[squid-users] Start point of squid configuration
I read every single parameters like cache_mem, cache_dir but this remain a single information that doesn't supply a complete vision. Someone know if exist a useful schema to configure squid like this term: [Attention following are guess informations only to explain what I mean] # USERS MEMORY CPU cache_mem cache_dir 100 500M>1GHz32M 2G 200 1G >1GHz32M 4G .. .. 10004G >2GHz128M10G Best regards. Stefano
Re: [squid-users] ntlm_auth & Windows Update
Daniel Halbe wrote: As you can see the proxy first says: Authentification required. Then the client responds and sends an NTLM_AUTH challenge and the proxy permits access. This works fine for every webpage but not for Windows Update :-( 312955 - Windows Update may Not work in Windows XP if an Authenticating Web proxy is Used http://support.microsoft.com/Default.aspx?scid=kb;en-us;312955 Solution: acl update-micro-dom dstdomain .microsoft.com acl update-micro-dom dstdomain .windowsupdate.com # http_access allow update-micro-dom Bye Stefano
Re: [squid-users] ntlm_auth & Windows Update
Daniel Halbe wrote: ### squid.conf ### client_netmask 255.255.255.0 dns_nameservers XXX.YYY.172.3 auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 15 auth_param ntlm max_challenge_reuses 0 auth_param ntlm max_challenge_lifetime 2 minutes auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 5 auth_param basic credentialsttl 5 hours acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 # https, snews acl SSL_ports port 873 # rsync acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl QUERY urlpath_regex cgi-bin \? acl purge method PURGE acl CONNECT method CONNECT acl NTLMUsers proxy_auth REQUIRED acl winupdate dstdomain .microsoft.com .windowsupdate.com acl ftp proto FTP no_cache deny winupdate http_access allow all NTLMUsers move up> http_access allow winupdate always_direct allow ftp remove > always_direct allow winupdate no_cache deny QUERY http_access deny all http_reply_access allow all icp_access deny all cache_mgr root dns_testnames heise.de google.de denic.de internic.net ## Bye Stefano
[squid-users] Load balancing squid with squid
I'm thinking to load balancing 2 squid processes with 1 squid. Is this idea stupid? Landscape: 1 SMP machine with: squid1 with cache_dir (a real piece of disk) bind localhost squid2 with cache_dir (a real piece of disk) bind localhost squidv with cache_dir null cache_peer 127.0.0.1 parent 3128 3130 no-query proxy-only round-robin cache_peer 127.0.0.1 parent 4128 4130 no-query proxy-only round-robin never_direct allow all Can someone supply me any comments? Bye Stefano
Re: [squid-users] squid_ldap_auth referral issue
Stefano Mason wrote: Some one can inform me where I'm wrong. NO one! squid_ldap_auth don't follow referral! May be! Version: squid-2.5.STABLE5 OS: Red Hat Linux release 9 squid_ldap_auth have useless -R parameter! With or without is the same! Thanks! Cheers. Stefano Test: [EMAIL PROTECTED] LDAP]$ ./squid_ldap_auth -b "o=t-systems,c=it" -f "uid=%s" ldap myworkroomtest1 livelink OK Issue (holly is another ldap with referral): [EMAIL PROTECTED] LDAP]$ ./squid_ldap_auth -b "o=t-systems,c=it" -f "uid=%s" holly myworkroomtest1 livelink squid_ldap_auth: WARNING, LDAP search error 'Referral' squid_ldap_auth: WARNING, LDAP search error 'Referral' ERR Same test with ldapsearch: [EMAIL PROTECTED] LDAP]$ ldapsearch -x -b "o=t-systems,c=it" -h holly uid=myworkroomtest1 version: 2 # # filter: uid=myworkroomtest1 # requesting: ALL # # search result search: 2 result: 10 Referral ref: ldap://ldap.debis.it:389/O%3dT-Systems,C%3dIT # numResponses: 1 (ldapsearch with -C parameter) [EMAIL PROTECTED] LDAP]$ ldapsearch -C -x -b "o=t-systems,c=it" -h holly uid=myworkroomtest1 version: 2 # # filter: uid=myworkroomtest1 # requesting: ALL # # myworkroomtest1, User, T-Systems, IT dn: CN=myworkroomtest1,OU=User,O=T-Systems,C=IT mail: [EMAIL PROTECTED] objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top sn: myworkroomtest1 uid: myworkroomtest1 ars: generale # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 squid_ldap_auth return 2 time the same error "squid_ldap_auth: WARNING, LDAP search error 'Referral'", is possible the second time don't use the new ldapurl/host? Many thanks in advance. Best regards. Stefano
