RE: [squid-users] parseHttpRequest: Unsupported method

[Elsen Marc]

 
> 
> Hi, I keep seeing these messages in my cache.log file.
> Access.log shows that they all come from one client IP 
> address who is behind a NAT with 65 PCS.
> So it is almost impossible to identify the culprit PC.
> What could be the cause/solution? Is there something I can block?
> 
> 
> 2004/05/07 09:10:45| clientReadRequest: FD 510 Invalid Request
> 2004/05/07 09:10:57| parseHttpRequest: Unsupported method 
> '@D}ÃtÃÃdÂÃDÃÅÃÃCÃÃkÃÃÃNÂrâÃÂFÃÃÃÂÂ>ÃnÃÂ
Ã%âËÃyÃ]FÃGdâMÂB&B
> 
 
 Well, someone is sending 'real bogus' http (stream(s)) to your squid, or
more so to speak :  complete corrupted stuff.
You'll have to identify the source in some way. You can not block
if you do not know who to block, or if only one ip address only arrives
at SQUID (indeed).

M.

[squid-users] parseHttpRequest: Unsupported method

[Hari Kurup]

Hi, I keep seeing these messages in my cache.log file.
Access.log shows that they all come from one client IP address who is behind a NAT 
with 65 PCS.
So it is almost impossible to identify the culprit PC.
What could be the cause/solution? Is there something I can block?


2004/05/07 09:10:45| clientReadRequest: FD 510 Invalid Request
2004/05/07 09:10:57| parseHttpRequest: Unsupported method 
'@D}ÃtÃÃdÂÃDÃÅÃÃCÃÃkÃÃÃNÂrâÃÂFÃÃÃÂÂ>ÃnÃÂ
Ã%âËÃyÃ]FÃGdâMÂB&B

'
2004/05/07 09:10:57| clientReadRequest: FD 740 Invalid Request
2004/05/07 09:11:40| parseHttpRequest: Requestheader contains NULL characters
2004/05/07 09:11:40| clientReadRequest: FD 908 Invalid Request
2004/05/07 09:11:43| parseHttpRequest: Unsupported method 
'ÃQÂÂ0âÃÃÂÂ1Ã:Ã/Ã5YsJC

'
2004/05/07 09:11:43| clientReadRequest: FD 637 Invalid Request
2004/05/07 09:13:24| parseHttpRequest: Unsupported method 
'ÂÃÃyÃÂDÃgoyh%@)2~OÃXÃ\âAÃÂpÂË
Ã?ÃoÂwÅbâÃqÃÃf1ÃvGÃÃÃ0|ÃR

'
2004/05/07 09:13:24| clientReadRequest: FD 673 Invalid Request
2004/05/07 09:13:33| parseHttpRequest: Unsupported method '[EMAIL PROTECTED]: FD 1626 
Invalid Request
2004/05/07 09:13:34| parseHttpRequest: Unsupported method 'ÂÃÃ

[squid-users] parseHttpRequest: Unsupported method

[Hari Kurup]

Hi, I keep seeing these messages in my cache.log file.
Access.log shows that they all come from one client IP address who is behind a NAT 
with 65 PCS.
So it is almost impossible to identify the culprit PC.
What could be the cause/solution? Is there something I can block?


2004/05/07 09:10:45| clientReadRequest: FD 510 Invalid Request
2004/05/07 09:10:57| parseHttpRequest: Unsupported method 
'@D}ÃtÃÃdÂÃDÃÅÃÃCÃÃkÃÃÃNÂrâÃÂFÃÃÃÂÂ>ÃnÃÂ
Ã%âËÃyÃ]FÃGdâMÂB&B

'
2004/05/07 09:10:57| clientReadRequest: FD 740 Invalid Request
2004/05/07 09:11:40| parseHttpRequest: Requestheader contains NULL characters
2004/05/07 09:11:40| clientReadRequest: FD 908 Invalid Request
2004/05/07 09:11:43| parseHttpRequest: Unsupported method 
'ÃQÂÂ0âÃÃÂÂ1Ã:Ã/Ã5YsJC

'
2004/05/07 09:11:43| clientReadRequest: FD 637 Invalid Request
2004/05/07 09:13:24| parseHttpRequest: Unsupported method 
'ÂÃÃyÃÂDÃgoyh%@)2~OÃXÃ\âAÃÂpÂË
Ã?ÃoÂwÅbâÃqÃÃf1ÃvGÃÃÃ0|ÃR

'
2004/05/07 09:13:24| clientReadRequest: FD 673 Invalid Request
2004/05/07 09:13:33| parseHttpRequest: Unsupported method '[EMAIL PROTECTED]: FD 1626 
Invalid Request
2004/05/07 09:13:34| parseHttpRequest: Unsupported method 'ÂÃÃ

Re: [squid-users] Re: VirusWall and Squid ACL

[Muthukumar]

>
> cache_peer 127.0.0.1 parent 80 7 default no-query
Is UDP echo port enabled in 127.0.0.1 (localhost) /etc/inetd.conf file.

