I had this same issue and could .. ehrm "guess" (sorry) from the logs
that I was missing g++
After apt-getting g++, everything went smooth.
thanks for pointing to the solution.
cheers!
Lieven
Henrik Nordström wrote:
ons 2010-06-30 klockan 14:25 +0200 skrev Babelo Gmvsdm:
Hi
did you try sarg? It checks the squid logs and creates overviews of the
visited sites per ip.
Marcello Romani wrote:
Charles Bray ha scritto:
Hello,
I am sure this must be a common question... please excuse.
Does there exist a tool or example configuration that will enable me
to log, and di
msktutil, this time
with correct principal information.
Now it works fine, I can see the clients authenticating in the cache.log
bottomline: my bad knowledge about kerberos made me look for the wrong
reasons.
thank you very much for your help.
Cheers !
Lieven
Markus Moeller wrote:
Changing
ocal pc and a wireshark trace
will probably help me solve this further.
thanks for all the effort already.
cheers.
Lieven
Markus Moeller wrote:
Hi Lieven,
The problem seems to be the krb5kdc_err_s_principal_unknown error. If
you took the capture earlier shoudl have seen a TG
I might be completely misunderstanding your request but can't you just
run a http daemon like apache on your proxyserver that serves a page
with explanations?
rgds,
Lieven
Nils Hügelmann wrote:
Hi,
i have a non-accel non-transparent squid 3.1 running on port 80, and
when someone acc
.
thanks,
Lieven
Tim Neto wrote:
How is the Vista machine bound to the Active Directory domain? NTLM
compatibility? Does the same behavior occur with an XP client?
--
Timothy E. Neto
Computer Systems Engineer SMS Construction
is a mistery to me as it seems to work
in the domain itself when computers authenticate to get access to shares
etc...
Any clues welcome.
thanks,
Lieven
--
Please Visit us at V-ICT-OR shopt IT
25 May 2010 - De Montil - Affligem
Lieven De Puysseleir
BA N.V. - http://www.ba.be
Dalemhof 28, 3000 Leuven
tel: 0032 (0)16 29 80 45
<>
dump from that traffic as soon as I have access to a pc at the
location. (non vpn)
How do I add a dump from wireshark?
I got a tcpdump on the squid server which I opened in wireshark and then I
exported it as a plaintext file (all captured traffic, 49 packets) but it's
quiete large. (about 917 lines)
Thanks for your help.
kind regards,
Lieven
trying to get this to work for some time now.
cheers,
Lieven
helpers worked fine.
thankyou,
Lieven
Henrik Nordström wrote:
ons 2010-04-28 klockan 18:46 +0200 skrev lieven:
squid_kerb_auth squid_kerb_auth.o base64.o -lmiscutil -lm
../../../lib/libmiscutil.a(base64.o):(.rodata+0x0): multiple definition
of `base64_code'
base64.o:(.rodata+0x0):
eady tried downloading the squid_kerb_auth from the cvs
(sourceforge project) but couldn't get it to configure. Here, when I go
into the squid_kerb_auth folder, at least the configure works.
Sorry if this sounds gibberish, I'm not a programmer.
thanks for your help.
Lieven
Henrik
em. It just stops the same way as before.
Then I tried an apt-get install squid3, this works fine but I do not
have the much-wanted squid_kerb_auth because it is not included in the
standard squid configure options.
thanks for your help though.
kind regards,
Lieven
Nick Cairncross
r 1
make[1]: Leaving directory `/opt/software/squid-3.1.1/helpers'
make: *** [all-recursive] Error 1
kind regards,
Lieven
<>
Guillaume <[EMAIL PROTECTED]> writes:
> I would like to know if there is a plugin for squid or an parameter in
> squid.conf to have the ability to filter word that are forbidden...
> Ex: sex, porn, etc...
> I'm on squid NT.
> thanks for your replies.
http://dansguardian.org/
--
A: Because it me
"=?iso-8859-2?Q?Horv=E1th_Szabolcs?=" <[EMAIL PROTECTED]> writes:
> Hi!
>
> I've successfully configured squid to use ntlm authentication. If the
> authenticated users go through the proxy, the web page will be loaded.
> In the opposite side, if any unauthorized users want to browse, popup windo
"Riaz Uddin" <[EMAIL PROTECTED]> writes:
> Dear,
>
> I'm using squid as my proxy server in my network and allowing hosts to
> access web by setting my proxy server in browser. Without the setting people
> aren't allowed to access web. I'm very beginner in using squid. To allow
> host to access we
Dusan Djordjevic <[EMAIL PROTECTED]> writes:
> I plan to install few instances of Squid on one multiprocessor box and
> balance load between them. I plan to use LinuxVirtualServer for it. Do
> someone have that kind of solution ? What load balancing you suggest ?
