RE: [squid-users] parseHttpRequest: Unsupported method
> > Hi, I keep seeing these messages in my cache.log file. > Access.log shows that they all come from one client IP > address who is behind a NAT with 65 PCS. > So it is almost impossible to identify the culprit PC. > What could be the cause/solution? Is there something I can block? > > > 2004/05/07 09:10:45| clientReadRequest: FD 510 Invalid Request > 2004/05/07 09:10:57| parseHttpRequest: Unsupported method > '@D}ÃtÃÃdÂÃDÃÅÃÃCÃÃkÃÃÃNÂrâÃÂFÃÃÃÂÂ>ÃnÃÂÃ%âËÃyÃ]FÃGdâMÂB&B > Well, someone is sending 'real bogus' http (stream(s)) to your squid, or more so to speak : complete corrupted stuff. You'll have to identify the source in some way. You can not block if you do not know who to block, or if only one ip address only arrives at SQUID (indeed). M.
[squid-users] parseHttpRequest: Unsupported method
Hi, I keep seeing these messages in my cache.log file. Access.log shows that they all come from one client IP address who is behind a NAT with 65 PCS. So it is almost impossible to identify the culprit PC. What could be the cause/solution? Is there something I can block? 2004/05/07 09:10:45| clientReadRequest: FD 510 Invalid Request 2004/05/07 09:10:57| parseHttpRequest: Unsupported method '@D}ÃtÃÃdÂÃDÃÅÃÃCÃÃkÃÃÃNÂrâÃÂFÃÃÃÂÂ>ÃnÃÂÃ%âËÃyÃ]FÃGdâMÂB&B ' 2004/05/07 09:10:57| clientReadRequest: FD 740 Invalid Request 2004/05/07 09:11:40| parseHttpRequest: Requestheader contains NULL characters 2004/05/07 09:11:40| clientReadRequest: FD 908 Invalid Request 2004/05/07 09:11:43| parseHttpRequest: Unsupported method 'ÃQÂÂ0âÃÃÂÂ1Ã:Ã/Ã5YsJC ' 2004/05/07 09:11:43| clientReadRequest: FD 637 Invalid Request 2004/05/07 09:13:24| parseHttpRequest: Unsupported method 'ÂÃÃyÃÂDÃgoyh%@)2~OÃXÃ\âAÃÂpÂË Ã?ÃoÂwÅbâÃqÃÃf1ÃvGÃÃÃ0|ÃR ' 2004/05/07 09:13:24| clientReadRequest: FD 673 Invalid Request 2004/05/07 09:13:33| parseHttpRequest: Unsupported method '[EMAIL PROTECTED]: FD 1626 Invalid Request 2004/05/07 09:13:34| parseHttpRequest: Unsupported method 'ÂÃÃ
[squid-users] parseHttpRequest: Unsupported method
Hi, I keep seeing these messages in my cache.log file. Access.log shows that they all come from one client IP address who is behind a NAT with 65 PCS. So it is almost impossible to identify the culprit PC. What could be the cause/solution? Is there something I can block? 2004/05/07 09:10:45| clientReadRequest: FD 510 Invalid Request 2004/05/07 09:10:57| parseHttpRequest: Unsupported method '@D}ÃtÃÃdÂÃDÃÅÃÃCÃÃkÃÃÃNÂrâÃÂFÃÃÃÂÂ>ÃnÃÂÃ%âËÃyÃ]FÃGdâMÂB&B ' 2004/05/07 09:10:57| clientReadRequest: FD 740 Invalid Request 2004/05/07 09:11:40| parseHttpRequest: Requestheader contains NULL characters 2004/05/07 09:11:40| clientReadRequest: FD 908 Invalid Request 2004/05/07 09:11:43| parseHttpRequest: Unsupported method 'ÃQÂÂ0âÃÃÂÂ1Ã:Ã/Ã5YsJC ' 2004/05/07 09:11:43| clientReadRequest: FD 637 Invalid Request 2004/05/07 09:13:24| parseHttpRequest: Unsupported method 'ÂÃÃyÃÂDÃgoyh%@)2~OÃXÃ\âAÃÂpÂË Ã?ÃoÂwÅbâÃqÃÃf1ÃvGÃÃÃ0|ÃR ' 2004/05/07 09:13:24| clientReadRequest: FD 673 Invalid Request 2004/05/07 09:13:33| parseHttpRequest: Unsupported method '[EMAIL PROTECTED]: FD 1626 Invalid Request 2004/05/07 09:13:34| parseHttpRequest: Unsupported method 'ÂÃÃ
Re: [squid-users] Re: VirusWall and Squid ACL
> > cache_peer 127.0.0.1 parent 80 7 default no-query Is UDP echo port enabled in 127.0.0.1 (localhost) /etc/inetd.conf file. > acl binaries urlpath_regex -i \.exe$ \.zip$ \.vbs$ \.gz$ > cache_peer_access 127.0.0.1 allow binaries > never_direct allow binaries > Regards, Muthukumar. --- === It is a "Virus Free Mail" === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.677 / Virus Database: 439 - Release Date: 5/4/2004
RE: [squid-users] Squid <> Squidguard
> > > Dear all, > > Can somebody tell me what difference of Squid and > squidguard, do i have to > install squid and squidguard in the same time. > Squidguard is only a redirector which can be used in combination with SQUID to do site filtering (e.g.). However squidguard is only an 'option' if you are looking for blocking material. Squid's ACL mechanisms are equally powerfull. You don't need squidguard for getting a 'working squid'. M.