> acl binaries urlpath_regex -i \.exe$ \.zip$ \.vbs$ \.gz$
> cache_peer_access 127.0.0.1 allow binaries
> never_direct allow binaries
>

Regards,
Muthukumar.



---
===  It is a "Virus Free Mail" ===
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.677 / Virus Database: 439 - Release Date: 5/4/2004

RE: [squid-users] Squid <> Squidguard

[Elsen Marc]

 
> 
> 
> Dear all,
> 
> Can  somebody tell me what difference of Squid and 
> squidguard, do i have to
> install squid and squidguard in the same time.
> 
 
  Squidguard is only a redirector which can be used in combination with
SQUID to do site filtering (e.g.). However squidguard is only
an 'option' if you are looking for blocking material. Squid's ACL mechanisms
are equally powerfull.

You don't need squidguard for getting a 'working squid'.

M.

RE: [squid-users] fatal error false alarm

[Elsen Marc]

 
> 
> Greetings List,
> 
> I have received two of the following emails from my squid 
> server, but in
> both cases I have not noticed any problems with the system.  
> No disruption
> in service or anything in cache.log.
> 
> Is this a known issue or something I should be concerned 
> about?  Is there
> something I should look for if / when this happens again?
> 
> Squid Cache: Version 2.5.STABLE4-20040104
> configure options:  --enable-storeio=ufs,aufs,diskd --enable-snmp
> SuSE Linux 8.0 (i386)
> VERSION = 8.0
> 
> 
> The email:
> 
> From: squid
> To: [EMAIL PROTECTED]
> Subject: The Squid Cache (version 2.5.STABLE4-20040104) died.
> 
> You've encountered a fatal error in the Squid Cache version
> 2.5.STABLE4-20040104.
> If a core file was created (possibly in the swap directory),
> please execute 'gdb squid core' or 'dbx squid core', then 
> type 'where',
> and report the trace back to [EMAIL PROTECTED]
> 
> Thanks!
> 

 Well, I doubt the error as it states by itself is false : examine cache.log
 carefully, look for the string "FATAL" possibly using a 'search tool' so to speak
 
 M.

 

[squid-users] Squid <> Squidguard

[David Kandou]

Dear all,
Can  somebody tell me what difference of Squid and squidguard, do i have to
install squid and squidguard in the same time.
 
What i get if i install squidguards ??? 
 
Regards,
David Kandou
 
 

[squid-users] Re: VirusWall and Squid ACL

[Norman Zhang]

Hi Herman,

Make sure the Interscan already running on port 80.
Go to the http://x.x.x.x:1812/httpscan.cgi and check the "InterScan HTTP
Proxy port (connects to browser)" value.
And check whether your Interscan already started or not
http://x.x.x.x:1812/isswitch.cgi
I can verify that VirusWall (both Squid and VirusWall are on the same 
box) is setup to

InterScan HTTP Proxy port (connects to browser): 80
Original HTTP server location:
  InterScan acts as proxy itself.
x Other (server and port): 127.0.0.1 80
Actually, you may test from your browser client by passing squid. Simply
configure you client browser to your proxy IP Address with the Interscan
port (80). If this doesn't work then your interscan is not running.
However when I tried to go to the internet through http://x.x.x.x:80, I 
see no reply. But /var/log/iscan/log.2004.05.06 does show my attempted 
connection,

05/06/2004 17:08:53 http[6683]: connection from 127.0.0.1, "GET 
http://www.slashdot.org/ HTTP/1.0"
05/06/2004 17:08:53 http[6679]: connection from 127.0.0.1, "GET 
http://www.slashdot.org/ HTTP/1.0"

I'm not sure if it is getting out. I've also added the following lines 
to squid.conf. May I ask what am I doing wrong?

cache_peer 127.0.0.1 parent 80 7 default no-query
acl binaries urlpath_regex -i \.exe$ \.zip$ \.vbs$ \.gz$
cache_peer_access 127.0.0.1 allow binaries
never_direct allow binaries
Regards,
Norman

[squid-users] NCSA authentication

[Simon Walters]

Hi, how do I allow some users and deny others when I'm using NCSA to authenticate?

Thanks,
Simon
-- 
__
Check out the latest SMS services @ http://www.linuxmail.org 
This allows you to send and receive SMS through your mailbox.


Powered by Outblaze

[squid-users] Re: multiple requests to authenticate

[Adam Aube]

Raymond Norton wrote:

> We run squid with ncsa_auth on a number of IPCop boxes with dansguardian
> installed. Normally, when a user logs in they do not need to authenticate
> again unless they open another browser window. I am getting complaints
> from one school that they are being asked to reauthenticate multiple times
> per session now.

This is more commonly seen with NTLM, not basic. Check the stats in Cache
Manager - are your auth helpers overloaded?