> Any other recommendation ?
F
"Tan, Kian Tiong" <[EMAIL PROTECTED]> writes:
> Hi,
>
> Anyone know how to access certain URL without going through Authentication
> (like msntauth)??
>
> I uses the following:
>
> acl surf dstdomain www.google.com
> always_direct allow surf
>
> But it doesn't work. Is there any other method?
"Li Wei" <[EMAIL PROTECTED]> writes:
> the option "max_user_ip" is a new function with Squid.2.5
> >From its description, it seems very useful.
>
> However, I'm failed in using it.
> Are there any advice to me about how to use it?
acl multiple max_user_ip -s 1
http_access deny multiple
will st
"Alex Carlos Braga Ant?o" <[EMAIL PROTECTED]> writes:
> Any news about that problem with passwords above 15 caracteres that
> squid cannot authenticate ???
ncsa authentication ignores everything after the first 8 characters,
just like the classic unix passwd.
--
A: Because it messes up the
Aqil <[EMAIL PROTECTED]> writes:
> here is the content of my file1 :
> user1:Q9jp0EYusm5eo
>
> Is there someone out there who wants to kindfully try
> for me (with ncsa authentication scheme ? :)
Seems fine to me.
http-proxy-intern:/tmp# cat test.auth
user1:Q9jp0EYusm5eo
http-proxy-intern:/tmp
Aqil <[EMAIL PROTECTED]> writes:
> The MD5 encryption is well supported by ncsa
> authentication scheme, isn't it ?
I don't think so.
> So, I have 2 questions :
> 1. How to make the famous file ?
> ..the file as you know which has to be in the format
> that ncsa authentication scheme supports.
"Frank Chibesakunda" <[EMAIL PROTECTED]> writes:
> my current acl rule is:
>
> acl center_user 192.168.10.2-192.168.10.110
> acl browse time 08:30-15:30
>
> http_access deny center_user
> http_access deny center_user browsetime
This is redundant. The above matches center_user AND browsetime but
"kelly kloen" <[EMAIL PROTECTED]> writes:
> i have put in :
>
> reply_body_max_size 2948 ( = 2 MB i think is this correct ? ) deny all
2048
> when i pu tin this line i can still download more dan 2 mb. from
> www.xs4all.nl/~kloenie/ the emule file ( is 3 mb ;) )
>
How lo
"kelly kloen" <[EMAIL PROTECTED]> writes:
> my squid proxy works now on a redhat 9.0
> i have this in my squid.conf :
>
> acl leerling src 212.178.168.0/255.255.254.0
> acl block url_regex -i "/var/log/squid/block/block.txt"
> acl ip dst "/var/log/squid/block/ip.txt"
> acl url dstdomain "/var/log
Henrik Nordstrom <[EMAIL PROTECTED]> writes:
> Not easily, but as a quick fix adding a log statement to the acl
> processing of max_user_ip might suffice. However, you migth then be
> somewhat flooded with messages if the users persists in trying to get
> access.
Yes, that would work. As another
"Tushar Gupta" <[EMAIL PROTECTED]> writes:
> Also is it possible to generate both start of session and end of session
> records using squid using any authentication mechanism. I am looking
> forward to do accounting based on number of hours of usage.
HTTP is inherently a stateless protocol and th
"Robert Ainslie" <[EMAIL PROTECTED]> writes:
> I have a very large network with an internet connection and an
> authenticating squid proxy server. We have an important web
> application that is hosted by a 3rd party asp but our internet pipe is
> way overutilised which makes the application unusab
In recent versions of squid, the authenticate_ip_ttl mechanism has
been changed with the max_user_ip acl. Previous versions of squid
logged multiple ip address use with the user name which was handy to
force password changes of compromised userids. Is there a way to get
this logging back?
--
Ther
"Sander Winkel" <[EMAIL PROTECTED]> writes:
> I want to give only access to computers from an specified ip-range and the
> users at that ip-range must be validated with radius authentication.
> The radius authentication works well, but I don't know how to define that
> only the specified IP-range
"Cliff Barnes" <[EMAIL PROTECTED]> writes:
> I don´t know if this is really what I want... because of:
>
> Internet -- TrendMicro Interscan Viruswall -- SQUID -- Users
>
> SQUID should always connect through the Viruswall and never direct to the
> internet. If I put in port 85 to the safe_port
"Cliff Barnes" <[EMAIL PROTECTED]> writes:
> I guess it´s because the ":85", but I don´t know... please help me!
Add port 85 to the Safe_ports acl in squid.conf.
--
Never argue with a fool in public. People might not see the difference.
32 matches
Mail list logo