hello:
I have a working config for an https accel setup, but I have hit a big
problem. I have looked over the lists and have not found how other
people deal with this.
I work with Thawte.com to get other certs for other https (apache)
servers, and they have told me they do not accept PEM
Hi folks,
I checked the faq again, together with more goggling and the
quickstart, and I am still unable to SSL thru my squid using parents.
Let me paste the part of my configuration that matters (Please, let me
know if more information is needed):
squid.conf
On Tue, 26 Aug 2003, Norman Zhang wrote:
Hi,
I have done some googling on the list archive as well reading FAQ 7.4. The
list archives seem to indicate streaming through Squid work, but FAQ 7.4
says it's possible. So far I haven't been able to get streaming to work
through Squid. Would
On Tuesday 26 August 2003 13.56, Alexandre wrote:
hi Henrik,
My users have no problems with it.
but my chache.log is too big now ...
think about 15 lines peer second in one proxy, but i have 4
machines ... waiting ...
Then I would suggest adding a small filter making Squid not log this
On Wednesday 27 August 2003 01.18, Emannuel Silva wrote:
http_access allow all
never_direct all
the above is not correct syntax for never_direct..
what you want is
never_direct allow all
as told in the Squid FAQ.
Regards
Henrik
Sorry, Had only a power nap today. Its written never_direct allow all
in my file, I did the mistake when I pasted it in here. Everything seens
OK, I just dont get why its still bypassing my parent proxy!
On Wed, 27 Aug 2003 02:12:57 +0200, Henrik Nordstrom
[EMAIL PROTECTED] said:
On Wednesday
On Wednesday 27 August 2003 02.33, Emannuel Silva wrote:
Sorry, Had only a power nap today. Its written never_direct allow
all in my file, I did the mistake when I pasted it in here.
Everything seens OK, I just dont get why its still bypassing my
parent proxy!
I would suggest you try again..
Hi,
I have done some googling on the list archive as well reading FAQ
7.4. The list archives seem to indicate streaming through Squid
work, but FAQ 7.4 says it's possible. So far I haven't been able to
get streaming to work through Squid. Would someone kindly tell me
if this is possible with
Dear sir/madam
I am a software programmer and website administrator working in one of the
biggest websites in China. The page view of my company's website is top 10
in china and top 150 in the world. Therefore, I want to use the squid as a
reverse proxy server to reduce the load of the
Hello,
I am using squid 3.0 PRE3 as a reverse proxy to secure connections :
client --- HTTPS --- SQUID --- HTTP --- Web Server
I want to accept connections depending on client certificate validation.
The client certificate is signed by my own CA and CA certificate is
distributed as necessary.
This mail is probably spam. The original message has been attached
along with this report, so you can recognize or block similar unwanted
mail in future. See http://spamassassin.org/tag/ for more details.
Content preview: Alit You do not describe your hardware/network setup.
Might be that
Hello! I'm quite new here.
Would it be possible for me to have squid and a firewall on the same server? I'm
concerned about security and also on budget.
Thanks in advance.
Fritz Mesedilla
---
+ Basta Ikaw Lord
--
This email
thanks Henrik
downloaded the latest snapshot of stable and the patch worked fine.
On Tue, 26 Aug 2003 09:17:26 +0200
Henrik Nordstrom [EMAIL PROTECTED] wrote:
On Tuesday 26 August 2003 05.55, John Habermann wrote:
Thanks for the link Henrik. I have downloaded the patch and applied
it
hi !
I am new to squid and using squid-2.3.STABLE4-1 rpm as proxy server for my
LAN. I am implementing delay_pools to limit bandwidth of some hosts in LAN
which are found to consume lot of bandwidths.
I have read in FAQ that the squid need to be re-compiled. Plese help me
how it is to be done.
Suryaman Maharjan wrote:
hi !
I am new to squid and using squid-2.3.STABLE4-1 rpm as proxy server for my
LAN. I am implementing delay_pools to limit bandwidth of some hosts in LAN
which are found to consume lot of bandwidths.
I have read in FAQ that the squid need to be re-compiled. Plese
Fritz Mesedilla wrote:
Hello! I'm quite new here.
Would it be possible for me to have squid and a firewall on the same server? I'm
concerned about security and also on budget.
Theoretically, there is no problem.
