Hi all,
Im looking to use my Remote Desktop Gateway with my Squid.
I tried this config but it didnt work.
### SITE
cache_peer site.domain.qc.ca parent 443 0 no-query originserver ssl
sslflags=DONT_VERIFY_PEER name=site
acl sitehttps url_regex ^https://site\.domain\.qc\.ca
http_access allow
Hi again,
I would like to change the Squid'slogo that appear on an ccess denied page...
I replace the picture /usr/share/squid/icons/SN.png but it didnt work.
What did I miss ?
Thanks you very much.
Sébastien.
___
squid-users mailing list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
You miss local web-server, which must serve this picture.
22.10.15 0:52, sebastien.boulia...@cpu.ca пишет:
> Hi again,
>
> I would like to change the Squid'slogo that appear on an ccess denied
page...
> I replace the picture
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
First, you should put in order configurations.
22.10.15 0:31, luizca...@gmail.com пишет:
> Hello,
> So what I am trying to accomplish here is to basically have a
whitelist of domains that is allowed via http/https. If the UID is
squid,apache, or
Hi,
I have a running setup for proxying only 'big' files, like Windows
Update, Apple Updates and some other very specific URLs. That's working
just fine, no problem on that.
For avoiding caching small things on the URLs i want to have big
files proxied, i setup the
hello ,
can we deny rep_mime_type for specific domain ?
if yes then how
if no then why
thank you ..
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/deny-rep-mime-type-tp4673816.html
Sent from the Squid - Users mailing list archive at Nabble.com.
It is also possible to use the in place image like we do for our “403 blocked
page” – see http://docs.diladele.com/faq/filtering/logo.html
Best regards,
Rafael Akchurin
Diladele B.V.
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf
Of Yuri Voinov
Sent: Wednesday,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Show as access.log/cache.log for denied HTTPS sites.
All others confir quirks will remain onto your responsibility - Amos
come and explain when I/you wrong. ;)
22.10.15 1:52, luizca...@gmail.com пишет:
> I answered your questions below. However
My question wasnt that.
I want to change the Squid’s logo…
Nothing else…
Im sure I need to change something else if I want the Squid’s logo replaced…
Did you ever replace the Squid logo ?
Thanks.
Sebastien.
De : squid-users [mailto:squid-users-boun...@lists.squid-cache.org] De la part
de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
You are talking about logo, which is hosted on external web-site.
You can:
1. Use your own local web-server with another picture and point ERR_PAGE
to this location.
2. Use Rafael's method as descrubed.
3. As Amos to get administrative rights on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Show piece of
allowed_domains
file.
22.10.15 2:29, luizca...@gmail.com пишет:
> Could you suggest a configuration that you think should be working ? I would
> like both
HTTP/HTTPS domains whitelisted via file all other domains blocked. What
am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
https://www.google.com/search?q=RDP+via+Squid
Some results:
http://superuser.com/questions/713359/i-want-to-rdp-to-my-server-that-is-behind-a-squid3-proxy
I have squid running on Centos 7 and am trying to setup AD authentication. I
have samba/winbindd installed and the system was added to the domain with
authconfig. I have tested authentication with auth_ntlm and that works. I have
also tested group membership with auth_ntlm and that works as
I answered your questions below. However https traffic is still always being
denied even though the site is on the allowed_list via nobumpSites.
I want to control http/https traffic using the “allowed_domains” list. This
current configuration works for HTTP but not HTTPS traffic.
If there is an
Could you suggest a configuration that you think should be working ? I would
like both HTTP/HTTPS domains whitelisted via file all other domains blocked.
What am I missing ? My assumption here is the acl nobumpSites ssl::server_name
"/etc/squid/git_allowed_domains/allowed_domains” part is not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Usually Squid uses in conjunction with
redirector+Apache/other_web_server, so in these setups the shortest (and
weak) way is using it...
But Rafael is right.
22.10.15 1:46, Rafael Akchurin пишет:
> It is also possible to use the in place image
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Look more:
http://www.experts-exchange.com/Software/Anti-Virus/Q_24387982.html
and more.
