|
|
Sponsored Content
Operating Systems
Linux
squid dynamic cache
Post 302287639 by ccc on Saturday 14th of February 2009 08:17:55 PM
02-14-2009
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
hi,
What is the difference between UBC cache and Metadata cache ? where can i find UBC cache Hits and Metadata cache Hits in hp-ux?
Advanced thanx for the help. (2 Replies)
Discussion started by: sushaga
2 Replies
2. Linux
Hi,
I have redhat linux 9 and squid installed on it. I would like to know which (ufs, diskd, async) format I should use in my squid setup for the squid directory.
Also if possible can anyone tell me which is the best.
Regards,
Raja (2 Replies)
Discussion started by: RajaRC
2 Replies
3. Linux
Hi,
I have redhat linux 9 and squid installed on it. I have three cache directories on my filesystem
The size of each varies --
/cache0 600 MB
/cache1 1024 MB
/cache2 900 MB
I have checked that all the 3 directories the disk space utilization same, does that mean the squid copies same... (0 Replies)
Discussion started by: RajaRC
0 Replies
4. Web Development
hi
howto configure 2.6.STABLE5 to deny caching of .asp webpages? (3 Replies)
Discussion started by: ccc
3 Replies
5. UNIX for Advanced & Expert Users
I have a file that reads File (X.txt)
Contents of record 1:
rdrDESTINATION_ADDRESS (String) "91 971502573813"
rdrDESTINATION_IMSI (String) "000000000000000"
rdrORIGINATING_ADDRESS (String) "d0 movies"
rdrORIGINATING_IMSI (String) "000000000000000"
rdrTRAFFIC_EVENT_TIME... (0 Replies)
Discussion started by: magedfawzy
0 Replies
6. Linux
Hi all
I saw in Microsoft web site www.SysInternals.com a tool called CoreInfo from able to print out on screen the size of the Data and Instruction caches of your processor, the Locigal to Physical Processor mapping, the number of the CPU sockets. etc..
Do you know if in Linux is available a... (2 Replies)
Discussion started by: manustone
2 Replies
7. Linux
Hi All,
could any one point out any open source test-suites for "File cache" testing and as well as performance test suites for the same. Currently my system is up with Linux/ext4.
Regards
Manish (0 Replies)
Discussion started by: hmanish
0 Replies
8. Linux
hello all,
how i can configure Squid with ONE Network Card for cache and proxy as shown in image attached. (1 Reply)
Discussion started by: jazaib92
1 Replies
9. UNIX for Advanced & Expert Users
Hello all,
I am trying to configure squid proxy server for different organizations. These organizations will have different blocked ports, different acls, etc. But, I can use only one proxy server for this purpose. Thinking of making a shell script with iptables and squid.
For an example: a... (1 Reply)
Discussion started by: admin_xor
1 Replies
10. IP Networking
Hello,
I have a pretty useless satellite link at home (far from any civilization), so I wanted to set up caching in order to speed things up. My Squid 2.6 runs "3128 transparent" and is set up quite well on a separate machine.
I also have my dd-wrt router to move all port 80 traffic through... (0 Replies)
Discussion started by: theWojtek
0 Replies
LEARN ABOUT OSF1
ifaccess.conf
ifaccess.conf(4) Kernel Interfaces Manual ifaccess.conf(4) NAME
ifaccess.conf - Interface access filter configuration file DESCRIPTION
The /etc/ifaccess.conf file is an optional system file that specifies access filter entries for network interfaces. Interface access fil- tering provides a mechanism for detecting and preventing IP spoofing attacks. (See CERT Advisory CA-95:01). The source addresses of IP input packets are checked against interface access filter entries; packets receive the action associated with the first matching entry. The /etc/ifaccess.conf file is read by the /usr/sbin/ifconfig command when called with the filter option. The /etc/ifaccess.conf file is defined as a Context-Dependent Symbolic Link (CDSL), and must be maintained as such. See the System Admin- istration manual for more information. Lines in /etc/ifaccess.conf may be comment lines beginning with a number sign (#), blank lines, or access filter entries with the following format: interface_id address mask action In the preceding format: Specifies the network interface for which this entry applies. Is specified as a hostname, network name, or an Internet address in the standard dotted-decimal notation. Specifies which bits of the address are significant. The mask can be specified as a single hexadecimal number beginning with 0x, in the standard Internet dotted-decimal notation, or beginning with a name. The mask con- tains 1s (ones) for the bit positions in address that are significant. Specifies an entry to match packets against. The following actions are allowed: permit, deny, or denylog. Packets matching an entry with a permit action are passed to higher levels; packets matching an entry with a deny action are dropped; packets matching an entry with a denylog action are dropped, with a descriptive message sent to the system error logging facility. To prevent host spoofing, you must determine which networks are not secure and which interfaces are connected to those networks. For exam- ple, if a host is connected to a secure, trusted network on one interface and to non-trusted (non-secure) network on a second interface, you need to add an entry for the non-trusted network interface in the host's ifaccess.conf file. Interfaces connected to trusted networks do not require an entry in the ifaccess.conf file. Use the netstat(1) command to display the current access filters for the interface. NOTES
Some machines send IP broadcast messages to the alternate all-zeros address instead of the all-ones address. This generates the following error: ipintr: IP addr 0.0.0.0 on interface: access denied You should consider this error equivalent to the following error: ipintr: IP addr 255.255.255.255 on interface: access denied Use the tcpdump command to capture and examine the IP packets in order to find out about the machine sending them. RESTRICTIONS
An interface access filter entry mask must have at least as many significant bits set as the address. Interface access filters have an implicit default permit all entry at the end. Interface access filter entries are assigned in the order in which they appear in /etc/ifaccess.conf, with packets receiving the action of the first entry that matches. At most IFAF_MAXENTRIES access filter entries may be assigned for each network interface. (See the /usr/sys/include/net/if.h file.) A default deny all entry may be configured by adding an entry similar to the following as the last entry for interface xyz0 in /etc/ifac- cess.conf file: xyz0 0.0.0.0 0.0.0.0 deny Only address family inet is supported. EXAMPLES
The following example shows the ifaccess.conf files for two hosts, Host A and Host B, on a network; trusted is the trusted network. Host A connects to the trusted network via the fza0 interface and connects to an untrusted network, insecure1, via the ln0 interface. Host A's ifaccess.conf file includes the following entry: ln0 trusted 255.255.255.0 deny # deny all packets from hosts that # claim they originated from the # secure network. Host B connects to the trusted network via the fza0 interface; connects to an untrusted network, insecure1, via the ln0 interface; and connects to another untrusted network, insecure2, via the ln1 interface. Host B's ifaccess.conf file includes the following entries: ln0 trusted 255.255.255.0 deny # deny all packets from hosts that # claim they originated from the # secure network. ln1 trusted 255.255.255.0 deny # deny all packets from hosts that # claim they originated from the # secure network. Note that there is no entry in the ifaccess.conf file for the trusted network device, fza0. Only the untrusted network interfaces are configured with ifaccess.conf. FILES
Specifies the path name for the file. Network interface structures header file. Internet address and version structures header file. RELATED INFORMATION
Commands: netstat(1), ifconfig(8), syslogd(8), tcpdump(8). delim off ifaccess.conf(4)