Hi
Thanks for your answer
CentOS Linux release 7.1.1503 (Core)
krb5-workstation-1.12.2-14.el7.x86_64
krb5-libs-1.12.2-14.el7.x86_64
regards
olivier
2015-05-03 0:25 GMT+02:00 Markus Moeller :
> Which OS and Kerberos version do you have ? There might be some issue
> with the cache used KEY
On 3/05/2015 10:59 a.m., HackXBack wrote:
> Thanks you amos for giving time,
> but about this part :
>
> for looping 302 on youtube
> acl text-html rep_mime_type text/html
> acl http302 http_status 302
>
> store_miss deny text-html
> store_miss deny http302
> send_hit deny text-html
> send_hi
On 3/05/2015 11:10 a.m., HackXBack wrote:
> You mention this part :
> Severity:
>
> The bug is important because it allows remote servers to bypass
> client certificate validation. Some attackers may also be able
> to use valid certificates for one domain signed by a global
> Certificate Autho
On 3/05/2015 1:00 p.m., vintech wrote:
> Hi,
>
> Iam running squid 3.5.2 stable
Please upgade to the current version, which is 3.5.4 today.
> , however i have problems while i connect it
> through GET as it gives me an HTTP 301 error.
There is no such thing as a "301 error".
*CoudFront* are t
On 3/05/2015 5:41 a.m., Michael Pelletier wrote:
> It does not work as the group acl is of type "slow" while header
> modification is of type "fast".
Corrrect, and that is the answer to your question.
If you have a new enough Squid, use a auth/group check in http_access
and a note ACL check in th
Hi,
Iam running squid 3.5.2 stable , however i have problems while i connect it
through GET as it gives me an HTTP 301 error.
Also while i use the squid with browser iam able to open and connect to the
destination but with get and cURl i am having issues and it gives timed out
error.
Also using bi
You mention this part :
Severity:
The bug is important because it allows remote servers to bypass
client certificate validation. Some attackers may also be able
to use valid certificates for one domain signed by a global
Certificate Authority to abuse an unrelated domain.
you mean that ther
Thanks you amos for giving time,
but about this part :
for looping 302 on youtube
acl text-html rep_mime_type text/html
acl http302 http_status 302
store_miss deny text-html
store_miss deny http302
send_hit deny text-html
send_hit deny http302
i use this config with patch file to make youtub
H
no sir , i dont want archive the entire Internet on one server, but i have
hdd with 2T and i can use only 0.8T from it ..
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/FATAL-xcalloc-Unable-to-allocate-18446744073468065319-blocks-of-1-bytes-tp4671004p4
Which OS and Kerberos version do you have ? There might be some issue with the
cache used KEYRING:persistent:0:0
Markus
"Olivier CALVANO" wrote in message
news:CAJajPefo3t8b1=_v5pfj3h0gq4jk3oosutw8gnhy7z-gs21...@mail.gmail.com...
Hi
I request your help because i want use NTLM/Kerberos for a
Hello Michael,
Are you interested in writing of eCAP filter (or C++ in general) or wish to
solve your problem? If first please see http://www.e-cap.org/ especially
adapter or clamav samples at http://www.e-cap.org/Downloads.
If latter please take a look at qlproxy (ICAP filter for Squid) the ve
Hello,
I wish to write a custom eCap filter and I am looking for some
documentation.Basically, I wish to add the X-GoogApps-Allowed-Domains ONLY
when a user matches an AD group else no header should be added. We are a
school and we restrict students' email but not employees.
I tried request_heade
Anyone ?
Le samedi 2 mai 2015, Olivier CALVANO a écrit :
> Hi
>
> I request your help because i want use NTLM/Kerberos for authenticate my
> user.
>
> For NTLM, i use Winbind, no problems,
>
> [root@gw]# wbinfo -t
> checking the trust secret for domain MYADDOMAIN via RPC calls succeeded
>
> but
It does not work as the group acl is of type "slow" while header
modification is of type "fast".
I am looking at ECap to do the modification if the user is in a user group.
Does this sound like I am going down the right path?
Does anyone know of a good example of doing header add\mods with ECap w
I just built 3.5.4 and deployed (on FC21). Most pages work, but SSL to
e.g. Google and Yahoo fail. It is easily provoked by simply using the
search bar in firefox or IE.
Cache.log contains entries such as
2015/05/02 11:51:34 kid1| local=[::] remote=[2a00:1450:400c:c05::93]:443
FD 13 flags=1: read
On 2/05/2015 3:45 p.m., Jagannath Naidu wrote:
> .. ???
It means exactly what it says.
"
2015/04/29 10:34:10| WARNING: All redirector processes are busy.
2015/04/29 10:34:10| WARNING: 15 pending requests queued
"
Notice how "NTLM" is not "redirector".
N=5 redirectors running, R=15 requests
On 2/05/2015 3:12 p.m., Michael Pelletier wrote:
> Hello,
>
> I wish to modify a request header if the user is a member of a group. The
> example below I am trying to restrict people at work to ONLY the work email
> address UNLESS they are in the group "FullEmailAccess". Is this correct?
Does it
17 matches
Mail list logo