Re: [squid-users] Transparent Proxy Server Error - Squid 3
> I am running Squid 3 and trying to use the transparent proxy features. > > In my squid.conf I have: > > http_port 8000 transparent We cannot define the http_port as like above. Did you check with /squid -k parse? Did you enable the squid.conf options of httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on > > In my firewall: > > $IPT -t nat -A PREROUTING -i $INTIF -p tcp --dport 80 -j REDIRECT > --to-port 8000 What is the $IPT and $INTIF variables? Regards, Muthukumar. --- === It is a "Virus Free Mail" === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.691 / Virus Database: 452 - Release Date: 5/27/2004
Re: [squid-users] Transparent Proxy Server Error - Squid 3
When I try compiling with the following options: ./configure --enable-ipf-transparent --enable-pf-transparent --enable-esi --enable-ssl I get the following warnings: checking if IP-Filter header files are installed... no WARNING: Cannot find necessary IP-Filter header files Transparent Proxy support WILL NOT be enabled checking if PF header file is installed... no WARNING: Cannot find necessary PF header file Transparent Proxy support WILL NOT be enabled What do I need? Daniel Czarnecki wrote: Hi Guys, I am running Squid 3 and trying to use the transparent proxy features. In my squid.conf I have: http_port 8000 transparent In my firewall: $IPT -t nat -A PREROUTING -i $INTIF -p tcp --dport 80 -j REDIRECT --to-port 8000 When the transparent proxy is accessed I get the following error: ERROR The requested URL could not be retrieved While trying to retrieve the URL: / The following error was encountered: Invalid URL Some aspect of the requested URL is incorrect. Possible problems: Missing or incorrect access protocol (should be `http://'' or similar) Missing hostname Illegal double-escape in the URL-Path Illegal character in hostname; underscores are not allowed Your cache administrator is webmaster. Generated Sat, 29 May 2004 06:22:39 GMT by gateway.charlesrose.com.au (squid/3.0-PRE3) I have also tried to accelerate hosts with the same error. What am I missing? Cheers, Dan
Re: [squid-users] ncsa authentication
> I am having problem in running squid with authentication. The proxy server runs > fine without authentication, but with ncsa auth enabled it tries to validate > the user in the browser but fails. > I have followed all the stesp in enabling ncsa. What steps did you follow to setup the NCSA authentication.? Did you create the password file and manually check the authentication? Regards, Muthukumar. --- === It is a "Virus Free Mail" === Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.691 / Virus Database: 452 - Release Date: 5/27/2004
[squid-users] Transparent Proxy Server Error - Squid 3
Hi Guys, I am running Squid 3 and trying to use the transparent proxy features. In my squid.conf I have: http_port 8000 transparent In my firewall: $IPT -t nat -A PREROUTING -i $INTIF -p tcp --dport 80 -j REDIRECT --to-port 8000 When the transparent proxy is accessed I get the following error: ERROR The requested URL could not be retrieved While trying to retrieve the URL: / The following error was encountered: Invalid URL Some aspect of the requested URL is incorrect. Possible problems: Missing or incorrect access protocol (should be `http://'' or similar) Missing hostname Illegal double-escape in the URL-Path Illegal character in hostname; underscores are not allowed Your cache administrator is webmaster. Generated Sat, 29 May 2004 06:22:39 GMT by gateway.charlesrose.com.au (squid/3.0-PRE3) I have also tried to accelerate hosts with the same error. What am I missing? Cheers, Dan
[squid-users] suggestion ..
