[squid-users] Browsing slow after adding squid proxy.
Hi. Been a long time since I last looked at a squid proxy. After add a proxy to the network , browsing seems to have slowed considerably. I have build a squid proxy , this is configured into the network on via our Sonicwall using the proxy feature. When I looked into the configuration I did a few optimizations based on what I found on a couple of websites. All though I opted not to tweak the OS more than increase the ulimit as I would not expect it to be required given the hardware. It is running out of a SSD drive. When I run top the box is idle for the most part. there are about 100 users on this site. So my question is what may I have configured incorrectly or missed that would help? The hardware is : 4 Gig Ram Intel(R) Xeon(R) CPU E3110 @ 3.00GHz (dual core) hard disk is SSD 32 GB The / file system is ext3 The /var system is ext4 (cache is /var/spool/squid). The OS is Linux Ubuntu 10 LTS the squid configuration file looks like acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl localnet src 192.168.0.0/16 # TO BE correctly defined acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access allow CONNECT http_access deny CONNECT !SSL_ports http_access allow localnet http_access allow localhost http_access deny all icp_access allow localnet icp_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? cache_mem 2048 MB maximum_object_size_in_memory 256 KB cache_replacement_policy heap LFUDA cache_dir aufs /var/spool/squid 1 23 256 maximum_object_size 64 MB cache_swap_low 90 cache_swap_high 95 access_log /var/log/squid/access.log squid buffered_logs on refresh_pattern ^ftp: 144020% 10080 refresh_pattern ^gopher:14400% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Package(.gz)*)$0 20% 2880 refresh_pattern . 0 20% 4320 quick_abort_min 0 KB quick_abort_max 0 KB acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9] upgrade_http0.9 deny shoutcast acl apache rep_header Server ^Apache broken_vary_encoding allow apache extension_methods REPORT MERGE MKACTIVITY CHECKOUT half_closed_clients off always_direct allow all hosts_file /etc/hosts memory_pools off coredump_dir /var/spool/squid Thanks G
Re: [squid-users] Alert!: Invalid header 'WWW-Authenticate: NTLM'
Running a normal transparent proxy . Port 80 transparent port mapped to 3128. thanks On Thu, Dec 18, 2008 at 12:17 PM, Kinkie gkin...@gmail.com wrote: On Thu, Dec 18, 2008 at 7:36 AM, Gregory Machin g...@linuxpro.co.za wrote: Hi A client of ours needs to access a website that uses WWW-Authenticate: NTLM, but squid does not pass it through to the browser . The squid version is Squid Cache: Version 2.6.STABLE13 Whats the work around for this ? Are you running in proxy or reverse-proxy mode? -- /kinkie
Re: [squid-users] Alert!: Invalid header 'WWW-Authenticate: NTLM'
going to compile 2.7 on the box and see if it works. On Thu, Dec 18, 2008 at 1:01 PM, Amos Jeffries squ...@treenet.co.nz wrote: Gregory Machin wrote: Hi A client of ours needs to access a website that uses WWW-Authenticate: NTLM, but squid does not pass it through to the browser . The squid version is Squid Cache: Version 2.6.STABLE13 Whats the work around for this ? Thanks Please try the latest Squid. The NTLM pass-thru hack was added somewhere in 2.6, but I don't recall where. It's likely to be a later Squid-2 release if its not working in your current one. Amos -- Please be using Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10 Current Beta Squid 3.1.0.3 or 3.0.STABLE11-RC1
[squid-users] Alert!: Invalid header 'WWW-Authenticate: NTLM'
Hi A client of ours needs to access a website that uses WWW-Authenticate: NTLM, but squid does not pass it through to the browser . The squid version is Squid Cache: Version 2.6.STABLE13 Whats the work around for this ? Thanks
Re: [squid-users] error 401 when going via squid ???