I assume you already checked the basics (using correct password, caps lock
is off, login prompt is for proxy - not a remote web site, etc).

What browser & version? Some versions of IE are broken in this regard. See
the Squid Authentication FAQ for more info on that.

> As long as I'm at it I would like to modify my config (if possible), so
> users only need to login once per session, no matter how many windows they
> have open.  

How and when the user is prompted for login credentials is a browser issue,
not a Squid issue. You would have to talk to your browser vendor about it.

Adam

[squid-users] multiple requests to authenticate

[Raymond Norton]

We run squid with ncsa_auth on a number of IPCop boxes with dansguardian
installed. Normally, when a user logs in they do not need to authenticate
again unless they open another browser window. I am getting complaints from
one school that they are being asked to reauthenticate multiple times per
session now. Is there something I can add to my squid.conf that will
eliminate this? As long as I'm at it I would like to modify my config (if
possible), so users only need to login once per session, no matter how many
windows they have open.




Raymond Norton
LCTN
[EMAIL PROTECTED]


To Infinity and beyond!

--Buzz Lightyear

[squid-users] RE: Re: Confused about autenthication

[Adam Aube]

Prash wrote:

> or use PAM.
> Set your squid to do a pam_auth on the same server.
> Set that server to host accounts on ldap (see pam with ldap). This ldap DB
> can sit anywhere and you can use TLS or SSL.

This still wouldn't encrypt the password between the client and the proxy.

Adam

RE: [squid-users] Re: Confused about autenthication

[Prash]

or use PAM.
Set your squid to do a pam_auth on the same server.
Set that server to host accounts on ldap (see pam with ldap). This ldap DB
can sit anywhere and you can use TLS or SSL.

So your architecture would be:-
Server1 -> Squid  + pam_auth
Server1 -> Set PAM to auth via LDAP to server2 using TLS/SSL
(/etc/ldap.conf)

Server2 -> LDAP DB (posixAccount and posixGroup)

(The only drawback is all the ldap users become server1's login accounts but
you can get around that)

-Original Message-
From: news [mailto:[EMAIL PROTECTED] Behalf Of Adam Aube
Sent: 06 May 2004 20:43
To: [EMAIL PROTECTED]
Subject: [squid-users] Re: Confused about autenthication


Carlos Martínez-Troncoso Cera wrote:

> I want to authenticate my users against my LDAP Sun One Directory Server
> 5.1 when they want to use my squid 2.5 stable5 and I want encrypted
> passwords

Unfortunately, there is no "out of the box" solution. LDAP integration in
Squid is only supported with basic authentication, and basic authentication
sends the password cleartext over the network to the proxy.

What you can do is use Stunnel (or a similar program) to setup an encrypted
channel between the clients and the proxy server. The username and password
will travel over this channel and be encrypted in transit.

Adam

[squid-users] Re: Confused about autenthication

[Adam Aube]

Carlos Martínez-Troncoso Cera wrote:

> I want to authenticate my users against my LDAP Sun One Directory Server
> 5.1 when they want to use my squid 2.5 stable5 and I want encrypted
> passwords

Unfortunately, there is no "out of the box" solution. LDAP integration in
Squid is only supported with basic authentication, and basic authentication
sends the password cleartext over the network to the proxy.

What you can do is use Stunnel (or a similar program) to setup an encrypted
channel between the clients and the proxy server. The username and password
will travel over this channel and be encrypted in transit.

Adam

Re: [squid-users] MYSQL auth

[Hegedüs Ervin]

hello,

> can i know how to use MYSQL auth.

yep,

what do you want to know about that?

pls define your question exactly.


a.

Re: [squid-users] Confused about autenthication

[Tim Neto]

Hello Carlos,

I am using Squid 2.5 STABLE 5 and authenticating against SunONE 
Directory 5.1/5.2.   Here is a snipet of my Squid config for you.  Give 
it a try.

For user authentication use something like:

   auth_param basic program /usr/lib/squid/squid_ldap_auth -h
   myldapserver.domain.net -p 389 -P -b o=domain -f "uid=%s"
   Use an ACL - Access structure like:

   acl manager proto cache_object
   acl my_users proxy_auth REQUIRED
   acl my_networks src 192.168.1.0/24
   http_access allow manager my_users my_networks

For group authentication/control use something like:

   external_acl_type ldap_group %LOGIN /usr/lib/squid/squid_ldap_group
   -h myldapserver.domain.net -p 389 -P -b o=domain  -F "uid=%s" -f
   "(&(cn=%g)(uniquemember=%u)(objectClass=groupOfUniqueNames))"
   Use an ACL - Access structure like:

   acl my_networks src 192.168.1.0/24
   acl proxy_group external ldap_group proxy
   http_access allow my_networks proxy_group

As to the encryption of the passwords, I'm not sure here.  The browser 
would have to send the encrpyted password.   I know my LDAP server's 
passwords are encrypted.   My users are able to authenticate.  So...