Right now i'm running squid on P4 1.7 Ghz 40 GB IDE disk (4 partition, each 5 gigs for cache) and 256 RAM. but it seems my proxy didn't run fast. If you have a suggestion or tips, please share with me. Thanks in advance best regards, Andry Yudianto
[squid-users] ncsa authentication
HI I am having problem in running squid with authentication. The proxy server runs fine without authentication, but with ncsa auth enabled it tries to validate the user in the browser but fails. I have followed all the stesp in enabling ncsa. Thanks
[squid-users] Re: squid authentication
[EMAIL PROTECTED] wrote: > I am having problem in running squid with authentication. The proxy server > runs fine without authentication, but with ncsa auth enabled it tries to > validate the user in the browser but fails. Can you test the helper successfully from the command line? Is the user Squid runs as able to read the password file? Any errors in cache.log? What auth_param, acl, and http_access lines are in your squid.conf? > I have followed all the stesp in enabling ncsa. If you truly did, it would be working right now. Adam
[squid-users] squid authentication
HI I am having problem in running squid with authentication. The proxy server runs fine without authentication, but with ncsa auth enabled it tries to validate the user in the browser but fails. I have followed all the stesp in enabling ncsa. Thanks This message was sent using NWebmail, BSNL's Webmail Program
[squid-users] Optimum squid clients
Hi, I am conducting some simple load tests on squid-2.5.STABLE5 using my redirector program that does some url filtering which involves interacting with a local database. I have observed that the squid works fine for one squid redirector and 5 simultaneous client requests. Is there some available diagnostics based on which I could refer to check if my tests results are approximately correct? Secondly, is there some kind of a formula or data that I could use to calculate as to how many squid clients canhandle how many simultaneous browser requests. Regards and TIA, Deepa Yahoo! India Matrimony: Find your partner online. http://yahoo.shaadi.com/india-matrimony/
[squid-users] Re: authentication w/ ADS
Paulo Ricardo wrote: > I'll be start an instalation of squid2.5 + debian and I would like to > authenticate using NTLM + Windows 2000 + ADS. > Client wants authentication using NTLM and 2 different groups from ADS. > What's the best choice? > a) squid + samba + winbind > b) squid+samba+winbin+LDAP ?? Choose (A) - Winbind provides both basic and NTLM support, eliminating the need to bother with LDAP. Also, you will want to use a winbind group helper - either wb_group (Samba 2.2.x) or wbinfo_group.pl (Samba 3.x). Adam
[squid-users] Re: strange squid start-up
Jose Nathaniel Nengasca wrote: > how do i patch squid using squid.x-x.x.patch which i have downloaded > recently? Using the patch command. Read its man page for more info. Adam
[squid-users] strange squid start-up
hello, how do i patch squid using squid.x-x.x.patch which i have downloaded recently? thanks in advance
[squid-users] Strange Squid Start-up
hi, Im just wondering why my squid (squid-2.4stable5) reports that it fails during start but the fact is it runs perfectly on the background TIA
Re: [squid-users] Transfer encoding with compression
http://www.swelltech.com/squidgzip [EMAIL PROTECTED] wrote: I am curious to the current status of transfer encoding compression with either gzip or deflate in Squid. I have browsed the archives to find that it was possibly going to be implemented in Squid 3 in older messages. Any information would be appreciated.
[squid-users] Re: Re: Squid 3.0 Stable Release????
Eric Kahklen wrote: > Did I miss something? I didn't see any projected date for the relase of > 3.0 stable, just the pre release. Yes, you did: "We will release squid-3 once two weeks with no new blocking bugs have passed -after- fixing the last blocking bug." Adam
Re: [squid-users] Re: Squid 3.0 Stable Release????
Did I miss something? I didn't see any projected date for the relase of 3.0 stable, just the pre release. Thanks, Eric Adam Aube wrote: Eric Kahklen wrote: Anyone know when the squid 3.0 stable release will be out? http://www.squid-cache.org/mail-archive/squid-users/200307/0671.html Adam -- __ Eric Kahklen, MS 530 4th Ave. W. Seattle, WA
Re: [squid-users] Securing Squid server
This is not a squid question, this is common sense: You should secure any machine which gets close to the "evil" internet. I hope there is a firewall between your ISP and your proxy, otherwise your squid may be in the wrong hands right now. Be paranoid. If you don't have an extra firewall, i.e. you hook up the squid directly to the ISP, be extra paranoid: - disable all unnecessary services - get the latest security patches - bind all services explicitly to the NIC's where they belong to - you seem to be on linux, think about hardening your machine (grsecurity, kernel with no module support). - enable a strong firewall policy - scan your machine from the outside for open ports - do not use insecure services like telnet If you don't want to create your rules from scratch, look for building tools or distributed firewall scripts. If you want to have maximum control, learn iptables and write your own. There are many iptables-FAQ available on the net. Rusty Russel's iptables HOWTO for instance. A good starting point is here: http://www.netfilter.org Regards, Hendrik Voigtländer Simone Nanni wrote: Hello everybody. I'm a newbie in Squid administration. I have configured SQUID 2.5 stable5 in my Linux RedHat 9 machine that has two ethernet intefaces: - eth0 with a public IP (the one that i obtained by my ISP) - eth1 with a private LAN ip (10.41.x.x) In squid.conf i allow to use the proxy service only to hosts in my subnet (10.41.0.0/16). I have to configure a firewall policy (iptables?) to secure it?? What kind of rules i have to use?? Thanxs in advance.