Yes I would assume that the issue is related to Integrated Microsoft Windows Authentication (a.k.a. NTLM) or something M$ cooked up Squid Cache: Version 2.6.STABLE4 configure options: '--build=i686-redhat-linux-gnu' '--host=i686-redhat-linux-gnu' '--target=i386-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--exec_prefix=/usr' '--bindir=/usr/sbin' '--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--datadir=/usr/share' '--sysconfdir=/etc/squid' '--enable-epoll' '--enable-snmp' '--enable-removal-policies=heap,lru' '--enable-storeio=aufs,coss,diskd,null,ufs' '--enable-ssl' '--with-openssl=/usr/kerberos' '--enable-delay-pools' '--enable-linux-netfilter' '--with-pthreads' '--enable-ntlm-auth-helpers=SMB,fakeauth' '--enable-external-acl-helpers=ip_user,ldap_group,unix_group,wbinfo_group' '--enable-auth=basic,digest,ntlm' '--enable-digest-auth-helpers=password' '--with-winbind-auth-challenge' '--enable-useragent-log' '--enable-referer-log' '--disable-dependency-tracking' '--enable-cachemgr-hostname=localhost' '--enable-underscores' '--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL' '--enable-cache-digests' '--enable-ident-lookups' '--with-large-files' '--enable-follow-x-forwarded-for' '--enable-wccpv2' '--enable-fd-config' '--with-maxfd=16384' 'CFLAGS=-fPIE -Os -g -pipe -fsigned-char' 'LDFLAGS=-pie' 'build_alias=i686-redhat-linux-gnu' 'host_alias=i686-redhat-linux-gnu' 'target_alias=i386-redhat-linux-gnu' thanks On Wed, Nov 12, 2008 at 8:09 PM, Kinkie [EMAIL PROTECTED] wrote: On Wed, Nov 12, 2008 at 3:32 PM, Gregory Machin [EMAIL PROTECTED] wrote: Hi Hello Greg, I have a client that when he tries to access agentdeal.marvel.com the web server (IIS) does give a login prompt as it should and instead returns a 401 error. [...] I get the same problem with our proxy and some other people have this problem when, behind squid proxy's . What version of Squid, and is IIS trying to offer Integrated Microsoft Windows Authentication (a.k.a. NTLM)? -- /kinkie
[squid-users] error 401 when going via squid ???
Hi I have a client that when he tries to access agentdeal.marvel.com the web server (IIS) does give a login prompt as it should and instead returns a 401 error. squid access logs 1226493177.205 2413 192.168.1.54 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226493178.700 1256 192.168.1.54 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226493181.792 1369 192.168.1.54 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226493257.082 4573 192.168.1.54 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226493679.353 1306 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226493680.560 1068 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226494460.532 3644 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/ - DIRECT/65.202.37.147 text/html 1226494460.975347 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226494463.518346 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226494463.960341 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226494464.332338 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226494521.459350 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226494563.667397 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226494784.619 1406 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226494803.850869 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226494818.346 1700 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226496149.953608 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226496150.337335 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226496153.533541 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/favicon.ico - DIRECT/65.202.37.147 text/html 1226496170.539336 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226496174.885332 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226496372.749672 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html 1226496390.734476 192.168.1.10 TCP_MISS/401 2199 GET http://agentdeal.marvel.com/clm - DIRECT/65.202.37.147 text/html I get the same problem with our proxy and some other people have this problem when, behind squid proxy's . Many thanks Greg
[squid-users] how to configure wccp load balancing with squid.
Hi I'm looking for a howto or some docs to show how to do load balancing . I have a single cisco router and would like to have two or more squid caches. in a load balanced configuration .. Any suggestions ? Thanks
[squid-users] Forwarding loop detected for .. help
Hi what cause this 2008/10/05 05:27:47| WARNING: Forwarding loop detected for: GET /nic/update?hostname=za1fwl01.dnsalias.commyip=196.22.217.98wildcard=NOCHGmx=NOCHGbackmx=NOCHG HTTP/1.0 Authorization: Basic c3ludGhlc2V1OmRvd251bmRlcg== User-Agent: Fortinet_DDNSC/1.200310271130 Host: 66.*.*.133:3128 Via: 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6), 1.0 cache.mycache.co.za (squid/3.0.STABLE6) X-Forwarded-For: 66.8.89.82, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150, 66.*.*.150 Cache-Control: max-age=0 Connection: keep-alive How do I prevent it ?
