a proxy. I would very
much like to have apt work out of the box with Squid in Squeeze. To
fix it one can either change Squid to work with pipelining the way APT
uses, which the Sq
Lang: Python
Description : video cache to squid
Youtube Cache is a squid URL rewriter plugin which traps the requests
to squid for various audio/video websites and cache the audio/videos
in the local storage on proxy server for serving the subsequent requests
for the same audio/video. It caches the
PROTECTED]>
* URL : http://giannis.stoilis.gr/software/mysar/
* License : (GPL)
Programming Lang: (C and PHP)
Description : MySQL Squid Access Report is a reporting system for user
web traffic activity
MySQL Squid Access Report, mysar for short, is a reporting sys
pport 2.6 kernels, so anyone still insisting to
run Etch-squid with 2.4 kernels for whatever reasons, may still
disable epoll() support locally.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Tue, Jul 11, 2006 at 01:42:08AM +0100, Stephen Gran wrote:
> 4. Make it a runtime startup decision. More work to implement, but for
> things like this, it seems like a reaonably sane choice.
Having done this before it's fairly straightforward to achieve, even if
you can't assume libc support
On Jul 11, Luigi Gangitano <[EMAIL PROTECTED]> wrote:
> 3. drop support for older kernels (will etch release with a 2.4
> default kernel?)
No, so it's reasonable not to care.
--
ciao,
Marco
signature.asc
Description: Digital signature
This one time, at band camp, Luigi Gangitano said:
> severity 377697 important
> thanks
>
> [ I'm taking this to debian-devel seeking for broader consensus ]
>
> Latest versions of squid (2.6.x and 3.0.x) support the epoll()
> function that is provided by 2.6 ke
Thank you for the additional information you have supplied regarding
this problem report. It has been forwarded to the package maintainer(s)
and to other interested parties to accompany the original report.
Your message has been sent to the package maintainer(s):
Luigi Gangitano <[EMAIL PROTECTE
Processing commands for [EMAIL PROTECTED]:
> severity 377697 important
Bug#377697: New version of squid hangs at startup
Severity set to `important' from `normal'
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking syst
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
severity 377697 important
thanks
[ I'm taking this to debian-devel seeking for broader consensus ]
Latest versions of squid (2.6.x and 3.0.x) support the epoll()
function that is provided by 2.6 kernels. This speeds up seek
operations on
* Forte Systems - Iosif Peterfi wrote:
> Hello, I wanted to know if there is possible to add the zero
> penality hit patch for squid in the debian package tree.
File a wishlist bugreport against the squid package.
Norbert
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subj
Hello, I wanted to know if there is possible to add the zero
penality hit patch for squid in the debian package tree.
The patch is located at: http://www.it-academy.bg/zph/squid-2.5.STABLE10-ToS_Hit.patch
- for squid (2.5-10)
Thanks
--
This message was scanned for spam and
Hello, I wanted to know if there is possible to add the zero
penality hit patch for squid in the debian package tree.
The patch is located at: http://www.it-academy.bg/zph/squid-2.5.STABLE10-ToS_Hit.patch
- for squid (2.5-10)
Thanks
--
This message was scanned for spam and
Description : Squid ClamAV Redirector
Squid ClamAV Redirector is a Squid helper script to get virus scanning for
defined extensions (for example .exe, .com, .bat ...), thanks to the Clam
AntiVirus toolkit.
.
SCAVR handles the request as given from Squid, downloads the URL and scans i
Michelle Konzack said the following on 03.03.2005 11:56:
sorry, if this is the wrong list for my request. Maybe you could give me
the direction.
debian-user-german
Sorry for the noise here, and thanks for the hints. There exist bug
reports for the problems. FYI:
Logrotate:
http://bugs.debian.org
Am 2005-03-02 08:29:09, schrieb Klaus Fuerstberger:
> Hi,
>
> sorry, if this is the wrong list for my request. Maybe you could give me
> the direction.
debian-user-german
> #
> /etc/cron.daily/logrotate:
> error: error running shared prerotate scri
Re: Klaus Fuerstberger in <[EMAIL PROTECTED]>
> sorry, if this is the wrong list for my request. Maybe you could give me
> the direction.