Henrik might be able to answer the encryption question better.  He was 
very helpful when I was first setting up Squid here initially.

Thanks to everyone on this mailing list.

Tim

--
Timothy E. Neto
Computer Systems Engineer  Komatsu Canada Limited
Ph#: 905-625-6292 x265 1725B Sismet Road
Fax: 905-625-6348  Mississauga, Ontario, Canada
E-Mail: [EMAIL PROTECTED]   L4W 1P9
--


Carlos Martínez-Troncoso Cera wrote:

Hello everybody.
I want to authenticate my users against my LDAP Sun One Directory 
Server 5.1 when they want to use my squid 2.5 stable5 and I want 
encrypted passwords, reading about it I found that winbind is the 
solution, but with winbind I need a NT server (I don´t like this...) 
How do I do this, what authenticathion schema can I use?
Thanks a lot.

[squid-users] fatal error false alarm

[nospam]

Greetings List,

I have received two of the following emails from my squid server, but in
both cases I have not noticed any problems with the system.  No disruption
in service or anything in cache.log.

Is this a known issue or something I should be concerned about?  Is there
something I should look for if / when this happens again?

Squid Cache: Version 2.5.STABLE4-20040104
configure options:  --enable-storeio=ufs,aufs,diskd --enable-snmp
SuSE Linux 8.0 (i386)
VERSION = 8.0


The email:

From: squid
To: [EMAIL PROTECTED]
Subject: The Squid Cache (version 2.5.STABLE4-20040104) died.

You've encountered a fatal error in the Squid Cache version
2.5.STABLE4-20040104.
If a core file was created (possibly in the swap directory),
please execute 'gdb squid core' or 'dbx squid core', then type 'where',
and report the trace back to [EMAIL PROTECTED]

Thanks!



Thanks for any suggestions or comments.

-Grant

[squid-users] Confused about autenthication

[Carlos Martínez-Troncoso Cera]

Hello everybody.
I want to authenticate my users against my LDAP Sun One Directory Server 
5.1 when they want to use my squid 2.5 stable5 and I want encrypted 
passwords, reading about it I found that winbind is the solution, but 
with winbind I need a NT server (I don´t like this...) How do I do this, 
what authenticathion schema can I use?
Thanks a lot.

--
Carlos Martínez-Troncoso Cera
Coordinador de Servicios Internet/Intranet
Universidad del Norte
Barranquilla, Colombia
Tel: 57 5 3509367

RE: [squid-users] Proxy.pac Port

[David Brodbeck]

> -Original Message-
> From: Matt [mailto:[EMAIL PROTECTED]

> function FindProxyForURL(url, host)
>   {
>   if (url.substring(0, 5) == "http:") {
> return "PROXY my.proxy:8080";
>   }
>   else {
> return "DIRECT";
>   }
>   }
> 
> for instance the above wont work.  If it has an "http:" in url it gets
> redirected.  What if someone enters www.mydomain.com I still 
> want it to go.

It will still go.  "www.mydomain.com" is converted to
"http://www.mydomain.com/"; in the browser, before the proxy sees it.  It
isn't a valid URL on its own.  I use the construction you show above and it
works fine.

> And if someone enters www.mydomain.com:8080 I do not want it to go.

This is a genuine problem, though.

RE: [squid-users] Squid stops with a 131 MB access.log

[Elsen Marc]

 
> 
> Conectiva Linux 8 Kernel 2.4.18  (Conectiva is a Brazilian 
> distribution based on Red Hat)
> 
> For the second time in less than one month, my Squid stops 
> when the access.log reaches 131 MB
> There is some limitation in log file sizes? (Pentium III-500, 
> 128 RAM, /var with 3.6 GB free)
> 
 
  -  How does SQUID 'stop' in your terms ?
  -  Does the SQUID process disappear ?
  -  What are the last logged lines in cache.log when this happens ?

  M.

[squid-users] Re: How to prevent to download files

[Adam Aube]

Remus wrote:

> What kind of acl rule I have to use to prevent users to download all
> files, except the .pdf, .doc, and .xls?

Are you aware that if you only allow those three extenstions, you will
prevent normal web browsing? This is because, to Squid, both browsing and
downloading are simply HTTP requests for various URLs.

However, if you still want to do this, this will do what you want:

acl allow_files urlpath_regex -i \.pdf$ \.doc$ \.xls$
http_access deny !allow_files

Adam

[squid-users] Squid stops with a 131 MB access.log

[Flavio Borup]

Conectiva Linux 8 Kernel 2.4.18  (Conectiva is a Brazilian distribution based on Red 
Hat)

For the second time in less than one month, my Squid stops when the access.log reaches 
131 MB
There is some limitation in log file sizes? (Pentium III-500, 128 RAM, /var with 3.6 
GB free)

My logrotate does not work (when i use logrotate with debug, state that 
logrotate.status could not be fond, but the file was there, with chmod 777)

I do a squid -k rotate and the logs were roatetd correctly

Someone can send me a sample of a logrotate.conf/logrotate.d/squid files?