[squid-users] access denied without prompting for login
Hi I have the following squid config (below) that worked for a while then squid started giving page faults so I removed squid then reinstalled it now when I try to open a site I get access denied with out even being prompted for my username and password. I have tested the ldap auth and that is working from the command line.. What have I missed ? what caused it to break? Current version of squid 2.6.STABLE16 on Fedora 8 thanks auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic program /usr/lib64/squid/squid_ldap_auth -R -b OU=Organizational Structure,DC= snip acl ldapauth proxy_auth REQUIRED http_access allow ldapauth acl all src 0.0.0.0/0.0.0.0 acl locallan src 10.0.1.0/255.255.255.255 acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports visible_hostname greg-test http_access allow localhost http_access deny all http_port 3128 hierarchy_stoplist cgi-bin ? maximum_object_size_in_memory 50 KB cache_replacement_policy heap LFUDA maximum_object_size 4096 KB access_log /var/log/squid/access.log squid acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 144020% 10080 refresh_pattern ^gopher:14400% 1440 refresh_pattern . 0 20% 4320 quick_abort_min 0 KB quick_abort_max 0 KB quick_abort_pct 95 acl apache rep_header Server ^Apache broken_vary_encoding allow apache half_closed_clients off dns_nameservers 10.0.1.250 196.33.158.230 66.8.85.139 memory_pools off coredump_dir /var/spool/squid
Re: [squid-users] squid authentication against windows Active Directory 2008 ??
then I would have to install samba from what I understand, and or policy is not file sharing services allowed on the firewalls . Is there a way to get a single sign on with out installing samba ? On Mon, Sep 15, 2008 at 5:56 PM, Kevin Blackwell [EMAIL PROTECTED] wrote: Gregory, I was running into the same problems. I finally for it working. Couple of questions 1. What OS 2. Why not use ntlm_auth? Works better. Kevin On Mon, Sep 15, 2008 at 9:06 AM, Gregory Machin [EMAIL PROTECTED] wrote: Hi I'm batteling to get squid_ldap_auth to authenticate against M$ windows Active Directory 2008 with my config below /usr/lib64/squid/squid_ldap_auth -b OU=Organizational Structure,DC=example,DC=co,DC=za -h 10.*.*.250 -D CN=squid,OU=Other,OU=TC JHB,OU=Company,OU=Organizational Structure,DC=example,DC=co,DC=za -w Password1 -f ((uid=%s)(objectclass=user)) I have used a similar config on windows Active Directory 2003 and it worked perfectly fine. Is there a catch to authenticating against the 2008 version of AD ? or have I missed some thing .. How is the best way to debug this as squid does not log or output any errors even when in debugging mode .. when is run [EMAIL PROTECTED] ~]# /usr/lib64/squid/squid_ldap_auth -b OU=Organizational Structure,DC=techconcepts,DC=co,DC=za -h 10.0.1.250 -D CN=squid,OU=Other,OU=TC JHB,OU=Company,OU=Organizational Structure,DC=techconcepts,DC=co,DC=za -w Password1 -f ((uid=%s)(objectclass=user)) -v3 gregory.machin Password1 ERR Success I get ERR Success I believe I should get OK How can I get more info out of this interface ? Thanks in advance .
[squid-users] testing squid_ldap_auth
Hi I'm looking for a methode to test squid_ldap_auth out side of the squid config. I have try the following at the command line [EMAIL PROTECTED] ~]# /usr/lib64/squid/squid_ldap_auth -b OU=Organizational Structure,DC=example,DC=co,DC=za -h 10.0.1.250 squid [EMAIL PROTECTED])rd1 ERR Success From what I have read ERR Success imply s that authentication was successful , but when I try and used this in a squid config the user in not able to authenticate when prompted by the browser. How do I locate that breaking point, there are no error in cache.log ? What do I do next to find the problem.