RE: [squid-users] fatal error false alarm
> > Greetings List, > > I have received two of the following emails from my squid > server, but in > both cases I have not noticed any problems with the system. > No disruption > in service or anything in cache.log. > > Is this a known issue or something I should be concerned > about? Is there > something I should look for if / when this happens again? > > Squid Cache: Version 2.5.STABLE4-20040104 > configure options: --enable-storeio=ufs,aufs,diskd --enable-snmp > SuSE Linux 8.0 (i386) > VERSION = 8.0 > > > The email: > > From: squid > To: [EMAIL PROTECTED] > Subject: The Squid Cache (version 2.5.STABLE4-20040104) died. > > You've encountered a fatal error in the Squid Cache version > 2.5.STABLE4-20040104. > If a core file was created (possibly in the swap directory), > please execute 'gdb squid core' or 'dbx squid core', then > type 'where', > and report the trace back to [EMAIL PROTECTED] > > Thanks! > Well, I doubt the error as it states by itself is false : examine cache.log carefully, look for the string "FATAL" possibly using a 'search tool' so to speak M.
[squid-users] Squid <> Squidguard
Dear all, Can somebody tell me what difference of Squid and squidguard, do i have to install squid and squidguard in the same time. What i get if i install squidguards ??? Regards, David Kandou
[squid-users] Re: VirusWall and Squid ACL
Hi Herman, Make sure the Interscan already running on port 80. Go to the http://x.x.x.x:1812/httpscan.cgi and check the "InterScan HTTP Proxy port (connects to browser)" value. And check whether your Interscan already started or not http://x.x.x.x:1812/isswitch.cgi I can verify that VirusWall (both Squid and VirusWall are on the same box) is setup to InterScan HTTP Proxy port (connects to browser): 80 Original HTTP server location: InterScan acts as proxy itself. x Other (server and port): 127.0.0.1 80 Actually, you may test from your browser client by passing squid. Simply configure you client browser to your proxy IP Address with the Interscan port (80). If this doesn't work then your interscan is not running. However when I tried to go to the internet through http://x.x.x.x:80, I see no reply. But /var/log/iscan/log.2004.05.06 does show my attempted connection, 05/06/2004 17:08:53 http[6683]: connection from 127.0.0.1, "GET http://www.slashdot.org/ HTTP/1.0" 05/06/2004 17:08:53 http[6679]: connection from 127.0.0.1, "GET http://www.slashdot.org/ HTTP/1.0" I'm not sure if it is getting out. I've also added the following lines to squid.conf. May I ask what am I doing wrong? cache_peer 127.0.0.1 parent 80 7 default no-query acl binaries urlpath_regex -i \.exe$ \.zip$ \.vbs$ \.gz$ cache_peer_access 127.0.0.1 allow binaries never_direct allow binaries Regards, Norman
[squid-users] NCSA authentication
Hi, how do I allow some users and deny others when I'm using NCSA to authenticate? Thanks, Simon -- __ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze
[squid-users] Re: multiple requests to authenticate
Raymond Norton wrote: > We run squid with ncsa_auth on a number of IPCop boxes with dansguardian > installed. Normally, when a user logs in they do not need to authenticate > again unless they open another browser window. I am getting complaints > from one school that they are being asked to reauthenticate multiple times > per session now. This is more commonly seen with NTLM, not basic. Check the stats in Cache Manager - are your auth helpers overloaded? I assume you already checked the basics (using correct password, caps lock is off, login prompt is for proxy - not a remote web site, etc). What browser & version? Some versions of IE are broken in this regard. See the Squid Authentication FAQ for more info on that. > As long as I'm at it I would like to modify my config (if possible), so > users only need to login once per session, no matter how many windows they > have open. How and when the user is prompted for login credentials is a browser issue, not a Squid issue. You would have to talk to your browser vendor about it. Adam