Hello,
please check the BTS (bugs.debian.org) whether these bugs are already
filed. If not, please file them, if they are, you might be able to
provide useful
Hi,
sorry, if this is the wrong list for my request. Maybe you could give me
the direction.
After a dist-upgrade on various Machines from December04 to now the
following errors happend:
Sometimes, not always logrotate gives errors only on squid logs:
#
/etc/cron.daily/logrotate
On Tue, Oct 21, 2003 at 11:45:15AM -0200, Faturamento wrote:
> what the last squid proxy?
> the squid on my firm, die every time.
> have any site, specify for this?
See http://www.debian.org/distrib/packages and search for squid. There
is a mailing list called squid-users (see squid-
what the last squid proxy?
the squid on my firm, die every
time.
have any site, specify for
this?
tkz
fernando felizardo
On Sun, 21 Sep 2003 11:11:37 +1000
Brian May <[EMAIL PROTECTED]> wrote:
> Ok, this is driving me bananas. I go to download the latest
> unstable packages, only to find that apt-get update
> has just retrieved a cached copy of the Packages file that
> (in some cases) can be a month old.
I've seen s
Package: wnpp
Version: N/A; reported 2001-12-30
Severity: wishlist
* Package name: admuser
Version : 2.1
Upstream Author : Pedro Lineu Orso <[EMAIL PROTECTED]>
* URL : http://web.onda.com.br/orso/admuser.html
* License : GPL
Description : Manage Sq
Unless someone else has beat me to it (and I missed it) I'm going to be
uploading soon sqmgrlog. Sqmgrlog generates reports per user/ip/name from
squid log file.
Ivan
--
Ivan E. Moore II
[EMAIL PROTECTED]
http://snowcrash.tdyc.com
GPG KeyID=90BCE0DD
GPG Fingerprint=F2FC
Hi,
I'd like to flag Bug#27444 severity "important" since it filled up
my disk to 100% for the fourth time two days ago. This suxx and
since there is a patch provided it won't hold the release (except
nobody makes a new upload for it).
http://www.infodrom.north.de/Debian/Bugs/db/27/27444.html
D
Hi everybody,
excuse me for being out of topic but I have a little
problem with the squid web cache and if somebody know how
to solve it I will thank him for a LOT of time...
ftpget doesn't work.I am pretty sure the conf file
has all the right options in it, squid launch f
Package: squid
Version: 1.0.16-1
Overwrites /etc/squid.conf, looks like squid.conffiles didn't make it into
the binary.
Mark
You (Marek Michalkiewicz) wrote:
> Package: squid
> Version: 1.0.beta16-1
>
> In the default configuration, squid runs as root. While it can be
> changed in the config file, someone might forget to configure it
> after installation, so I think the default should be secure.
Package: squid
Version: 1.0.beta16-1
In the default configuration, squid runs as root. While it can be
changed in the config file, someone might forget to configure it
after installation, so I think the default should be secure. The
permissions/ownerships in /var/squid and /var/log/squid should
Hello,
From: [EMAIL PROTECTED] (http://www.nlanr.net/Squid/)
Greetings Squid Users! Version 1.0.6 is now available
I would like to help with making it Debian (if I can).
Also, on that same list is talk of kernel tuning,
max file descriptors etc.
Has someone looked at Linux kernel
Craig Sanders writes ("epoch?? how to make squid-1.0.5 > squid-1.0beta16"):
...
> Was epoch implemented? How do I use it?
Yes. See the draft programmers' manual.
Ian.
On Mon, 5 Aug 1996, Craig Sanders wrote:
> Was epoch implemented? How do I use it?
Add ':' to the front of the version. The epoch has to be a
number. For example:
$ dpkg --compare-versions '2' gt '3'
$ echo $?
1
$ dpkg --compare-versions '1:2' gt '3'
$ echo $?
0
Guy
I compiled squid 1.0.5 last night and made a new package for it, but when
i installed it with dpkg on my system i got a warning message about
"downgrading to earlier version due to --force".
which means that dselect can't be used to upgrade this package because it
won't do t
74 matches
Mail list logo