More closed:
In transparent proxy setups RDP is not a problem everywhere, because of
transparent proxy utilizes only HTTP and/or HTTPS ports.
RDP is not
Hi Yuri,
Thanks you very much for your answer.
My question was Remote Desktop Gateway with my Squid.
A Remote Desktop Gateway and RDP is not the same.
http://windows.microsoft.com/en-ph/windows7/what-is-a-remote-desktop-gateway-server
Thanks.
Sébastien.
De : squid-users
There really isn’t anything in there right now since I am testing.
/etc/squid/git_allowed_domains/allowed_domains"
.facebook.com
.cnn.com
___
squid-users mailing list
squid-users@lists.squid-cache.org
Hi,
I suspect (unverified) that
acl dom dstdomain .example.com
acl type rep_mime_type base/type
http_reply_access deny dom type
http_reply_access allow all
will do what you need
On Wed, Oct 21, 2015 at 9:36 PM, HackXBack wrote:
> hello ,
> can we deny rep_mime_type for
thank you amos was helpful
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/auto-get-latest-release-tp4673780p4673830.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squid-users mailing
sorry not deny but make it miss and not hit
with
store_miss
send_hit
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/deny-rep-mime-type-tp4673816p4673829.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Would it be fair to say best practice is to get kerbose working in favour
of ntlm ?
On 21/10/2015 3:18 PM, "Amos Jeffries" wrote:
> On 2015-10-21 15:38, Ilias Clifton wrote:
>
>>
>>> On 20/10/2015 4:04 p.m., Ilias Clifton wrote:
>>> > Hi All,
>>> > I've been following the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Working config snippet for 3.5.x looks like this:
acl get_sni_at_step1 at_step SslBump1
ssl_bump peek get_sni_at_step1
acl spliced_hosts ssl::server_name_regex -i
"/usr/local/squid/etc/url.nobump"
ssl_bump splice spliced_hosts
ssl_bump bump
On 10/21/2015 02:49 PM, Yuri Voinov wrote:
> Working config snippet for 3.5.x looks like this:
>
> ssl_bump peek get_sni_at_step1
> ssl_bump splice spliced_hosts
> ssl_bump bump net_bump
The above config leaves the following question unanswered:
Q: What happens if neither spliced_hosts nor
Hello,
So what I am trying to accomplish here is to basically have a whitelist of
domains that is allowed via http/https. If the UID is squid,apache, or root
then basically you will bypass squid and anything is allowed. This was working
well on 3.4.2 however once I moved to 3.5.10 it no longer
Alex,
So what do you recommend to do here ? I just need a simple whitelist file for
both http/https. I have a config that works on 3.4 but would like to upgrade to
3.5 and the current config we have won't cut it. Just need a simple if you are
in this list allow if not deny. No need for any ssl
Dear Alex,
unfortunately not really fixed.
The upload speed using squid 4.0.1 with this patch has bettered significant
but is far away from squid 3.4.x performance.
The used test client can reach a maximum upload speed of 115 MBIT if the
apache server is directly reachable.
If a SQUID 3.4.X
Dear Alex,
using squid 3.5.10 with patch the upload speed problem seems to be fixed.
Now I get 112Mbit upload speed from a possible maximum of 115Mbit.
Squid 4.0.1 still has a performance problem on unencrypted POST upload ...
BR, Toni
(TSO off)
12:10:16.343559 IP 10.1.1.210.49388 >
On 2015-10-20, Brendan Kearney wrote:
> this did not work - snmpwalk -v2c -c SecretHandShake proxy1:3401
> this did work - snmpwalk -v2c -c SecretHandShake proxy1:3401 .1.3
From snmpwalk's manual:
"If no OID argument is present, snmpwalk will search the subtree rooted
Em 20/10/15 16:26, sebastien.boulia...@cpu.ca escreveu:
When I try to do a snmpwalk, I got a timeout.
[root@bak ~]# snmpwalk xx:3401 -c cpuread -v 1
[root@bak ~]#
Anyone monitor Squid using SNMP ? Do you experiment some issues ?
You're not getting timeout, you're getting no
31 matches
Mail list logo