On Wed, 2003-02-05 at 21:53, Anderson Pettirossi Xavier wrote:
> Helo all,
>
> Someone know how can i restrict the download per user, like 20Mb per user
> per day
Today, in squid, you cannot.
But: You can do realtime processing of access.log to determine how much
traffic a user has sent, and
On Fri, 2003-02-07 at 19:52, Henrik Nordstrom wrote:
> According to people who knows these things a lot better than me (I have
> only seen W2K AD for about 5 minutes.. never installed it) the NTLM
> support is separate from mixed/native mode, and you select if the AD
> domain is to support NTLM whe
On Fri, 2003-02-07 at 22:23, Emilio Casbas wrote:
> Hi all.
>
> I get the "Access Denied" message from server, the configuration is:
>
> [users] --> [proxy squid] --> [filter squid] --> [cache squid]
> ---> inet (server with trouble)
>
On Sat, 2003-02-08 at 13:37, Tesla 13 wrote:
> Didn't know I was fishing!
>
> Thanks, this fixes it.
>
> I also want to mention that your patch for making proxy_auth work with
> tcp_outgoing is fine till now (don't remember bug number).
Thats great news - thanks.
Rob
--
GPG key available at:
Didn't know I was fishing!
Thanks, this fixes it.
I also want to mention that your patch for making proxy_auth work with
tcp_outgoing is fine till now (don't remember bug number).
Tesla
On Sat, 2003-02-08 at 13:11, Tesla 13 wrote:
> Hello,
>
> Issuing squid -k reconfigure or sending HUP signal
On Sat, 2003-02-08 at 13:11, Tesla 13 wrote:
> Hello,
>
> Issuing squid -k reconfigure or sending HUP signal to squid increases number
> of open files. It looks like a new /etc/hosts is being opened each time
> SIGHUP is sent without releasing the old one. 2.5-STABLE on a Redhat 8.0
>
> Any ide
As a suggesstion, I would say that if you want to have a large list of
banned sites, you really should use squidguard (http://www.squidguard.org).
It's far faster and uses squid's built in redirector interface.
Cheers,
--Jason
- Original Message -
From: "SSCR Internet Admin" <[EMAIL PROT
Hello,
Issuing squid -k reconfigure or sending HUP signal to squid increases number
of open files. It looks like a new /etc/hosts is being opened each time
SIGHUP is sent without releasing the old one. 2.5-STABLE on a Redhat 8.0
Any ideas?
Tesla
__
On Sun, 2003-02-09 at 04:44, SSCR Internet Admin wrote:
> My squid.conf has
>
> cache_dir ufs /var/spool/squid 3000 7 256
Part of your problem will be this. You should change to diskd or aufs
for the cache dir type. Also you should use dstdomain, not
dstdomain_regex if possible.
Cheers,
Rob
--
My squid.conf has
cache_dir ufs /var/spool/squid 3000 7 256
-Original Message-
From: Robert Collins [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 07, 2003 5:17 PM
To: SSCR Internet Admin
Cc: [EMAIL PROTECTED]
Subject: Re: [squid-users] Latency
On Sun, 2003-02-09 at 03:22, SSCR Inte
I have this on my squid.conf
acl porn1 dstdom_regex -i "/etc/squid/banned"
acl porn2 dstdom_regex -i "/etc/squid/banned1"
acl exe-filter urlpath_regex -i "/etc/squid/file_ext.block"
on /etc/squid/...
-rw-r--r--1 root root18041 Feb 5 09:27 banned
-rw-r--r--1 root root
On Sun, 2003-02-09 at 03:22, SSCR Internet Admin wrote:
> I just wanted to know if having a big list banned site on =
> "/etc/squid/banned_site" will actually contribute to internet sluggish =
> or network latency. I have a top result with
>
> PID USER PRI NI SIZE RSS SHARE STAT %CPU %ME
Guido Serassio wrote:
>
> Hi,
>
> Il 10.04 07/02/2003 [EMAIL PROTECTED] ha scritto:
> >Hello List,
> >
> >my problem ist to get user authenticated against a AD.
> >
> >
> > external_acl_type NT_global_group %LOGIN
> > /usr/lib/squid/wb_group
> > a
SSCR Internet Admin wrote:
>
> I just wanted to know if having a big list banned site on =
> "/etc/squid/banned_site" will actually contribute to internet sluggish =
> or network latency. I have a top result with
How big? And using what kind of acl type?