[squid-users] alot of strange requests comming from child proxy
I have a client that we provide conectivity for. they have a fire will running a squid proxy that is configured with our proxy as it's parent proxy and most of the traffic I'm seeing looks like this 1219394376.025 119836 192.168.199.253 TCP_MISS/000 0 GET http://192.168.200.10/secars/secars.dll?h=BDA3879CF852B95325CD75608CD49315436E38A1B858309C419143C4240C16B00CB181C599C323EF8D893FA74D9B19FF36B489B0B0C1035F8206A3AB6DF27E36FBA34062AE1AE4E6980A04003009E371E49453B5E0D62BC333D1B882580717AFEFCB725D0F0257C6C0F1D1B477B03BA82F0A6B2271256AAAD3807B5AEAD42274A3B23C0E045C51B7E61D5775D0F97BEAD0430165964F5F4A31DEBCC8F9DF1669C2DD64C791538CEB227CB9612ED2660F8AF3D9E7F77B509FF3F6BC9421F039ED7B47C559076B49E8B1884821FE0920B777EE7A27F384B0B82F99478A56FB5EDA7AFB10AAEAB2B70A94671358A63C5EDEE287BB7256ABA297402B7A9DD8375195D5CFCA9B67B1FA0AA253AB4DD45B9CDC03788336BBD9DB028559F1A33F8C9EB2CC40A44D7F1B8B1369F08B61EC355F176E5D283F5D8B6B07F9FBB3B8C0E93DF21E677ECC878284133CE2E6283A9560AD1A91690FCBD075867B916926EE9BDC744D62F9F2A1FC2683AA97882D595FA830AF9AF483040F0EE80F99E34F4F158B3DD670B89FE39FC3822032F819B0D4A559321E12D54D5DD7ABEE09725578A7FA1D682CADEA93A98E44F62D284566463F32 - DIRECT/192.168.200.10 - 1219394376.112 119812 192.168.199.253 TCP_MISS/000 0 GET http://192.168.201.143/secars/secars.dll?h=6C16C7F7CB8552608F100CA8B11F626AEC4B4A1F8925D5E0B4FE5434FEC16DEE329F29B39AA3A9685FA0FC904838EFA3C17ABA5D1A93EE6AF9DE0C6502FEE3D03CE77A1F2D64703660F9155B65BD9449D4985F0C6F66EE924F314CD8E01C2E7D25314888DAAC08294F0241DFFB2646827D4C249A6C9358D79FA51D4E4D117752F96DB435B9613368DFBB94622FA64AD7B135E9FAF62828A870BACAFDD2D7131E1F9EAD313528FCC6D725877013AF93A8493466CD5229DFD128D4E059D36844F367F8D37328E3E642618B382E791227DFFC70360A9A349E217F822E72A2B5E65574397D1EB8C7BBD69B3E3AAE4A7A67BEB1A4D4E98A229671F8E752F397D685F5E14E2B596E683AC565B227C4272F10786543DE6F6F9E71902F0BC3175E2AE663708E71FB304C2AFB5E97852AA43E03843837D4B1D0A39289BD371D135C68ACA90040A3F117C97BD7CC2D837D8121C410A1DD633B6DA05D57191AF6147EFC87CC051D3DCC49CFC099CE4197CD83B583C7 - DIRECT/192.168.201.143 - 1219394376.313 119792 192.168.199.253 TCP_MISS/000 0 GET http://192.168.200.10/secars/secars.dll?h=8A4F1743217F213893940A066FA0327A70013D90ADCFFAA63D79E536816A8D6954969B4CD1504F360A7186CE6C7ABBAAAE38944D2ADC272600A263B849B99EB8718A2F72F491BE9313E232C715A6D554014389799E4095D5F7B4B3B25668337891F2BDA12D30F9C7B388132354AFB497965315DED9345938C5A265F307A9D2412116A795987AEDA39E92AB4234359D857876663CE5B5CC14B97BAC7BAF138D6F6A427C74BA0AF2741379F0897C27BABC40417C5651E8EE8E5BFF57E2F3A9AC96C62DEB85BB528E48599705A1FAC16914B2B209058C3EF7709B1E21F32AE4F476ED25B3290C433D01208844E41F5027AFE287BB7256ABA297402B7A9DD8375195D5CFCA9B67B1FA0AA253AB4DD45B9CDC03788336BBD9DB028559F1A33F8C9EB280E54DD44843B0ADF5ED98992B3308B455A96EE2C15924C1AB1D75B42E6CAE64DD1D7574ED8CA99617961917E51323A68B7910134E6CABFA446BA9D277ED9722D6B86D0672BDCE22CEFC58139078B44B190BA8A72E65067772B61F1876A5EEA1321E12D54D5DD7ABEE09725578A7FA1D682CADEA93A98E44F62D284566463F32 - DIRECT/192.168.200.10 - what is it ? and should I my proxy be receiving these requests ? Thanks
Re: [squid-users] alot of strange requests comming from child proxy
On Fri, Aug 22, 2008 at 11:34 AM, Michael Alger [EMAIL PROTECTED] wrote: On Fri, Aug 22, 2008 at 10:49:53AM +0200, Gregory Machin wrote: I have a client that we provide conectivity for. they have a fire wall running a squid proxy that is configured with our proxy as it's parent proxy and most of the traffic I'm seeing looks like this 1219394376.025 119836 192.168.199.253 TCP_MISS/000 0 GET http://192.168.200.10/secars/secars.dll?h=BDA3... - DIRECT/192.168.200.10 - 1219394376.112 119812 192.168.199.253 TCP_MISS/000 0 GET http://192.168.201.143/secars/secars.dll?h=6C16C... - DIRECT/192.168.201.143 - 1219394376.313 119792 192.168.199.253 TCP_MISS/000 0 GET http://192.168.200.10/secars/secars.dll?h=8A4F... - DIRECT/192.168.200.10 - what is it ? Not sure, may be something to do with Symantec EndPoint Protection Manager; whatever that is. At least that's the references I've seen in a Google search for secars.dll. and should I my proxy be receiving these requests ? That depends - are 192.168.200.x and 192.168.201.x under your control? Or more correctly: does your client need to access these addresses via your proxy? those ips are on the clienst lan / wan that behind the proxy . It may be that they need reconfigure their squid to go direct for that server rather than use your proxy.