[squid-users] multiple requests to authenticate
We run squid with ncsa_auth on a number of IPCop boxes with dansguardian installed. Normally, when a user logs in they do not need to authenticate again unless they open another browser window. I am getting complaints from one school that they are being asked to reauthenticate multiple times per session now. Is there something I can add to my squid.conf that will eliminate this? As long as I'm at it I would like to modify my config (if possible), so users only need to login once per session, no matter how many windows they have open. Raymond Norton LCTN [EMAIL PROTECTED] To Infinity and beyond! --Buzz Lightyear
[squid-users] RE: Re: Confused about autenthication
Prash wrote: > or use PAM. > Set your squid to do a pam_auth on the same server. > Set that server to host accounts on ldap (see pam with ldap). This ldap DB > can sit anywhere and you can use TLS or SSL. This still wouldn't encrypt the password between the client and the proxy. Adam
RE: [squid-users] Re: Confused about autenthication
or use PAM. Set your squid to do a pam_auth on the same server. Set that server to host accounts on ldap (see pam with ldap). This ldap DB can sit anywhere and you can use TLS or SSL. So your architecture would be:- Server1 -> Squid + pam_auth Server1 -> Set PAM to auth via LDAP to server2 using TLS/SSL (/etc/ldap.conf) Server2 -> LDAP DB (posixAccount and posixGroup) (The only drawback is all the ldap users become server1's login accounts but you can get around that) -Original Message- From: news [mailto:[EMAIL PROTECTED] Behalf Of Adam Aube Sent: 06 May 2004 20:43 To: [EMAIL PROTECTED] Subject: [squid-users] Re: Confused about autenthication Carlos Martínez-Troncoso Cera wrote: > I want to authenticate my users against my LDAP Sun One Directory Server > 5.1 when they want to use my squid 2.5 stable5 and I want encrypted > passwords Unfortunately, there is no "out of the box" solution. LDAP integration in Squid is only supported with basic authentication, and basic authentication sends the password cleartext over the network to the proxy. What you can do is use Stunnel (or a similar program) to setup an encrypted channel between the clients and the proxy server. The username and password will travel over this channel and be encrypted in transit. Adam
[squid-users] Re: Confused about autenthication
Carlos Martínez-Troncoso Cera wrote: > I want to authenticate my users against my LDAP Sun One Directory Server > 5.1 when they want to use my squid 2.5 stable5 and I want encrypted > passwords Unfortunately, there is no "out of the box" solution. LDAP integration in Squid is only supported with basic authentication, and basic authentication sends the password cleartext over the network to the proxy. What you can do is use Stunnel (or a similar program) to setup an encrypted channel between the clients and the proxy server. The username and password will travel over this channel and be encrypted in transit. Adam
Re: [squid-users] MYSQL auth
hello, > can i know how to use MYSQL auth. yep, what do you want to know about that? pls define your question exactly. a.
