Re: [squid-users] Redirection - How to in English fornonprogrammers...

From: Chris Robertson <crobertson_at_gci.net>
Date: Tue, 17 Feb 2009 12:42:33 -0900

Amos Jeffries wrote:
>>>>> On Tuesday, 17 February 2009 at 7:52 am, in message
>>>>> <4999D91A.5080104_at_gci.net>,
>>>>>
>> Chris Robertson <crobertson_at_gci.net> wrote:
>>
>>> Geoffrey ROBERTS wrote:
>>>
>>> How was the old version installed?
>>>
>> Tick a box when installing SLES10.
>> No idea of the actual method.
>>
>> I eventually found squid.exe and some other squid files in /USR/SBIN
>> squid.conf is in /etc/squid. And I now realise that squid -v tells you
>> where
>> it is...
>>
>>
>>> It appears that SUSE uses RPMs, so
>>> "rpm -e squid" ought to get rid if the old Squid version.
>>>
>> I'll try that on the test box.
>>
>>
>>> Of course, it
>>> will likely also remove the startup scripts, so you might not want to go
>>> that route without knowing how to relocate/replace them.
>>> http://wiki.squid-cache.org/SquidFaq/InstallingSquid has some generic
>>> tips for starting Squid.
>>>
>> Yes, I had to do some of that to get it to load at startup. I don't think
>> that will be a problem.
>> (But I could be wrong)
>>

For future reference, you might want to have a look at
http://www.novell.com/coolsolutions/trench/14811.html

>>>> Obviously I would much prefer that the 3.0 install simply overwrite the
>>>> existing 2.5 install but I have no real idea how to go about that -
>>>>
>>> Run "squid -v" to find out how your current version of Squid was
>>> compiled. Compile Squid 3 using the same arguments and "make install"
>>> will overwrite it.
>>>
>> heimdal:/etc/squid # squid -v
>> Squid Cache: Version 2.5.STABLE12
>> configure options:
>>

Aha. Squid 2.5 Stable 12. That makes much more sense.

>>> But be aware, if you perform a software update and a
>>> newer Squid 2.5 package is available, your compiled version will be
>>> overwritten.
>>>
>> ?? Mmm. I think I should remove it then do a clean install of 3.whatever
>> if that's the case.
>>

I agree.

>>>> I've downloaded the squid 3 stable tar.gz and unpacked it on another
>>>> SLES10
>>>> box that also has Squid on it (2.15 again - out of the box).
>>>>
>>> No such version.
>>>
>> Well, I hate to argue with someone clearly far more clued than me, but I
>> assure you that
>> the SLES10 SP2 install DVD ISO installs Squid 2.15 Stable 12 for you. I
>> have 2 SLES10 boxes
>> and both have the same version and both are plain vanilla installs
>> straight from the DVD.
>>
>
> I'd guess something is seriously screwed with their version system then.
> 6 > 15 = false, is probably why their users can't upgrade automatically.
>

Heh. Why guess? The version was provided. :o)

>>
>> What would you suggest is the best course here? 2.15 seems to be years
>> old so it seems advisable to
>> upgrade, but should I wipe it out (however that should be done) and
>> install 2.7 or go to 3.0
>>

For a "new" install, I'd suggest using the 3.0 branch. More of the
development effort seems to be focused on it.

>>>> No problem with that. I just need to figure out how to do an in place
>>>> upgrade of the existing (working) squid 2.15 without breaking anything
>>>> else.
>>>>
>>> Assuming you really mean Squid 2.5 and further assuming the proxy is not
>>> internet facing, you really don't.
>>>
>> If you mean does it present an outside interface to the internet, no, it's
>> inside the
>> firewall with an internal IP address.
>>

That's what I meant. But it's irrelevant if you choose to upgrade.

>>> There are likely security
>>> vulnerabilities in 2.5, it doesn't support websites that require NTLM
>>> authentication
>>>
>> Don't think it matters. Squid here is just a proxy/cache, it's connected
>> to the internal lan
>> via a transparent bridge that is the ContentKeeper appliance, which does
>> all the logging
>> and authentication (to Novell eDirectory on a Netware server via LDAP).
>>

If you surf to a website that requires NTLM authentication, and doesn't
pass that authentication over a secure connection, Squid 2.5 won't
handle it. Again, this won't matter if you upgrade.