[squid-users] TCP_NEGATIVE_HIT/404 615 GET for file that does exist
Hi There is a file I'm trying to download via my proxy, but cant ... squid loggs show 1191409989.051 0 192.168.2.203 TCP_NEGATIVE_HIT/404 615 GET http://www.coltech.co.za/pnp/files/vPbPsCrVJ/SFUP-V447B4-D.zip greg NONE/- text/html If i bypass the proxy I can download the file fine ... what would be causing this ? Greg
[squid-users] white listing acls
Hi I'm looking for an example of how to have white lists for one subnet but the other subnet is full access ... Many Thanks -- Gregory Machin [EMAIL PROTECTED] www.linuxpro.co.za
[squid-users] limit size of download per user group..
Hi Please could you advise me how I can limit the size of file downloads on a per user / ip range acl baises ? I can only find out how to do it globaly ... :-( Many Thanks -- Gregory Machin [EMAIL PROTECTED] [EMAIL PROTECTED] www.linuxpro.co.za Web Hosting Solutions Scalable Linux Solutions www.iberry.info (support and admin) www.goeducation (support and admin) +27 72 524 8096
[squid-users] Fw: Squid and load splitting.
Hi all. Could some please advise me on how to do the following .. I have 2 incomming lines one is adsl with a capped internation limit (ie: when reach 3 gig international bowsing dies) the and is a slow diginet line. I want to be able to setup squid so that once the 3gig limit is reached (sites timeout) all traffic for internatinal sites is passed through the diginet line. Both lines currently have there own squid proxy servers. Many Thanks .. Gregory Machin
[squid-users] parent cach not showing child cache requests in it's logs
Hi all. I have a number squid proxies on my network the one child proxy is set = to use the primary proxy as perant, but the requests aren't being = displayed in the logs. This is my acl config for the child proxy. I have used both the ip and = the FQNS of the parent proxy .. shutdown_lifetime 30 seconds pid_filename /var/run/squid.pid cache_access_log /cache/squid/logs/access.log cache_log /cache/squid/logs/cache.log cache_store_log none emulate_httpd_log on log_mime_hdrs off http_port 192.168.10.250:8080 cache_peer ns2.ct-net.org parent 3128 3130 no-query default acl local-ip dst 192.168.0.0/16 acl all src 0.0.0.0/0.0.0.0 always_direct allow local-ip never_direct allow all acl localhost src 127.0.0.1/32 acl localnet src 192.168.0.0/16 always_direct allow localnet acl Safe_ports port 80 # http acl Safe_ports port 20-21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1021-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl SSL_ports port 21 25 110 143 443 563 1080 acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access deny all request_timeout 45 seconds pconn_timeout 240 Many thanks Gregory Machin 072 5248 096 [EMAIL PROTECTED] [EMAIL PROTECTED] System Administrator for - Academy Internalional - Vukani Skills Lab Systems Developer for sylque.com scsza.com linuxpro.co.za Programming Mysql PHP Delphi Kylix
[squid-users] seamless authentication with active directory
-> [squid-users] seamless authentication with active directory squid-users -- Thread -- -- Date -- <!-- google_ad_client = "pub-7266757337600734"; google_alternate_ad_url = "http://www.mail-archive.com/blank.png"; google_ad_width = 160; google_ad_height = 600; google_ad_format = "160x600_as"; google_ad_channel = "8427791634"; google_color_border = "FF"; google_color_bg = "FF"; google_color_link = "006792"; google_color_url = "006792"; google_color_text = "00"; //--> [squid-users] seamless authentication with active directory Gregory Machin Re: [squid-users] seamless authentication with active directory Kinkie Reply via email to