Re: [squid-users] Confused about autenthication
Hello Carlos, I am using Squid 2.5 STABLE 5 and authenticating against SunONE Directory 5.1/5.2. Here is a snipet of my Squid config for you. Give it a try. For user authentication use something like: auth_param basic program /usr/lib/squid/squid_ldap_auth -h myldapserver.domain.net -p 389 -P -b o=domain -f "uid=%s" Use an ACL - Access structure like: acl manager proto cache_object acl my_users proxy_auth REQUIRED acl my_networks src 192.168.1.0/24 http_access allow manager my_users my_networks For group authentication/control use something like: external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group -h myldapserver.domain.net -p 389 -P -b o=domain -F "uid=%s" -f "(&(cn=%g)(uniquemember=%u)(objectClass=groupOfUniqueNames))" Use an ACL - Access structure like: acl my_networks src 192.168.1.0/24 acl proxy_group external ldap_group proxy http_access allow my_networks proxy_group As to the encryption of the passwords, I'm not sure here. The browser would have to send the encrpyted password. I know my LDAP server's passwords are encrypted. My users are able to authenticate. So... Henrik might be able to answer the encryption question better. He was very helpful when I was first setting up Squid here initially. Thanks to everyone on this mailing list. Tim -- Timothy E. Neto Computer Systems Engineer Komatsu Canada Limited Ph#: 905-625-6292 x265 1725B Sismet Road Fax: 905-625-6348 Mississauga, Ontario, Canada E-Mail: [EMAIL PROTECTED] L4W 1P9 -- Carlos Martínez-Troncoso Cera wrote: Hello everybody. I want to authenticate my users against my LDAP Sun One Directory Server 5.1 when they want to use my squid 2.5 stable5 and I want encrypted passwords, reading about it I found that winbind is the solution, but with winbind I need a NT server (I don´t like this...) How do I do this, what authenticathion schema can I use? Thanks a lot.
[squid-users] fatal error false alarm
Greetings List, I have received two of the following emails from my squid server, but in both cases I have not noticed any problems with the system. No disruption in service or anything in cache.log. Is this a known issue or something I should be concerned about? Is there something I should look for if / when this happens again? Squid Cache: Version 2.5.STABLE4-20040104 configure options: --enable-storeio=ufs,aufs,diskd --enable-snmp SuSE Linux 8.0 (i386) VERSION = 8.0 The email: From: squid To: [EMAIL PROTECTED] Subject: The Squid Cache (version 2.5.STABLE4-20040104) died. You've encountered a fatal error in the Squid Cache version 2.5.STABLE4-20040104. If a core file was created (possibly in the swap directory), please execute 'gdb squid core' or 'dbx squid core', then type 'where', and report the trace back to [EMAIL PROTECTED] Thanks! Thanks for any suggestions or comments. -Grant
[squid-users] Confused about autenthication
Hello everybody. I want to authenticate my users against my LDAP Sun One Directory Server 5.1 when they want to use my squid 2.5 stable5 and I want encrypted passwords, reading about it I found that winbind is the solution, but with winbind I need a NT server (I don´t like this...) How do I do this, what authenticathion schema can I use? Thanks a lot. -- Carlos Martínez-Troncoso Cera Coordinador de Servicios Internet/Intranet Universidad del Norte Barranquilla, Colombia Tel: 57 5 3509367
RE: [squid-users] Proxy.pac Port
> -Original Message- > From: Matt [mailto:[EMAIL PROTECTED] > function FindProxyForURL(url, host) > { > if (url.substring(0, 5) == "http:") { > return "PROXY my.proxy:8080"; > } > else { > return "DIRECT"; > } > } > > for instance the above wont work. If it has an "http:" in url it gets > redirected. What if someone enters www.mydomain.com I still > want it to go. It will still go. "www.mydomain.com" is converted to "http://www.mydomain.com/"; in the browser, before the proxy sees it. It isn't a valid URL on its own. I use the construction you show above and it works fine. > And if someone enters www.mydomain.com:8080 I do not want it to go. This is a genuine problem, though.
RE: [squid-users] Squid stops with a 131 MB access.log
> > Conectiva Linux 8 Kernel 2.4.18 (Conectiva is a Brazilian > distribution based on Red Hat) > > For the second time in less than one month, my Squid stops > when the access.log reaches 131 MB > There is some limitation in log file sizes? (Pentium III-500, > 128 RAM, /var with 3.6 GB free) > - How does SQUID 'stop' in your terms ? - Does the SQUID process disappear ? - What are the last logged lines in cache.log when this happens ? M.
[squid-users] Re: How to prevent to download files
Remus wrote: > What kind of acl rule I have to use to prevent users to download all > files, except the .pdf, .doc, and .xls? Are you aware that if you only allow those three extenstions, you will prevent normal web browsing? This is because, to Squid, both browsing and downloading are simply HTTP requests for various URLs. However, if you still want to do this, this will do what you want: acl allow_files urlpath_regex -i \.pdf$ \.doc$ \.xls$ http_access deny !allow_files Adam
[squid-users] Squid stops with a 131 MB access.log
Conectiva Linux 8 Kernel 2.4.18 (Conectiva is a Brazilian distribution based on Red Hat) For the second time in less than one month, my Squid stops when the access.log reaches 131 MB There is some limitation in log file sizes? (Pentium III-500, 128 RAM, /var with 3.6 GB free) My logrotate does not work (when i use logrotate with debug, state that logrotate.status could not be fond, but the file was there, with chmod 777) I do a squid -k rotate and the logs were roatetd correctly Someone can send me a sample of a logrotate.conf/logrotate.d/squid files?
