Hi ,
I have a requirement .
I am running squid 2.3 s2 . mY requirement is like this :
my proxy should not cache say www.abc.com domain and all sublinks under that
say www.abc.com/x www.abc.com/y and so on.
I am using the following acl for that but does not seem to be very
effective .. pls
Jay Turner wrote:
Hi All,
I am after some clarification regarding Squid-2.4.STABLE6-6.7.3 and the use
of /etc/hosts.
Squid-2.4 does not read /etc/hosts when using the internal DNS client.
This feature is only available in Squid-2.5 and later.
To have Squid-2.4 use /etc/hosts it must be
Tesla 13 wrote:
Do you mean loading them up as:
SRC=http://proxy:3128/squid-internal-static/icons/some_custom_icon.gif;
Yes
This won't work as required by me.
Why?
Is there any other way of doing this without specifying the protocol?
frank chibesakunda wrote:
Hallo,
I´m using Squid Proxy + Squidguard Filter + smb_auth Module. I want to
check all the incomming traffic (Content Check) with an Antivirus Tool.
Has anybody an idea what Virusscanner do I need?
One that supports server based scanning of HTTP traffic.
Most
So how will the acl look like ?
thanks,raja.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Henrik Nordstrom
Sent: Wednesday, January 29, 2003 3:10 PM
To: [EMAIL PROTECTED]
Cc: 'squid'
Subject: Re: [squid-users] squid not to CACHE particular domain /
Hi,
I am trying to configure delay_pools to limit traffic
for the groups (admin student) to the internet but
unlimited for our LAN traffic. My squid.conf as shown
bellow.
# custom acl
acl no_limit url_regex -i 192.168.1
acl admin_site src 192.168.1.16/255.255.255.240
acl student_site src
Hi,
on two machines compilation of squid-2.5.STABLE1 runs with no problem
(Debian Woody 2.4.20). But on a third machine with the same distro it
stops just in the beginning with the following:
/usr/local/squid# make all
Making all in lib
make[1]: Entering directory `/usr/local/squid/lib'
Hello,
I want to limit the sites for some users.
So, I have rules like :
acl test11 url_regex -i ^http://[^/]*hp\.
acl test12 proxy_auth foo
http_access allow test11 test12
http_access deny test12
The problem is that, when you go to hp.com (for instance),
you get banners from other sites
On 29 January 2003 12:07, Denis Vlasenko wrote:
As you can see, wget sends different HTTP requests with and without
http_proxy environment variable. Seems like squid dislike this
request: GET /
User-Agent: Wget/1.7
Host: www.ilyichevsk.net
Accept: */*
Connection: Keep-Alive
Why???!!
Hello Guido
I am resending this mail to you and list as i did not able to solve the
problem.
Regards,
Jack
Hello All,
While i am trying to configure squid proxy for Windows 2000 domain users i
find problem in passing value to external acl program.
While i pass username, passwd and domain
Hello.
I have configured squid to use ncsa_auth as basic authentication,
everything works except for 2 things:
** All under IE (5.5 and 6, win2k and XP):
1. For some reason once a user fails to enter a password he may not
authenticate anymore and will have to reset the session (closing and
Gil Disatnik wrote:
Hello.
I have configured squid to use ncsa_auth as basic authentication,
everything works except for 2 things:
** All under IE (5.5 and 6, win2k and XP):
1. For some reason once a user fails to enter a password he may not
authenticate anymore and will have to
Hi Everyone!
I need your help... I experience sudden slowness with my squid server and
when I look at the logs, it show up something like this..
2003/01/28 18:38:18| commHandleWrite: FD 564: write failure: connection
closed with -1 bytes remaining.
2003/01/28 18:38:18| commHandleWrite: FD 565:
I have a cache peer setup as follows...
cache_peer pc1267.rtctel.com parent 443 442 ssl proxy-only
front-end-https=on ssl sslcert=/usr/local/squid/etc/owacert.pem
sslkey=/usr/local/squid/etc/owa.pem
I also have
httpd_accel_host pc1267.rtctel.com
in the config. The name of the OWA
ons 2003-01-29 klockan 12.16 skrev Joel Rowbottom:
I represent a company called Characterisation which is providing an interim
IDN solution - Verisign are also implementing their own system which is
similar. Both require 8-bit clean to be passed from the resolver, which
Squid doesn't do.
Yes! Perfect! Thank you Colin!
If you call Microsoft at 1-800-936-4900 and refer this KB article
they will send you a link to the patch at NO charge.
Is there any way we could get a little blurb about this problem into the
squid-cache FAQ?
rob
Colin Campbell wrote:
I haven't looked but is
Hi,
I have noticed the following behavior of squid and I am wondering if
this is really normal.
I have 2 clients that request the same document at almost the same time
to the same squid.
The RTT between the squid and the destination server is significant
since the request goes over a
I am also trying to get the authentication working with Squid, (Version
2.4.STABLE6) and Novell LDAP server, but at the moment I am tearing my
hair out!!! Can you give me some pointers?
Thanks
Simon.
Rob Poe [EMAIL PROTECTED] 01/29 4:10 pm
NOTICE: This email originated from a source external
You are missing
never_direct allow all
to force Squid to use your peer..
Note: Another option to use ssl between Squid and OWA is to use the
front-end-https cache_peer option. This tells OWA that it should use
https:// URLs even if the (inernal) connection was via HTTP.