But I would advise agains it, also because of spurious port usage
of
alit alit wrote:
Dear sir/madam
I am a software programmer and website administrator working in one of the
biggest websites in China. The page view of my company's website is top 10
in china and top 150 in the world. Therefore, I want to use the squid as a
reverse proxy server to
Hi
I need a solution which allows Squid to authenticate a user against Novell
eDirectory, without re-prompting for the user's login/password.
So the user fires up their PC, supplies their Novell client login/password
which get authenticated, giving them their LAN access. I would like them
then
I'm doing this on my home LAN but purely because I don't have the cash
(pun?) to have seperate computers for the firewall and cache. Still,
there's nothing stopping you having a firewall in more than one place so you
could run Squid from the DMZ but still have the squid box running it's own
Try
./smb_auth -W domain -U pdc -d
pdc = Primary Domain Controller
Mit freundlichem Gruß / regards
Werner Rost
GM-FIR - Netzwerk
ZF Boge Elastmetall GmbH
Friesdorfer Str. 175
53175 Bonn
Tel. +49 228 38 25 - 420
Fax +49 228 38 25 - 398
mailto:[EMAIL PROTECTED]
www.zf.com/boge-elastmetall
Instruct Squid to Run Only On Internal IP, Disbale ICP and all other NOT
Used Squid Stuff.
Ciao
Graziano Sommariva
phone: +39-010-658.3921
fax: +39-010-658.5.3921
mobile: +39-348-8558742
mailto: [EMAIL PROTECTED]
Network Manager
TLC - Telecomunicazioni
SSC - Service Unit Servizi Continuativi
On Wednesday 27 August 2003 05.12, [EMAIL PROTECTED] wrote:
The configuration is good without client certificate ACL.
But connections always fail when I activate the user_cert ACL. I
guess I don't use the right syntax.
The help in squid.conf is not detailed enough for me :
# acl
Thanks Chris! I'll be testing this setup now.
Fritz Mesedilla
---
+ Basta Ikaw Lord
-Original Message-
From: Chris Wilcox [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2003 3:26 PM
To: [EMAIL PROTECTED]
Subject: Re: [squid-users] firewall and squid
I'm doing this on
Thank you for the suggestion. I'll check that out.
Fritz Mesedilla
---
+ Basta Ikaw Lord
-Original Message-
From: Sommariva Graziano [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2003 3:36 PM
To: 'Chris Wilcox'; [EMAIL PROTECTED]
Subject: RE: [squid-users] firewall and
On Wednesday 27 August 2003 07.09, Suryaman Maharjan wrote:
hi !
I am new to squid and using squid-2.3.STABLE4-1 rpm as proxy server
for my LAN. I am implementing delay_pools to limit bandwidth of
some hosts in LAN which are found to consume lot of bandwidths.
I have read in FAQ that the
On Wednesday 27 August 2003 06.45, Fritz Mesedilla wrote:
Hello! I'm quite new here.
Would it be possible for me to have squid and a firewall on the
same server?
Yes.
I'm concerned about security and also on budget.
Recommendations: Make sure the firewall protects itself and does not
On Wednesday 27 August 2003 09.10, [EMAIL PROTECTED]
wrote:
I need a solution which allows Squid to authenticate a user against
Novell eDirectory, without re-prompting for the user's
login/password.
Then you need to find some method whereby your Squid server can look
up the username without
Thanks Henrik! I'll take note of that.
Fritz Mesedilla
---
+ Basta Ikaw Lord
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2003 4:16 PM
To: Fritz Mesedilla; [EMAIL PROTECTED]
Subject: Re: [squid-users] firewall and squid
On
Hi,
Does squid support proactive refresment? When there is a request and the
object is stale, the cache will fetch the object from the server. However,
the response time experienced by user will be slower. In Proactive
refreshment, the cache will update the stale objects without being triggered
Hi all,
what is the -S switch for smb_auth for? how do I use it? can I set the path
for the smb_auth to look the proxyauth file from server?
Given that my path to proxyauth file is //NT4DOM/NETLOGON/proxyauth. How do
I set the path for smb_auth
-Patrick
On Wednesday 27 August 2003 04.15, alit alit wrote:
But when I use the squid , I found that the squid is very slow !!