RE: [squid-users] Yahoo / MSN Audio Chat through Squid Proxy
You'll need to put an access list in the router that allowsto do a pass through. Rather then run through the proxy. Audio doesn't play by the same rules.. Make sure all your Microsoft products are current on security patches.. We've had to do similar things with libraries. Messenger relies on a stateful connection, it uses TCP rather then UDP, sending ACK's back to a proxy doesn't get it to it correct destination, but that is what messenger thinks is the destination. Bypass proxy on these and you should be ok. PORT 1823 MSN Messenger 1863 instant messenging *. NOTE: For file transfer or voice chat ports and NAT information for Messenger 3 see MS Support article Q278887. For Messenger 4 see the detailed document on Windows Messenger XP Yahoo Messenger - Voice Chat 5000-5001 5000-5010 voice chat Yahoo Messenger - messages 5050 messaging. NOTE: It will try ports 5050, 80, any port. Yahoo Messenger - Webcams 5100 video = Rex Mueller - Systems and Security Engineer ESU#3 6949 S 110th Street LaVista, Nebraska 68128 rmueller at esu3 dot org = -Original Message- From: Mr. S M Thakor [mailto:[EMAIL PROTECTED] Sent: Thursday, May 06, 2004 7:11 AM To: Squid Subject: [squid-users] Yahoo / MSN Audio Chat through Squid Proxy Hi, Yahoo messenger or MSN messenger gives audio/webcam chat facility which does not work through Squid Proxy server. Is there any solution through squid.conf where autio/webcam chat works fine? -- S.M. Thakor, Manager, Information Systems Dept., M/s. GNFC Ltd., Bharuch, Gujarat, India, Fax : +91-2642-247002 Ext. 8328 Phone : +91-2642-237328 VMS : +91-2642-247002 Ext. 7328
Re: [squid-users] How to prevent to download files
> > > > What kind of acl rule I have to use to prevent users to download all > files, > > except the .pdf, .doc, and .xls? > > Check this. acl prevent-dl urlpath_regex -i \.pdf$ \.doc$ \.xls$ . . http_access deny prevent-dl Regards, Muthukumar. --- === It is a "Virus Free Mail" === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.677 / Virus Database: 439 - Release Date: 5/4/2004
RE: [squid-users] Yahoo / MSN Audio Chat through Squid Proxy
> > Hi, > > Yahoo messenger or MSN messenger gives audio/webcam chat > facility which > does not work through Squid Proxy server. Is there any > solution through > squid.conf where autio/webcam chat works fine? Note that SQUID deals with http proxying only. If these apps. do not use http , or can not be http-proxied then you are out of luck. M.
[squid-users] Yahoo / MSN Audio Chat through Squid Proxy
Hi, Yahoo messenger or MSN messenger gives audio/webcam chat facility which does not work through Squid Proxy server. Is there any solution through squid.conf where autio/webcam chat works fine? -- S.M. Thakor, Manager, Information Systems Dept., M/s. GNFC Ltd., Bharuch, Gujarat, India, Fax : +91-2642-247002 Ext. 8328 Phone : +91-2642-237328 VMS : +91-2642-247002 Ext. 7328
RE: [squid-users] Cache Log Message
Is there any reason why you don't like the default value (10KB)? > -Original Message- > From: Gerard Fremaint [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 06, 2004 1:03 PM > To: [EMAIL PROTECTED] > Subject: [squid-users] Cache Log Message > > 2004/05/03 18:15:56| Request header is too large (4095 bytes) > 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes. > > I have this message even tough the request_header_max_size is set to 0, is > there anything I need to worry about ? Any way to make the message so that > it doesn't appear again ? >
RE: [squid-users] Cache Log Message
Is there any reason why you don't like the default value (10KB)? > -Original Message- > From: Gerard Fremaint [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 06, 2004 1:03 PM > To: [EMAIL PROTECTED] > Subject: [squid-users] Cache Log Message > > 2004/05/03 18:15:56| Request header is too large (4095 bytes) > 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes. > > I have this message even tough the request_header_max_size is set to 0, is > there anything I need to worry about ? Any way to make the message so that > it doesn't appear again ? >
RE: [squid-users] Cache Log Message
> > > 2004/05/03 18:15:56| Request header is too large (4095 bytes) > 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes. > > I have this message even tough the request_header_max_size is > set to 0, is > there anything I need to worry about ? Any way to make the > message so that > it doesn't appear again ? > > The comment in squid.conf.default for this parameter does not indicate that setting it to 0 means that it can be unlimited. On the other hand : making it not appear ,so to speak, does cloake a potential issue you may be suffering from. Denial of service attacks for instance. It would be better from a security viewpoint not to cloak the problem but to identify it. Normal browsers(browsing) and clients can not cause this. M.