[squid-users] squid_ldap_auth referral issue
Some one can inform me where I'm wrong. squid_ldap_auth don't follow referral! Version: squid-2.5.STABLE5 OS: Red Hat Linux release 9 Test: [EMAIL PROTECTED] LDAP]$ ./squid_ldap_auth -b "o=t-systems,c=it" -f "uid=%s" ldap myworkroomtest1 livelink OK Issue (holly is another ldap with referral): [EMAIL PROTECTED] LDAP]$ ./squid_ldap_auth -b "o=t-systems,c=it" -f "uid=%s" holly myworkroomtest1 livelink squid_ldap_auth: WARNING, LDAP search error 'Referral' squid_ldap_auth: WARNING, LDAP search error 'Referral' ERR Same test with ldapsearch: [EMAIL PROTECTED] LDAP]$ ldapsearch -x -b "o=t-systems,c=it" -h holly uid=myworkroomtest1 version: 2 # # filter: uid=myworkroomtest1 # requesting: ALL # # search result search: 2 result: 10 Referral ref: ldap://ldap.debis.it:389/O%3dT-Systems,C%3dIT # numResponses: 1 (ldapsearch with -C parameter) [EMAIL PROTECTED] LDAP]$ ldapsearch -C -x -b "o=t-systems,c=it" -h holly uid=myworkroomtest1 version: 2 # # filter: uid=myworkroomtest1 # requesting: ALL # # myworkroomtest1, User, T-Systems, IT dn: CN=myworkroomtest1,OU=User,O=T-Systems,C=IT mail: [EMAIL PROTECTED] objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top sn: myworkroomtest1 uid: myworkroomtest1 ars: generale # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 squid_ldap_auth return 2 time the same error "squid_ldap_auth: WARNING, LDAP search error 'Referral'", is possible the second time don't use the new ldapurl/host? Many thanks in advance. Best regards. Stefano
[squid-users] squid_ldap_auth referral issue
squid_ldap_auth don't follow referral! Test: [EMAIL PROTECTED] LDAP]$ ./squid_ldap_auth -b "o=t-systems,c=it" -f "uid=%s" ldap myworkroomtest1 livelink OK Issue (holly is another ldap with referral): [EMAIL PROTECTED] LDAP]$ ./squid_ldap_auth -b "o=t-systems,c=it" -f "uid=%s" holly myworkroomtest1 livelink squid_ldap_auth: WARNING, LDAP search error 'Referral' squid_ldap_auth: WARNING, LDAP search error 'Referral' ERR Same test with ldapsearch: [EMAIL PROTECTED] LDAP]$ ldapsearch -x -b "o=t-systems,c=it" -h holly uid=myworkroomtest1 version: 2 # # filter: uid=myworkroomtest1 # requesting: ALL # # search result search: 2 result: 10 Referral ref: ldap://ldap.debis.it:389/O%3dT-Systems,C%3dIT # numResponses: 1 (ldapsearch with -C parameter) [EMAIL PROTECTED] LDAP]$ ldapsearch -C -x -b "o=t-systems,c=it" -h holly uid=myworkroomtest1 version: 2 # # filter: uid=myworkroomtest1 # requesting: ALL # # myworkroomtest1, User, T-Systems, IT dn: CN=myworkroomtest1,OU=User,O=T-Systems,C=IT mail: [EMAIL PROTECTED] objectclass: inetOrgPerson objectclass: organizationalPerson objectclass: person objectclass: top sn: myworkroomtest1 uid: myworkroomtest1 ars: generale # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 squid_ldap_auth return 2 time the same error "squid_ldap_auth: WARNING, LDAP search error 'Referral'", is possible the second time don't use the new ldapurl/host? Many thanks in advance. Best regards. Stefano
Re: [squid-users] Squid 2.5 STABLE 3 and wbinfo_group.pl
Henrik Nordstrom wrote: On Mon, 15 Mar 2004, Martin, Neil wrote: I have modified the debug section to get the output on the screen. If I type in ./wbinfo_group.pl from the command line, then Type in domain/user group helpers expects domain\\user groupname Besides, there is a documented bug about "shellwords.pl" (function recall into wbinfo_group.pl) that looping if LANG=xx_XX.UTF-8. Therefore, change your environment, for ex. LANG=en_US; export LANG, than lunch wbinfo_group. Bye Stefano