It is slower even then using apache directly. So I want to know if
the squid just can use in the small website? And it can't support
more then 1500 connections at the same
I keep getting this error:
/usr/local/squid/sbin/squid -f /usr/local/squid/etc/squid.conf -z
2003/08/27 17:07:59| Squid is not safe to run as root! If you must
2003/08/27 17:07:59| start Squid as root, then you must configure
2003/08/27 17:07:59| it to run as a non-priveledged user with the
On Thursday 28 August 2003 01.41, Hendy Harsono wrote:
Hi,
Does squid support proactive refresment?
No.
What probably will be supported in a later Squid version is relaxed
refreshes where Squid will give a slightly old object to some clients
while refreshing cached objects. This will
Fritz Mesedilla wrote:
I keep getting this error:
/usr/local/squid/sbin/squid -f /usr/local/squid/etc/squid.conf -z
2003/08/27 17:07:59| Squid is not safe to run as root! If you must
2003/08/27 17:07:59| start Squid as root, then you must configure
2003/08/27 17:07:59| it to run as a
On Wednesday 27 August 2003 10.59, Fritz Mesedilla wrote:
I have set
cache_effective_user squid
cache_effective_group squid
How are this user and group defined in your system?
Regards
Henrik
--
Donations welcome if you consider my Free Squid support helpful.
I'm sorry but I just gave it a few minutes rest then started squid and now it works
well.
I tested it on a browser already.
I dunno what really happened but it just started to work.
Thanks for all the help folks!
Fritz Mesedilla
---
+ Basta Ikaw Lord
-Original Message-
From: Henrik
Hi Fritz,
I believe that it would be much depending on how is your network configured.
You don't really need a firewall application running in the same machine as
your http cache if you have a dedicated firewall protecting your network :
better to re-fine tune that firewall instead of giving an
Henrik Nordstrom wrote:
Does squid support proactive refresment?
What probably will be supported in a later Squid version is relaxed
refreshes
I like that approach, and it sure makes sense. As of now how does Squid
handle concurrent requests for the same resource? This is a common
scenario
Hello Anthony!
Thank you for the help.
I was able to successfully install and run Squid.
Thank you to all the help I got from this group!
Yes I didn't install any DNS on my server.
Now for the firewall... I am still thinking whether to do it the hard way (a friend of
mine lent me a book in
Hi,
I patched squid-2.5.3 with the collapsed_forwarding-2_5.patch from Hendrik
Nordstrom. Now I have some behaviour I don't understand. I have set up the
patched Squid as a reverse proxy (127.0.0.1:80) and turned on
collapsed_forwarding in the squid configuration file. The website(127.0.0.1:81)
I need a solution which allows Squid to authenticate a user
against Novell eDirectory, without re-prompting for the user's
login/password.
Not currently possible in Squid, and probably not easy to implement.
You could consider getting Novell's SecureLogin product.
Adam
hi there,
I just subscribed to the list.. My GRAND question is :
Can I mark HIT packets so that later I can shape this traffic with another machine. ??
i.e.
internet squid qos --- users
I had searched alot on Google, even posted similar question trought groups.google.com
w/o
Hello all
Sorry about my english
When I install squid with LDAP this error apper:
squid_ldap_auth.c:53: lber.h: No such file or directory
squid_ldap_auth.c:54: ldap.h: No such file or directory
I install openLDAP22 for libraries.
I need authenticate users on an external LDAP server with
When attempting to visit a site that contains web-based email, I am getting
the following entries in the log files:
CACHE.LOG-
-
2003/08/27 10:27:10| parseHttpRequest: Unsupported method 'SUBSCRIBE'
Hy,
When I connect myself on ftp://ftp.pcsoft.fr I have this message in the
navigator :
Squid sent following order ftp: PASS yourpasswordet received in
answer Password not accepted.
And in my cache.log i have : Timeout: timeout in SENT_PASV state
My squid is : Squid2.5Stable3 with the patch :
What messages do you get if you type the following in at your Cisco router
while browser traffic is crossing it?
Term mon
Debug ip icmp
-Original Message-
From: Kuba Leszewski [mailto:[EMAIL PROTECTED]
Sent: 27 August 2003 16:02
To:
Subject: [squid-users] cisco wccp problem
Hi all,
After upgrading my RH9 kernel via up2date, Squid can be seen running at
really high CPU usage even with a single user accessing simple web pages.