Re: [squid-users] How to prevent to download files
No, it did not. Thanks Remus > oups.. > > sorry i misunderstood your question.. > maybe you can try this: > > acl justdowloadthisfiles urlpath_regex -i "/etc/squid/justdowloadthisfiles" > acl nodowloadthisfiles urlpath_regex -i "/etc/squid/nodowloadthisfiles" > http_access deny !justdowloadthisfiles nodowloadthisfiles > > i think this will work.. > > Regards > Tolga > > > -Original Message- > From: Tolga YAMAN [mailto:[EMAIL PROTECTED] > Sent: Friday, April 30, 2004 6:37 PM > To: Remus; [EMAIL PROTECTED] > Subject: RE: [squid-users] How to prevent to download files > > > acl nodownloadfiles urlpath_regex -i "/etc/squid/anyfilename" > http_access deny nodownloadfiles > > insert this 3 lines to your "/etc/squid/anyfilename" file > > -cut-- > \.pdf$ > \.doc$ > \.xls$ > -cut-- > > Regards > Tolga > > > -Original Message- > From: Remus [mailto:[EMAIL PROTECTED] > Sent: Friday, April 30, 2004 5:53 PM > To: [EMAIL PROTECTED] > Subject: [squid-users] How to prevent to download files > > > > Hi folks, > > What kind of acl rule I have to use to prevent users to download all files, > except the .pdf, .doc, and .xls? > > Thanks in advance > > Remus > > > > > >
[squid-users] samba configuration for winbind
Hello, I'd like to make my users being authenticated with theirs AD accounts. I am using squid 2.5STABLE.5, samba 3.0.2a, and AD is on W2000 servers. To do this, do i need to compile samba with the option "--with-ads" in addition to "--with-winbind -with-winbind-auth-challenge" (and maybe other) and then have 'security=ads" in the smb.conf, OR just "have "--with-winbind -with-winbind-auth-challenge" and security = domain" in the smb.conf. Thanks by advance. Lionel --
[squid-users] MYSQL auth
hi can i know how to use MYSQL auth. --- Best Regards Liew Toh Seng Icq No: >> 36835809 << MSN: >> [EMAIL PROTECTED] << * .--. * |o_o | * |:_/ | * // * (| | ) * /'\_ _/` The Internet Solution Company * \___)=(___ My Directory Sdn Bhd
[squid-users] Cache Log Message
2004/05/03 18:15:56| Request header is too large (4095 bytes) 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes. I have this message even tough the request_header_max_size is set to 0, is there anything I need to worry about ? Any way to make the message so that it doesn't appear again ?