Now that I think about it, it might not yet be in the 3.0 branch... I
see connection pinning in the 3.1 release notes, but not in 3.0.
Interesting.

>>> and that branch has been relegated to the ravages of
>>> history, so support will be harder to come by, but it still works. If
>>> the version of SUSE you are using is still supported, perhaps that
>>> community is able to give support.
>>>
>> ?? SLES 10SP2 is the current version of SUSE Linux Enterprise Server.
>>

This message contains the first mention of what version of SUSE you are
using. I like to think that I'm pretty insightful, but I haven't
elevated to reading minds yet. ;o)

>>> Henrik gave you a copy (fill-in-the-variables) and paste for your
>>> squid.conf (that should even work in Squid 2.5) that doesn't require
>>> redirectors...
>>>
>>> http://www.squid-cache.org/mail-archive/squid-users/200902/0275.html
>>>
>> Yes, I'm going to try that next, I was going to just persist with the .pl
>> or .php stuff
>> as I know the script itself is ok, but I have a window later today and I
>> will try the
>> other method he supplied.
>>
>>
>>>> If you supply the actual FQDN and IP of the docushare server (on list
>>>> or
>>>>
>>> off), we can even take care of the "fill-in-the-variables" part. Put
>>> your squid.conf in a paste-bin and we can even tell you where in the
>>> config file to put those lines.
>>>
>> I'd rather try it myself first, if I don't I will never learn, but I'll
>> keep that in mind.
>>
>>

I like that attitude. :o)

>>>> The redirect *seemed* to be quick and easy to implement, I should have
>>>> known
>>>> anything to do with changing *nix based stuff is rarely quick and easy.
>>>>
>>> Replace "*nix" with "computer" or even "electronic"...
>>> http://xkcd.com/349/ :o)
>>>
>> Well, some are harder than others. I'm going to take a look at webmin,
>> but YAST seems
>> fine for a lot of it, but the applications are another story, squid being
>> a perfect example.
>> The last proxy/cache I played with other than a pizza box appliance was
>> WASD Web Server
>> on VMS which is... ahem, quite different (and was much easier to configure
>> ;^)
>>

Heh. My first experiences with a multi-user system was a Vax.

>>>> That much I *have* learned about it so far.
>>>> The mere fact you need to have squid call script files in .php or perl
>>>> to do
>>>> the redirect is enough to put me off. I don't speak
>>>> C, perl, php or java.
>>>>
>>> Again, a copy (fill-in-the-variables) and paste example was provided.
>>> You did state that it didn't work but didn't reply to the request for
>>> more information, which is the only way for us to help you fix it.
>>>
>> Sorry, I thought I had. The problem is not with the script, it works fine
>> in
>> a command line. (I did have to change the permissions on it to execute
>> which I would not have thought of.)
>> The problem does not appear to be with the script but with squid itself,
>> which seems unable to use it,
>> or is not using it correctly.
>>

There were a couple of questions asked
(http://www.squid-cache.org/mail-archive/squid-users/200902/0289.html)
that did not receive answers. But if you are going the cache_peer route
(and I see no reason not to) then don't worry about it.

>>>> I wish they'd just pick ONE script language and leave it at that.
>>>>
>>>>
>>> Variety is the spice of life. :o) I'd hate to only see one car on the
>>> roads, or one type of house in a neighborhood and I'd HATE to be forced
>>> to use one scripting language for every problem.
>>>
>> I hate to be forced to use scripting language, period. ;^)
>>

I don't mind scripting, but I loathe programming. Go figure.

>> I have located the support group for SLES so I am posting there as well
>> for the more
>> specific stuff.
>>
>> Thanks again for all your help, I really appreciate it.
>>
>
> Amos
>

Chris
Received on Tue Feb 17 2009 - 21:42:46 MST

This archive was generated by hypermail 2.2.0 : Wed Feb 18 2009 - 12:00:01 MST