Regards
Henrik
ons
ons 2003-01-29 klockan 17.22 skrev Ryan Delany (TS-US):
Exactly! But they don't
I can't believe no one else has had this problem, or maybe no one has
rebooted their machine yet to find out. It's the strangest thing though,
all I do is disable transparent proxy, iptables save, iptables
ons 2003-01-29 klockan 18.54 skrev Ivan de Gusmão Apolonio:
My problem is when I'm using wb_group there's no popup window and is shown
an access denied page with no possibilities to access the internet with
another user insted the one logged in. Is there some configuration for
wb_group to
The question is, how can I tell where the requests are originating from? I
want to stop the source.
-Devon
-Original Message-
From: Devon Harding - GTHLA
Sent: Wednesday, January 29, 2003 12:26 PM
To: 'Henrik Nordstrom'
Cc: '[EMAIL PROTECTED]'
Subject: RE: [squid-users] Outgoing http
By controlling which destinations are allowed to be reached. see the dst
and dstdomain acl types.
Example:
acl to_my_servers dst 192.168.1.0/24
acl port80 port 80
acl http protocol http
http_access allow http port80 to_my_servers
http_access deny all
Regards
Henrik
ons 2003-01-29 klockan
ons 2003-01-29 klockan 11.33 skrev oz:
gcc -DHAVE_CONFIG_H -I. -I. -I../include -I../include -I../include-g
-O2 -Wall -c `test -f Array.c || echo './'`Array.c
cpp0: /usr/include/bits/socket.h: Input/output error
I am quite sure it is just missing some development-packages concerning
Well, you have the source IP address of each request in your
access.log...
Regards
Henrik
ons 2003-01-29 klockan 18.51 skrev Devon Harding - GTHLA:
The question is, how can I tell where the requests are originating from? I
want to stop the source.
-Devon
-Original Message-
You are mixing two unrelated threads.
group_ldap_auth is an earlier patch for Squid-2.4. It is not related to
the external_acl feature of Suqid-2.5 (as used for group membership
lookups).
For information on how to configure Squid-2.5 see the documentation of
squid_ldap_auth and
You already mentioned them earlier in your access log -- 219.106.192.133,
218.222.245.221 -- Asia-Pacific Network IPs. Look at the first item in your
access log lines which is the user's IP address.
If you want to block from the source, the following should work if you have
internal IP
Hi everyone
I would like to setup a acl to block access to all internet sites
for a specific user, and only allow access to specific sites.
I would like to block one user (ip):192.168.0.10
This user must only be allowed to acces two internet sites:
http://196.25.1.1 and
Here's what I want to do:
All any source to access squid and proxy to only 1 network, not to proxy
back to the Internet. How is this done?
-Devon
-Original Message-
From: Tesla 13 [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 29, 2003 1:24 PM
To: Devon Harding - GTHLA
Cc: [EMAIL
1) is it possible to config squid NOT to set this header at all?
I think
header_access X-Forwarded-For deny all
should do.
You can remove it from the source if you feel inclined so. Just do a grep
-r.
Don't have answers to other questions.
Tesla
This should do:
acl user1ip src 192.168.0.10
acl user1destination dstdomain www.mysite.com
http_access allow user1ip user1destination
http_access deny all
If there are a lot of domains, you can put them in a file one at a line.
Then use something like this:
acl user1destination dstdomain
I am not an expert, and just today tried to install squid.
My best bet for documentation is, the oficial website http://www.squid-cache.org.
So, I just grabbed the latest stable release 2.5STABLE1 and printed the FAQ :
http://www.squid-cache.org/Doc/FAQ/FAQ-3.html
I found some information
Sure.
i'll email you off list
r
Simon Magee wrote:
I am also trying to get the authentication working with Squid, (Version
2.4.STABLE6) and Novell LDAP server, but at the moment I am tearing my
hair out!!! Can you give me some pointers?
Thanks
Simon.
Rob Poe [EMAIL PROTECTED]
Make the changes to squid_ldap_auth.c for
*searchfilter = (cn=%s)(objectClass=person))
*binddn = cn=user,o=tld;
*bindpasswd = password;
I didn't have to change any of that .. then again I'm running NDS 7
version of LDAP on Netware 5.1 (SP5)
Unless you can get your Novell Admin to disable
That works! amazing.
I thought header_access and header_replace only works for
the headers that come from the client. not the ones (like,
X-Forwarded-For) that are set from squid itself. I actually tried
header_replace X-Forwarded-For 1.2.3.4
a few days ago but still got unknown.
btw, if I set
Frank Liu wrote:
2) is it possible to config quid to send a user defined IP (say
the IP of the proxy server itself), rather than unknown ?
Should be possible to change the header to say whatever you feel like
via header_replace.
on a related one, is it possible to insert an customer HTTP
In message [EMAIL PROTECTED]
Henrik Nordstrom [EMAIL PROTECTED] wrote:
Daniel Barron wrote:
For information on how to configure Squid-2.5 see the documentation of
squid_ldap_auth and squid_ldap_group, both shipped with the Squid
sources.
I have the squid 2.5S1 source
Well looking at my access.log, I noticed that squid is accessing websites
that no users have requested. I have not allowed any users to access the
cache. These requests are coming from squid itself. I think its some kind
of worm or virus that has affected squid.
61.21.247.37 - -
hi everybody...
here is the log analyze result from my squid box using squeezer.pl
it seem's the HIT % is stiill very low.
my user keep complaining about the speed.
is there any way to INCREASING the hit percentage?
thanks a lot
Cache result code No of req Req % Xfer (kB) Xfer % Xfer
Thanks for the prompt reply Marc,
I'm running squid version 2.5.STABLE1 with Slackware Linux version 8.1,
kernel version 2.4.18. It's on a celeron 566 rig with intel 440bx
motherboard, 512Mb RAM, 9.0G SCSI Drive. I allocated 5.9G of that as the
cache.
I've set squid to use 128MB or the memory
40 matches
Mail list logo