RE: [squid-users] Re: VirusWall and Squid ACL
Hi Norman, Make sure the Interscan already running on port 80. Go to the http://x.x.x.x:1812/httpscan.cgi and check the "InterScan HTTP Proxy port (connects to browser)" value. And check whether your Interscan already started or not http://x.x.x.x:1812/isswitch.cgi Actually, you may test from your browser client by passing squid. Simply configure you client browser to your proxy IP Address with the Interscan port (80). If this doesn't work then your interscan is not running. Regards, herman -Original Message- From: Norman Zhang [mailto:[EMAIL PROTECTED] Sent: Thursday, May 06, 2004 6:05 AM To: [EMAIL PROTECTED] Cc: Herman (ISTD) Subject: [squid-users] Re: VirusWall and Squid ACL Hi Herman, Herman (ISTD) wrote: > I have installed Interscan Viruswall and Squid on the same box. It > worked perfectly though in Trial version, automatic virus pattern update > cannot work. My squid is running on 3128 port, and my Interscan is > running on 80 port. Just redirect squid request to Interscan using > cache_peer 127.0.0.1 parent 80 7 default no-query. Make sure httpd is > not running on port 80. I addeded cache_peer 127.0.0.1 parent 80 7 default no-query to /etc/squid/squid.conf and specify VirusWall to use Original HTTP server location: Other (server and port): 127.0.0.1 80 but I'm seeing the following error in /var/log/squid/cache.log 2004/05/05 15:51:41| Detected REVIVED Parent: 127.0.0.1/80/7 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed 2004/05/05 15:54:23| Detected DEAD Parent: 127.0.0.1/80/7 My /etc/squid/squid.conf is as follows. May I ask what am I doing wrong? Regards, Norman cache_mgr [EMAIL PROTECTED] hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_mem 16 MB cache_dir ufs /var/spool/squid 200 16 256 cache_peer 127.0.0.1 parent 80 7 default no-query ftp_user [EMAIL PROTECTED] auth_param ntlm program /usr/lib/squid/wb_ntlmauth auth_param ntlm children 5 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group acl ProxyUsers external NT_global_group ProxyUsers acl authusrs proxy_auth REQUIRED acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl webmin port 1 2 # webmin, usermin acl CONNECT method CONNECT acl localnet dst 192.168.11.0/26 192.168.22.0/25 acl arkonweb dst 207.34.136.4 207.34.136.5 207.34.136.7 acl pdfgrab browser WebCapture acl realplay browser RealMedia acl ssread browser SSDOWNLOAD acl ssread browser SSREADER http_access allow manager localhost http_access deny manager http_access allow CONNECT webmin http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow arkonweb http_access allow pdfgrab http_access allow realplay http_access allow ssread http_access allow authusrs ProxyUsers http_access allow localhost http_access deny all icp_access allow all >>-Original Message- >>From: Norman Zhang [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, May 04, 2004 9:11 AM >>To: [EMAIL PROTECTED] >>Subject: [squid-users] VirusWall and Squid ACL >> >>TrendMicro recommends that I need to setup 2 Squid Proxies with >>VirusWall in order for it to work with Squid's ACL mechanism >>(http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=8496 ). >>Client ---> Proxy#1 (Squid) ---> InterScan VirusWall ---> Proxy#2 ---> >>Internet >> >>But searching the archives, it looks like users are able to use >>VirusWall with just 1 Squid Proxy Server on the same box. May I ask >>what's which setup should I go for? I'm using squid-2.5.STABLE2-2mdk >>and Interscan VirusWall 3.81.
[squid-users] Squid + TCP Connection
Hi everyone! I have a network setup such that my router will only throw dest port 80 & 8080 traffic to my squid server. Squid is listening to port 80 and 8080 only. I've got an acl that deny the CONNECT method for being used for all ports except 443. When I do a netstat I found out that: myserverip:44271 202.103.8.114:4365 where 203.103.8.114 is ftp1.tvdown.com The strange thing is that I cannot see any mention of this IP or domain inside access.log. Is there a possibility that the server is compromise? _ Take a break! Find destinations on MSN Travel. http://www.msn.com.sg/travel/
[squid-users] A weird problem
Hi, Squid stable version 5 was working fine with the redirector for quite sometime but then suddenly one day, the request from squid was not reaching the redirector. The squid's log(in debug mode) said that it had passed on the request to the redirector(helperSubmit message) but the redirector was not logging and message and the squid request was getting hung. I tried reinstalling the whole thing but the problem persisted. A fresh installation on a similar system configuration worked though. Squid is set up on RedHat linux 8.0 and gcc 3.2. The OS was not tampered with either in the meanwhile. Could you kindly tell me what the problem could be. Does Squid have any system level dependencies? Regards, Deepa Yahoo! India Matrimony: Find your partner online. http://yahoo.shaadi.com/india-matrimony/
RE: [squid-users] Error while retrieving Sites [HITCON VIRUS CHECK: OK]
> > Hi there! > > First of all: I am really new in this mailing list and i dont > know if my > problem fits in here, so if not: excuse me! ;-) > I installed squid a few days ago and combined it with squid > guard to an > URL filter.. > everything worked fine for me... than i implemented the proxy into > another subnet ( of course i altered the config files for the > new net! ) > but since that day i allways get an error message while > trying to visit any > website: > > the requested url could not be retrieved > > While trying to retrieve the URL: / > > The following error was encountered: > Invalid URL > > > Some aspect of the requested URL is incorrect. Possible problems: > Missing or incorrect access protocol (should be `http://'' or > similar) > Missing hostname > Illegal double-escape in the URL-Path > Illegal character in hostname; underscores are not allowed > > why does squid alter the URL to an / ??? > Are you using transp. proxying ? If so check : http://www.squid-cache.org/Doc/FAQ/FAQ-17.html Take a look at item 2. M.