RE: [squid-users] Yahoo / MSN Audio Chat through Squid Proxy

[Mueller, Rex]

You'll need to put an access list in the router that allowsto do a pass through. 
Rather then run through the proxy.  Audio doesn't play by the same rules.. Make sure 
all your Microsoft products are current on security patches..  

We've had to do similar things with libraries.

Messenger relies on a stateful connection, it uses TCP rather then UDP, sending ACK's 
back to a proxy doesn't get it to it correct destination, but that is what messenger 
thinks is the destination. 
Bypass proxy on these and you should be ok. 

PORT 1823 
MSN Messenger 1863  instant messenging *. NOTE: For file transfer or voice chat ports 
and NAT information for Messenger 3 see MS Support article Q278887. For Messenger 4 
see the detailed document on Windows Messenger XP

Yahoo Messenger - Voice Chat 5000-5001 5000-5010 voice chat 

Yahoo Messenger - messages 5050  messaging. NOTE: It will try ports 5050, 80, any port.

Yahoo Messenger - Webcams 5100  video



=
Rex Mueller - Systems and Security Engineer
ESU#3 
6949 S 110th Street
LaVista, Nebraska 68128 
rmueller at esu3 dot org 
=

-Original Message-
From: Mr. S M Thakor [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 06, 2004 7:11 AM
To: Squid
Subject: [squid-users] Yahoo / MSN Audio Chat through Squid Proxy

Hi,

Yahoo messenger or MSN messenger gives audio/webcam chat facility which
does not work through Squid Proxy server. Is there any solution through
squid.conf where autio/webcam chat works fine?
--
S.M. Thakor,
Manager, Information Systems Dept.,
M/s. GNFC Ltd., Bharuch, Gujarat, India,
Fax    : +91-2642-247002 Ext. 8328
Phone  : +91-2642-237328
VMS    : +91-2642-247002 Ext. 7328
 

Re: [squid-users] How to prevent to download files

[Muthukumar]

> >
> > What kind of acl rule I have to use to prevent users to download all
> files,
> > except the .pdf, .doc, and .xls?
> >

Check this.

acl prevent-dl urlpath_regex -i \.pdf$ \.doc$ \.xls$
.
.
http_access deny prevent-dl

Regards,
Muthukumar.



---
===  It is a "Virus Free Mail" ===
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.677 / Virus Database: 439 - Release Date: 5/4/2004

RE: [squid-users] Yahoo / MSN Audio Chat through Squid Proxy

[Elsen Marc]

 
> 
> Hi,
> 
> Yahoo messenger or MSN messenger gives audio/webcam chat 
> facility which
> does not work through Squid Proxy server. Is there any 
> solution through
> squid.conf where autio/webcam chat works fine?
 
  Note that SQUID deals with http proxying only.
 
  If these apps. do not use http  , or can not be http-proxied then
  you are out of luck.

  M.

[squid-users] Yahoo / MSN Audio Chat through Squid Proxy

[Mr. S M Thakor]

Hi,

Yahoo messenger or MSN messenger gives audio/webcam chat facility which
does not work through Squid Proxy server. Is there any solution through
squid.conf where autio/webcam chat works fine?
--
S.M. Thakor,
Manager, Information Systems Dept.,
M/s. GNFC Ltd., Bharuch, Gujarat, India,
Fax    : +91-2642-247002 Ext. 8328
Phone  : +91-2642-237328
VMS    : +91-2642-247002 Ext. 7328
 

RE: [squid-users] Cache Log Message

[Hari Kurup]

Is there any reason why you don't like the default value (10KB)?


> -Original Message-
> From: Gerard Fremaint [mailto:[EMAIL PROTECTED]
> Sent: Thursday, May 06, 2004 1:03 PM
> To: [EMAIL PROTECTED]
> Subject: [squid-users] Cache Log Message
> 
> 2004/05/03 18:15:56| Request header is too large (4095 bytes)
> 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes.
> 
> I have this message even tough the request_header_max_size is set to 0, is
> there anything I need to worry about ? Any way to make the message so that
> it doesn't appear again ?
> 

RE: [squid-users] Cache Log Message

[Hari Kurup]

Is there any reason why you don't like the default value (10KB)?