A very big regex list will be noticeab
What OS are you using?
How many filedescriptors is your Squid supporting? (see cache.log at
Squid startup)
How many unbound TCP ports is available for applications to use? (kernel
TCP/IP parameters)
Is there any messages in the system syslog messages file?
Regards
Henrik
Mike Rambo wrote:
>
My guess is that your winbind is not properly joined to the domain (or
that the computer account have expired..)
Regards
Henrik
Markus Feilner wrote:
> Feb 7 19:35:15 netapp01 winbindd[762]: [2003/02/07 19:35:15, 0]
> nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(181)
> Feb 7 19:35:15 netapp
Alireza Naderi wrote:
> Hi guys
>
> Is squid has ability to write their access.log on mysql database?
> if yes how should i do?
Not yet.
There is an ongoing project to allow Squid to pipe the logs to an
external program which then could dump the logs into mysql or whatever,
but this project is
I just wanted to know if having a big list banned site on =
"/etc/squid/banned_site" will actually contribute to internet sluggish =
or network latency. I have a top result with
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
9548 nobody15 0 271M 271M 1304 R 0.7
Hello List,
I am just using the NTLM Authentication of an AD-Domain with wb_group for
Squid.
All Users in the group WWW_Benutzer are allowed to surf, others not.
I have therefore successfully configured samba to use winbindd and winbind
bound to the Domain (via smb.conf).
At least it seems so:
Hi all:
Another trouble, I'm installing Squid-2.5_1 on my FreeBSD-4.5 to caching my
WWW server, the configuration becomes easy, everything is fine (I mean, no
errors in the config file) but I think it's not working as I hope, for
example if I'm put LAN through domain1 nothing happens, people who
Hi,
Il 00.09 07/02/2003 [EMAIL PROTECTED] ha scritto:
Henrik Nordstrom <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
02/05/2003 01:11 AM
To: Jack <[EMAIL PROTECTED]>
cc: Squid Users <[EMAIL PROTECTED]>
Subject:Re: [squid-users] squid proxy for W2K active
Squid does not natively support this. I haven't seen a patch that allows it
either. I started to write one to perform this task, but quickly realized
that it is just easier to make a named pipe (FIFO) in place of the access
log and have a perl script dump data to the database. Of course this will
SPAM: Start SpamAssassin results --
SPAM: This mail is probably spam. The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM:
SPAM: Content an
Hi,
Il 10.04 07/02/2003 [EMAIL PROTECTED] ha scritto:
Hello List,
my problem ist to get user authenticated against a AD.
external_acl_type NT_global_group %LOGIN
/usr/lib/squid/wb_group
acl ieuser external NT_global_group Datkom
We are a school district that is trying to use squid/squidGuard for
filtering & caching (although the filtering is the most important in
that it is required). We have a Dell dual PIII 750 box with 1GB ram and
UW-SCSI drives running. We had a consultant come in to assist with the
initial setup. The
Squid is a HTTP proxy and only deals with HTTP traffic.
For other traffic Squid is generally not involved at all.
For java applets to be able to open direct network connections when
downloaded via a proxy you need to either have the applet signed by a
trusted key or reconfigure the security prop
This is from how the broken by design MS NTLM over HTTP scheme works..
On each new TCP connection there is
1. A request without any user information
2. A request with partial user information (computer & domain)
3. A request with full user information
Subsequent requests on the same TCP conn
You have two options
a) Send a temporary redirect to another URL with the question
b) Respond with a uncacheable content displaying the question.
And in both cases you have figure out a way how the user can confirm
that he wants the object downloaded..
However you need to know that HTTP knows
Greetings,
Let me say up front that I know nothing about Squid except that it is a web
proxy server. That said, we have a need for a user in China to access an web
application here in the U.S. using a CORBA client. This client use the IIOP
protocol to establish the connection usually on ports 1571
one more link:
http://squid.sourceforge.net/ntlm/client_proxy_protocol.html
point 2 and 5 that's the 2 time TCP_DENIED/407
Regards,
Arno
**
DISCLAIMER - E-MAIL
---
The information contained in this E-Mail is in
nop, you can't that's how NTLM works.