[squid-users] Error while retrieving Sites [HITCON VIRUS CHECK: OK]
Hi there! First of all: I am really new in this mailing list and i dont know if my problem fits in here, so if not: excuse me! ;-) I installed squid a few days ago and combined it with squid guard to an URL filter.. everything worked fine for me... than i implemented the proxy into another subnet ( of course i altered the config files for the new net! ) but since that day i allways get an error message while trying to visit any website: the requested url could not be retrieved While trying to retrieve the URL: / The following error was encountered: Invalid URL Some aspect of the requested URL is incorrect. Possible problems: Missing or incorrect access protocol (should be `http://'' or similar) Missing hostname Illegal double-escape in the URL-Path Illegal character in hostname; underscores are not allowed why does squid alter the URL to an / ??? thanks in advance for your help! HITCON AG Maik Linnemann Gartenstrasse 208 48147 Münster 0251/2801-206 (Phone) 0251/2801-280 (Fax) 0170/6364123 (Mobil) Mail: [EMAIL PROTECTED] http://www.hitcon.de
Re: [squid-users] Blocking Porn sites....
Thank's.. David Kandou ---Original Message--- From: Henrik Nordstrom Date: Thursday, May 06, 2004 1:13:28 PM To: David Kandou Cc: [EMAIL PROTECTED] Subject: Re: [squid-users] Blocking Porn sites On Thu, 6 May 2004, David Kandou wrote: > How to block porn site like : > http://sanggrahan.org > http://66.98.190.156 > > in squid conf i wrote : > > acl xxx1 dstdomian "/tmp/forbidden_url.txt" dstdomain, not dstdomian.. and this matches destination hosts, not URLs. acl xxx1 dstdomain "/tmp/forbidden_domains.txt" you also need acl xxx2 dst "/tmp/forbiden_ips.txt" in forbidden_hosts.txt you enter the hosts and/or domain names you block access to. www.playboy.com blocks the host www.playboy.com, .playboy.com (note the leading dot) blocks the whole domain playboy.com including the host playboy.com. > http_access deny xxx1 and also add http_access deny xxx2 Regards Henrik .
RE: [squid-users] assertion failed
Well page gets open but the associated link http://sourceforge.net/tracker/index.php?func=detail&aid=651877&group_id=477 37&atid=450621 is not opening kindly if u tell me the details how to invoke this and where is squid-icap Regards, Danish Khan -Original Message- From: Murugan [mailto:[EMAIL PROTECTED] Sent: Thursday, May 06, 2004 12:14 PM To: [EMAIL PROTECTED] Subject: Re: [squid-users] assertion failed visit this link http://www.squid-cache.org/mail-archive/squid-users/200309/0849.html Regrads -Murugan - Original Message - From: "Danish Khan" <[EMAIL PROTECTED]> To: "'Henrik Nordstrom'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, May 06, 2004 11:58 AM Subject: [squid-users] assertion failed > > My squid almost dies after every 15 mins giving the below error. > > assertion failed: errorpage.c:292: "mem->inmem_hi == 0" > > Using squid stable 5 on Sun Linux. I have found its patch kindly tell me how > to apply its patch. > > > Danish khan > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.670 / Virus Database: 432 - Release Date: 4/27/2004
Re: [squid-users] assertion failed
visit this link http://www.squid-cache.org/mail-archive/squid-users/200309/0849.html Regrads -Murugan - Original Message - From: "Danish Khan" <[EMAIL PROTECTED]> To: "'Henrik Nordstrom'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, May 06, 2004 11:58 AM Subject: [squid-users] assertion failed > > My squid almost dies after every 15 mins giving the below error. > > assertion failed: errorpage.c:292: "mem->inmem_hi == 0" > > Using squid stable 5 on Sun Linux. I have found its patch kindly tell me how > to apply its patch. > > > Danish khan > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.670 / Virus Database: 432 - Release Date: 4/27/2004
RE: [squid-users] xdr_string: out of memory
>would a kernel upgrade help here? Maybe, provided your problem is not hardware related. M.