> -Original Message-
> From: Gerard Fremaint [mailto:[EMAIL PROTECTED]
> Sent: Thursday, May 06, 2004 1:03 PM
> To: [EMAIL PROTECTED]
> Subject: [squid-users] Cache Log Message
> 
> 2004/05/03 18:15:56| Request header is too large (4095 bytes)
> 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes.
> 
> I have this message even tough the request_header_max_size is set to 0, is
> there anything I need to worry about ? Any way to make the message so that
> it doesn't appear again ?
> 

RE: [squid-users] Cache Log Message

[Elsen Marc]

  
> 
> 
> 2004/05/03 18:15:56| Request header is too large (4095 bytes)
> 2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes.
> 
> I have this message even tough the request_header_max_size is 
> set to 0, is 
> there anything I need to worry about ? Any way to make the 
> message so that 
> it doesn't appear again ? 
> 
> 
  The comment in squid.conf.default for this parameter does not indicate
 that setting it to 0 means that it can be unlimited.

 On the other hand : making it not appear ,so to speak, does cloake
 a potential issue you may be suffering from. Denial of service
 attacks for instance.

 It would be better from a security viewpoint not to cloak the problem
 but to identify it. Normal browsers(browsing) and clients can not cause this.

 M.

Re: [squid-users] How to prevent to download files

[Remus]

No, it did not.

Thanks

Remus

> oups..
>
> sorry i misunderstood your question..
> maybe you can try this:
>
> acl justdowloadthisfiles urlpath_regex -i
"/etc/squid/justdowloadthisfiles"
> acl nodowloadthisfiles urlpath_regex -i "/etc/squid/nodowloadthisfiles"
> http_access deny !justdowloadthisfiles nodowloadthisfiles
>
> i think this will work..
>
> Regards
> Tolga
>
>
> -Original Message-
> From: Tolga YAMAN [mailto:[EMAIL PROTECTED]
> Sent: Friday, April 30, 2004 6:37 PM
> To: Remus; [EMAIL PROTECTED]
> Subject: RE: [squid-users] How to prevent to download files
>
>
> acl nodownloadfiles urlpath_regex -i "/etc/squid/anyfilename"
> http_access deny nodownloadfiles
>
> insert this 3 lines to your "/etc/squid/anyfilename" file
>
> -cut--
> \.pdf$
> \.doc$
> \.xls$
> -cut--
>
> Regards
> Tolga
>
>
> -Original Message-
> From: Remus [mailto:[EMAIL PROTECTED]
> Sent: Friday, April 30, 2004 5:53 PM
> To: [EMAIL PROTECTED]
> Subject: [squid-users] How to prevent to download files
>
>
>
> Hi folks,
>
> What kind of acl rule I have to use to prevent users to download all
files,
> except the .pdf, .doc, and .xls?
>
> Thanks in advance
>
> Remus
>
>
>
>
>
>

[squid-users] samba configuration for winbind

[lderuaz]

Hello,

I'd like to make my users being authenticated with theirs AD accounts.
I am using squid 2.5STABLE.5, samba 3.0.2a, and AD is on W2000 servers.

To do this, do i need to compile samba with the option "--with-ads" in addition 
to "--with-winbind -with-winbind-auth-challenge" (and maybe other) and then 
have 'security=ads" in the smb.conf, 

OR just "have "--with-winbind -with-winbind-auth-challenge" and security = 
domain" in the smb.conf.

Thanks by advance.

Lionel

-- 

[squid-users] MYSQL auth

[Liew Toh Seng]

hi
can i know how to use MYSQL auth.
 
---
Best Regards
Liew Toh Seng
Icq No: >> 36835809 <<
MSN: >> [EMAIL PROTECTED] <<
* .--.
* |o_o |
* |:_/ |
* //
* (| | )
* /'\_ _/` The Internet Solution Company
* \___)=(___   My Directory Sdn Bhd

[squid-users] Cache Log Message

[Gerard Fremaint]

2004/05/03 18:15:56| Request header is too large (4095 bytes)
2004/05/03 18:15:56| Config 'request_header_max_size'= 0 bytes.
I have this message even tough the request_header_max_size is set to 0, is 
there anything I need to worry about ? Any way to make the message so that 
it doesn't appear again ? 

RE: [squid-users] Re: VirusWall and Squid ACL

[Herman (ISTD)]

Hi Norman,

Make sure the Interscan already running on port 80.
Go to the http://x.x.x.x:1812/httpscan.cgi and check the "InterScan HTTP
Proxy port (connects to browser)" value.
And check whether your Interscan already started or not
http://x.x.x.x:1812/isswitch.cgi

Actually, you may test from your browser client by passing squid. Simply
configure you client browser to your proxy IP Address with the Interscan
port (80). If this doesn't work then your interscan is not running.

Regards,

herman

-Original Message-
From: Norman Zhang [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 06, 2004 6:05 AM
To: [EMAIL PROTECTED]
Cc: Herman (ISTD)
Subject: [squid-users] Re: VirusWall and Squid ACL

Hi Herman,

Herman (ISTD) wrote:
> I have installed Interscan Viruswall and Squid on the same box. It
> worked perfectly though in Trial version, automatic virus pattern
update
> cannot work. My squid is running on 3128 port, and my Interscan is
> running on 80 port. Just redirect squid request to Interscan using
> cache_peer 127.0.0.1 parent 80 7 default no-query. Make sure httpd is
> not running on port 80.