I think you got two 407 before the authentication.
Regards,
Arno
**
DISCLAIMER - E-MAIL
---
The information contained in this E-Mail is intended for the named
recipient(s).
[EMAIL PROTECTED] wrote:
>
> Hi!
>
> I'm using Squid 2.5 with NTLM authentication against a Windows NT 4 domain.
> The clients use Internet Explorer, versions 5 to 6 SP1. Everything works
> fine, but I was wondering if there was a way to get rid of those TCP_DENIED/407
> messages. I don't know
Hi!
I'm using Squid 2.5 with NTLM authentication against a Windows NT 4 domain.
The clients use Internet Explorer, versions 5 to 6 SP1. Everything works
fine, but I was wondering if there was a way to get rid of those TCP_DENIED/407
messages. I don't know if I'm right, but it looks like every requ
Hi all.
I get the "Access Denied" message from server, the configuration is:
[users] --> [proxy squid] --> [filter squid] --> [cache squid]
---> inet (server with trouble)
(parent)
(parent)
When I try to access to ser
Thank you for this very, very, very quick answer!
Cliff
--
WHAT CAN THE ENLIGHTENED DO? :: the enlightened can write any software. can
as in a question of ability. with little thought, they can reverse-engineer
without debuggers, and tell what is possible and what is not without a
technical deta
Cliff Barnes wrote:
>
> Hello Marc,
>
> I don´t know if this is really what I want... because of:
>
> Internet -- TrendMicro Interscan Viruswall -- SQUID -- Users
>
> SQUID should always connect through the Viruswall and never direct to the
In that case you need :
never_direct allow all
"Cliff Barnes" <[EMAIL PROTECTED]> writes:
> I don´t know if this is really what I want... because of:
>
> Internet -- TrendMicro Interscan Viruswall -- SQUID -- Users
>
> SQUID should always connect through the Viruswall and never direct to the
> internet. If I put in port 85 to the safe_port
Hello Marc,
I don´t know if this is really what I want... because of:
Internet -- TrendMicro Interscan Viruswall -- SQUID -- Users
SQUID should always connect through the Viruswall and never direct to the
internet. If I put in port 85 to the safe_ports, will SQUID bypass the
virusprotection?
Hello List,
my problem ist to get user authenticated against a AD.
Versions:Samba-2.2.5
squid-2.5.STABLE1
what i did:
configure samba --
--with-fhs \
--with-quotas \
--with-msdfs \
--with-smbmoun
Cliff Barnes wrote:
>
> Hi List!
>
> This is my first posting to the list and I hope, I don´t ask something that
> is asked and answered many times before...
>
> On this URL:
>
> http://www3.renault-agriculture.com:85/scripts/wgate/zw20/!?~login=EINTICS&~
> language=DE
>
> I get the "Access
"Cliff Barnes" <[EMAIL PROTECTED]> writes:
> I guess it´s because the ":85", but I don´t know... please help me!
Add port 85 to the Safe_ports acl in squid.conf.
--
Never argue with a fool in public. People might not see the difference.
According to people who knows these things a lot better than me (I have
only seen W2K AD for about 5 minutes.. never installed it) the NTLM
support is separate from mixed/native mode, and you select if the AD
domain is to support NTLM when you first create the directory.
NTLM is required for mixed
zulkarnain wrote:
>
> Yes, I got the purge tool now :)
> what modification I should made ?
I don't know if it can select by size, if not you need to modify it to
have this as a selection criteria.
Regards
Henrik
Hi List!
This is my first posting to the list and I hope, I don´t ask something that
is asked and answered many times before...
On this URL:
http://www3.renault-agriculture.com:85/scripts/wgate/zw20/!?~login=EINTICS&~
language=DE
I get the "Access Denied" message from SQUID.
My configuration:
I don't know if this would simplify my problem. Does anyone know how to push
prompt to browser in some occassion? like if they are accessing a site not
in cache, prompt them and only get that page directly if they want?
Hi Hendrik.
I use squid 2.5, and after some period of figuring out
how to set it up correctly and efficiently, I am totally
satisfied with it. Well, it can be improved (*anything*
can be improved), but it is already impressive.
I just must say this: Squid is a fantastic piece of work.
Thank you
46 matches
Mail list logo