Re: [squid-users] Squid Redirect
Hi, what exactly do you mean with redirect? if squid is able to resolve all local domains it will fetch the content according to the routing setup on the server. IMHO it will never route those requests to your ISP. You need a proper DNS setup to do this. You can use automatic proxy config to tell clients to bypass squid for local sites. Additionally all internal sites can be configured noncacheable (match them with ip-acl = all non-public adresses 192.168.0.0/16 and so on) for those who insist of using the proxy for all traffic. Regards, Hendrik. vaibhav naldurgkar wrote: Hi there, I want to the squid proxy have to redirect the urls directly to the servers those are there in my LAN and not to sent them to the ISP so could you plz help me how to do this . Thankx and regards, VVN _ Easiest Money Transfer to India. Send Money To 6000 Indian Towns. http://go.msnserver.com/IN/48198.asp Easiest Way To Send Money Home!
[squid-users] Re: Squid 3.0 Stable Release????
Eric Kahklen wrote: > Anyone know when the squid 3.0 stable release will be out? http://www.squid-cache.org/mail-archive/squid-users/200307/0671.html Adam
[squid-users] squid config error
hello i got this while trying to reconfigure squid-2.5-STABLE5 after patching with jes patch for tproxy ,on a kernel 2.6.5 pls how can i solve dis? checking linux/netfilter_ipv4.h presence... yes configure: WARNING: linux/netfilter_ipv4.h: present but cannot be compiled configure: WARNING: linux/netfilter_ipv4.h: check for missing prerequisite headers? configure: WARNING: linux/netfilter_ipv4.h: see the Autoconf documentation configure: WARNING: linux/netfilter_ipv4.h: section "Present But Cannot Be Compiled" configure: WARNING: linux/netfilter_ipv4.h: proceeding with the preprocessor's result configure: WARNING: linux/netfilter_ipv4.h: in the future, the compiler will take precedence configure: WARNING: ## -- ## configure: WARNING: ## Report this to the AC_PACKAGE_NAME lists. ## configure: WARNING: ## -- ## checking for linux/netfilter_ipv4.h... yes checking linux/netfilter_ipv4/ip_tproxy.h usability... no checking linux/netfilter_ipv4/ip_tproxy.h presence... no checking for linux/netfilter_ipv4/ip_tproxy.h... no _ Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
[squid-users] Securing Squid server
Hello everybody. I'm a newbie in Squid administration. I have configured SQUID 2.5 stable5 in my Linux RedHat 9 machine that has two ethernet intefaces: - eth0 with a public IP (the one that i obtained by my ISP) - eth1 with a private LAN ip (10.41.x.x) In squid.conf i allow to use the proxy service only to hosts in my subnet (10.41.0.0/16). I have to configure a firewall policy (iptables?) to secure it?? What kind of rules i have to use?? Thanxs in advance.
[squid-users] Squid 3.0 Stable Release????
Anyone know when the squid 3.0 stable release will be out? Thanks, Eric -- __ Eric Kahklen, MS Seattle, WA
Re: [squid-users] Where I can see squid source code.
On Fri 28 May 2004 15:17, ads squid wrote: > I have downloaded and installed squid latest > "squid-2.5.STABLE5.tar.gz" > I would like to go through the source code of squid. > Please guide me where I can find source code of squid. What do you mean, you've "installed" it? The file you've downloaded contains the source code. You can extract it with "tar zxf squid-2.5.STABLE5.tar.gz". Cheers, Ray
[squid-users] Where I can see squid source code.
Hi, I am using Redhat Linux 9.0. I have downloaded and installed squid latest "squid-2.5.STABLE5.tar.gz" I would like to go through the source code of squid. Please guide me where I can find source code of squid. Thanks for support. __ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/