I addeded

cache_peer 127.0.0.1 parent 80 7 default no-query

to /etc/squid/squid.conf and specify VirusWall to use

Original HTTP server location:
   Other (server and port): 127.0.0.1 80

but I'm seeing the following error in /var/log/squid/cache.log

2004/05/05 15:51:41| Detected REVIVED Parent: 127.0.0.1/80/7
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| TCP connection to 127.0.0.1/80 failed
2004/05/05 15:54:23| Detected DEAD Parent: 127.0.0.1/80/7

My /etc/squid/squid.conf is as follows. May I ask what am I doing wrong?

Regards,
Norman

cache_mgr [EMAIL PROTECTED]
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_mem 16 MB
cache_dir ufs /var/spool/squid 200 16 256
cache_peer 127.0.0.1 parent 80 7 default no-query
ftp_user [EMAIL PROTECTED]
auth_param ntlm program /usr/lib/squid/wb_ntlmauth
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group

acl ProxyUsers external NT_global_group ProxyUsers
acl authusrs proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80  # http
acl Safe_ports port 21  # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70  # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl webmin port 1 2 # webmin, usermin
acl CONNECT method CONNECT
acl localnet dst 192.168.11.0/26 192.168.22.0/25
acl arkonweb dst 207.34.136.4 207.34.136.5 207.34.136.7
acl pdfgrab browser WebCapture
acl realplay browser RealMedia
acl ssread browser SSDOWNLOAD
acl ssread browser SSREADER

http_access allow manager localhost
http_access deny manager
http_access allow CONNECT webmin
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow arkonweb
http_access allow pdfgrab
http_access allow realplay
http_access allow ssread
http_access allow authusrs ProxyUsers
http_access allow localhost
http_access deny all

icp_access allow all

>>-Original Message-
>>From: Norman Zhang [mailto:[EMAIL PROTECTED]
>>Sent: Tuesday, May 04, 2004 9:11 AM
>>To: [EMAIL PROTECTED]
>>Subject: [squid-users] VirusWall and Squid ACL
>>
>>TrendMicro recommends that I need to setup 2 Squid Proxies with
>>VirusWall in order for it to work with Squid's ACL mechanism
>>(http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=8496
).
>>Client ---> Proxy#1 (Squid) ---> InterScan VirusWall ---> Proxy#2 --->
>>Internet
>>
>>But searching the archives, it looks like users are able to use
>>VirusWall with just 1 Squid Proxy Server on the same box. May I ask
>>what's which setup should I go for? I'm using squid-2.5.STABLE2-2mdk
>>and Interscan VirusWall 3.81.

[squid-users] Squid + TCP Connection

[Lizzy Dizzy]

Hi everyone!

I have a network setup such that my router will only throw dest port 80 & 
8080 traffic to my squid server.
Squid is listening to port 80 and 8080 only. I've got an acl that deny the 
CONNECT method for being used for all ports except 443.

When I do a netstat I found out that:

myserverip:44271 202.103.8.114:4365

where 203.103.8.114 is ftp1.tvdown.com

The strange thing is that I cannot see any mention of this IP or domain 
inside access.log.

Is there a possibility that the server is compromise?

_
Take a break! Find destinations on MSN Travel. http://www.msn.com.sg/travel/

[squid-users] A weird problem

[Deepa D]

Hi,
   Squid stable version 5 was working fine with the
redirector for quite sometime but then  suddenly one
day, the request from squid was not reaching the
redirector. The squid's log(in debug mode) said that
it had passed on the request to the
redirector(helperSubmit message) but the redirector
was not logging and message and the squid request was
getting hung.
   I tried reinstalling the whole thing but the
problem persisted. A fresh installation on a similar
system configuration worked though. 
   Squid is set up on RedHat linux 8.0 and gcc 3.2.
The OS was not tampered with either in the meanwhile.
Could you kindly tell me what the problem could be.
Does Squid have any system level dependencies?

  Regards,
 Deepa



Yahoo! India Matrimony: Find your partner online. 
http://yahoo.shaadi.com/india-matrimony/

RE: [squid-users] Error while retrieving Sites [HITCON VIRUS CHECK: OK]

[Elsen Marc]

 
> 
> Hi there!
> 
> First of all: I am really new in this mailing list and i dont 
> know if my
> problem fits in here, so if not: excuse me! ;-)
> I installed squid a few days ago and combined  it with squid 
> guard to an
> URL filter..
> everything worked fine for me... than i implemented the proxy into
> another subnet ( of course i altered the config files for the 
> new net! )
> but since that day i allways get an error message while 
> trying to visit any
> website:
> 
> the requested url could not be retrieved
> 
> While trying to retrieve the URL: /
> 
> The following error was encountered:
>   Invalid URL
> 
> 
> Some aspect of the requested URL is incorrect. Possible problems:
>   Missing or incorrect access protocol (should be `http://'' or
>   similar)
>   Missing hostname
>   Illegal double-escape in the URL-Path
>   Illegal character in hostname; underscores are not allowed
> 
> why does squid alter the URL to an / ???
> 
 
 Are you using transp. proxying ?
 If so check :

   http://www.squid-cache.org/Doc/FAQ/FAQ-17.html

 Take a look at item 2.