CPU usage (taken from 'top') can easily hit and go above 40% which makes the
rest of the system crawl to a snails pace with the cursor
Henrik:
Again thanks for the help.
I went through the apache mod_ssl directions to the letter, and still
having trouble.
here are the commands they refer to.
openssl genrsa -des3 -out www.virtualhost.com.key 1024
openssl req -new -key www.virtualhost.com.key -out
www.virtualhost.com.csr
On Wed, 27 Aug 2003, Jonathan Giles wrote:
Henrik:
Again thanks for the help.
I went through the apache mod_ssl directions to the letter, and still
having trouble.
here are the commands they refer to.
openssl genrsa -des3 -out www.virtualhost.com.key 1024
If you use encrypted RSA
On Wed, 27 Aug 2003, ads squid wrote:
2003/08/27 14:05:38| parseConfigFile: line 256
unrecognized: 'delay_access 1 allow tech'
squid -k parse does not give any error.
Then I think you are running two different Squid binaries..
REgards
Henrik
On Wed, 27 Aug 2003, raptor wrote:
Can I mark HIT packets so that later I can shape this traffic with
another machine. ?? i.e.
With some small amount of coding yes.
Regards
Henrik
On Wed, 27 Aug 2003, Guillermo Ettlin wrote:
Hello all
Sorry about my english
When I install squid with LDAP this error apper:
squid_ldap_auth.c:53: lber.h: No such file or directory
squid_ldap_auth.c:54: ldap.h: No such file or directory
You need to have OpenLDAP development headers
On Wed, 27 Aug 2003, Brad Holman wrote:
When attempting to visit a site that contains web-based email, I am getting
the following entries in the log files:
CACHE.LOG-
-
2003/08/27 10:27:10|
On Wed, 27 Aug 2003, ROUTIER Gilles wrote:
Hy,
When I connect myself on ftp://ftp.pcsoft.fr I have this message in the
navigator :
Squid sent following order ftp: PASS yourpasswordet received in
answer Password not accepted.
Correct. This FTP server does not allow anonymous FTP.
And
[sorry, accidently sent the mail while typing..]
On Wed, 27 Aug 2003, Henrik Nordstrom wrote:
On Wed, 27 Aug 2003, ROUTIER Gilles wrote:
Hy,
When I connect myself on ftp://ftp.pcsoft.fr I have this message in the
navigator :
Squid sent following order ftp: PASS yourpasswordet
Thanks. Got it.
So I would start by hand with -N,
put in my passphrase,
suspend it with a cntrl z,
then bg it?
I just tried this and it works.
Thanks again for the help.
jg
On Wednesday, August 27, 2003, at 12:58 PM, Henrik Nordstrom wrote:
On Wed, 27 Aug 2003, Jonathan Giles wrote:
Henrik:
I am currently using Squid Cache version 2.4.STABLE7 - is there a list
online of what methods are supported in which version of squid?
Brad
Technical Support
S4F, Inc.
918.524.1010
[EMAIL PROTECTED]
** We are proud to introduce the S4F FilterCube hardware filtering solution.
Call our sales dept.
is your squid box behind a firewall and it's beign natted?
- Original Message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Henrik Nordstrom [EMAIL PROTECTED]
Cc: ROUTIER Gilles [EMAIL PROTECTED]; Squid User
[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2003 1:09 PM
Subject: Re:
On Wednesday 27 August 2003 19.13, Jonathan Giles wrote:
Thanks. Got it.
So I would start by hand with -N,
put in my passphrase,
suspend it with a cntrl z,
then bg it?
Or use a unencrypted key where no passphrase is needed.
Regards
Henrik
On Wednesday 27 August 2003 19.54, Brad Holman wrote:
I am currently using Squid Cache version 2.4.STABLE7 - is there a
list online of what methods are supported in which version of
squid?
The source includes a list.
Additional methods can be added in squid.conf.
Regards
Henrik
Hi,
The default configuration file included in the
distribution permits HTTP connections to any port
greater than 1024 (see acl Safe_ports).
You are correct - my mistake.
To Norman: Does the firewall allow Squid to connect to port 8080 on
remote servers? If not, try allowing that
61 matches
Mail list logo