 M.

[squid-users] Error while retrieving Sites [HITCON VIRUS CHECK: OK]

[Maik . Linnemann]

Hi there!

First of all: I am really new in this mailing list and i dont know if my
problem fits in here, so if not: excuse me! ;-)
I installed squid a few days ago and combined  it with squid guard to an
URL filter..
everything worked fine for me... than i implemented the proxy into
another subnet ( of course i altered the config files for the new net! )
but since that day i allways get an error message while trying to visit any
website:

the requested url could not be retrieved

While trying to retrieve the URL: /

The following error was encountered:
  Invalid URL


Some aspect of the requested URL is incorrect. Possible problems:
  Missing or incorrect access protocol (should be `http://'' or
  similar)
  Missing hostname
  Illegal double-escape in the URL-Path
  Illegal character in hostname; underscores are not allowed

why does squid alter the URL to an / ???

thanks in advance for your help!




HITCON AG
Maik Linnemann
Gartenstrasse 208
48147 Münster
0251/2801-206 (Phone)
0251/2801-280 (Fax)
0170/6364123 (Mobil)
Mail: [EMAIL PROTECTED]
http://www.hitcon.de

Re: [squid-users] Blocking Porn sites....

[David Kandou]

Thank's..
 
David Kandou
 
---Original Message---
 
From: Henrik Nordstrom
Date: Thursday, May 06, 2004 1:13:28 PM
To: David Kandou
Cc: [EMAIL PROTECTED]
Subject: Re: [squid-users] Blocking Porn sites
 
On Thu, 6 May 2004, David Kandou wrote:
 
> How to block porn site like :
> http://sanggrahan.org
> http://66.98.190.156
> 
> in squid conf i wrote :
> 
> acl xxx1 dstdomian "/tmp/forbidden_url.txt"
 
dstdomain, not dstdomian.. and this matches destination hosts, not URLs.
 
acl xxx1 dstdomain "/tmp/forbidden_domains.txt"
 
you also need
 
acl xxx2 dst "/tmp/forbiden_ips.txt"
 
in forbidden_hosts.txt you enter the hosts and/or domain names you block 
access to. www.playboy.com blocks the host www.playboy.com, .playboy.com 
(note the leading dot) blocks the whole domain playboy.com including the 
host playboy.com.
 
> http_access deny xxx1
 
and also add
 
http_access deny xxx2
 
Regards
Henrik
 
. 

RE: [squid-users] assertion failed

[Danish Khan]

Well page gets open but the associated link
http://sourceforge.net/tracker/index.php?func=detail&aid=651877&group_id=477
37&atid=450621 is not opening kindly if u tell me the details how to invoke
this and where is squid-icap 

Regards,
Danish Khan 


-Original Message-
From: Murugan [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 06, 2004 12:14 PM
To: [EMAIL PROTECTED]
Subject: Re: [squid-users] assertion failed


visit this link

http://www.squid-cache.org/mail-archive/squid-users/200309/0849.html

Regrads
-Murugan

- Original Message -
From: "Danish Khan" <[EMAIL PROTECTED]>
To: "'Henrik Nordstrom'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, May 06, 2004 11:58 AM
Subject: [squid-users] assertion failed


>
> My squid almost dies after every 15 mins giving the below error.
>
> assertion failed: errorpage.c:292: "mem->inmem_hi == 0"
>
> Using squid stable 5 on Sun Linux. I have found its patch kindly tell me
how
> to apply its patch.
>
>
> Danish khan
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.670 / Virus Database: 432 - Release Date: 4/27/2004

Re: [squid-users] assertion failed

[Murugan]

visit this link

http://www.squid-cache.org/mail-archive/squid-users/200309/0849.html

Regrads
-Murugan

- Original Message -
From: "Danish Khan" <[EMAIL PROTECTED]>
To: "'Henrik Nordstrom'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, May 06, 2004 11:58 AM
Subject: [squid-users] assertion failed


>
> My squid almost dies after every 15 mins giving the below error.
>
> assertion failed: errorpage.c:292: "mem->inmem_hi == 0"
>
> Using squid stable 5 on Sun Linux. I have found its patch kindly tell me
how
> to apply its patch.
>
>
> Danish khan
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.670 / Virus Database: 432 - Release Date: 4/27/2004

RE: [squid-users] xdr_string: out of memory

[Elsen Marc]

 
>would a kernel upgrade help here?

 Maybe, provided your problem is not hardware related.

 M.