OTR Comm wrote:
>
> Hello,
>
> This may seem like a dumb question, but...
>
> I have squid running with authentication and with squidGuard as a
> redirect program. All this is working okay. I have set some debugging
> hooks in the squidGuard code to watch operation and how squid and
> squidG
Hello Adam,
you wrote:
>>I am using ntlm_auth from samba-3.0.0 with squid 2.5.STABLE3.
>>And neither Win2k clients can authenticate, nor win98 ones.
>Then you likely have a problem with your Samba install. Did you run
>the wbinfo tests as specified in the Squid FAQ? If so, what was the
>output?
Hello,
This may seem like a dumb question, but...
I have squid running with authentication and with squidGuard as a
redirect program. All this is working okay. I have set some debugging
hooks in the squidGuard code to watch operation and how squid and
squidGuard interface.
My question is this,
Hi,
> acl ssread browser SSDOWNLOAD
> acl ssread browser SSREADER
> http_access allow ssread
My bad. After restarting squid with the above rules added, the application
did work.
Regards,
Norman
On Thu, 13 Nov 2003, zidan wrote:
> I am using squid 2.5. I would like all the rules that I configured in
> squid.conf (filtering, blocking sites,
> different modules, etc.) will also apply to SSL traffic.
>
> I want the SSL connection to terminate at the squid, so all the traffic
> will be inspe
On Thu, 13 Nov 2003 [EMAIL PROTECTED] wrote:
> is there a possibility for monitoring squid running on linux from a NT client?
Any HTTP monitoring program can be used.
Also any kind of system monitoring with a web interface is also suitable.
You can also call the cachemgr from any kind of statio
>>> I'm using Squid 2.5 Stable 4 with a rather basic config.
>>> Everything is working as it should, with the exception
>>> of one site (www.hcmuscle.com).
>> The site loaded fine for me - Squid 2.5 STABLE4, IE 5.5 SP2
>> on Win2k SP3. What client browser/OS are you using?
> IE 6, Windows 2K Pro.
>> Are you trying to allow certain sites to only certain
>> users, or allow certain users only certain sites?
> Allow certain sites to only certain users.
Then after you allow access to a group of sites for a specific group
of users, you'll want to immediately deny access to that group of
sites t
Hi,
At 20.07 13/11/2003, [EMAIL PROTECTED] wrote:
Hi folks,
is there a possibility for monitoring squid running on linux from a NT client?
Has someone any experiences with it? Which tools can you advice?
Are there some howtos available?
Two options:
Use cachemgr.cgi from Windows port of Squid a
> I want the SSL connection to terminate at the squid, so all
> the traffic will be inspected as regular HTTP traffic.
Only if Squid is being used in accelerator mode - the design of SSL
prevents it in any other setup.
Adam
> is there a possibility for monitoring squid running on
> linux from a NT client?
Monitoring Squid itself, or monitoring users accessing Squid?
You can use Cache Manager to monitor Squid itself from any client with
a web browser (so long as you provide access in squid.conf).
Adam
Hi,
I am using squid 2.5. I would like all the rules that I configured in
squid.conf (filtering, blocking sites,
different modules, etc.) will also apply to SSL traffic.
I want the SSL connection to terminate at the squid, so all the traffic
will be inspected as regular HTTP traffic.
is this pos
Hi folks,
is there a possibility for monitoring squid running on linux from a NT client?
Has someone any experiences with it? Which tools can you advice?
Are there some howtos available?
Thanks in advance!
Regards,
Tommy
Hansgrohe, Inc.
Information Service
1492 Bluegrass Lakes Parkway
Alpharetta,
Thanks a lot!
That was what I needed!
Regards,
Tommy
Hansgrohe, Inc.
Information Service
1492 Bluegrass Lakes Parkway
Alpharetta, GA 30004
phone (+001) 678 - 762 - 6994
Le Thu, 13 Nov 2003 11:53:12 -0500, [EMAIL PROTECTED] écrivait
:
> Hi there,
Hi,
> the startup of the system. But when I do chkconfig --list | grep squid
> nothing shows up! Does someone know what the problem can be?
You must specify two lines like this in your init script :
# chkconfig: 345 90
On Thu, 13 Nov 2003 [EMAIL PROTECTED] wrote:
> I have a problem with my squid start script in the /etc/init.d/
> I use squid-2.5STABLE3 source code on REDHAT 9. I modified a squid script, so that I
> can start squid by /etc/init.d/squid start
> and stop with /etc/init.d/squid stop. I want squid t
On Thu, 13 Nov 2003, Altrock, Jens wrote:
> I started squid manually as every time, but the ntlm_auth messages appear at
> the startup, right after
> the infos about squid starting, which I don't see (for they go up out of the
> screen because that
> ntlm_auth error appears about 10 times on the
Hi there,
I have a problem with my squid start script in the /etc/init.d/
I use squid-2.5STABLE3 source code on REDHAT 9. I modified a squid script, so that I
can start squid by /etc/init.d/squid start
and stop with /etc/init.d/squid stop. I want squid to start automatically at the
startup of th
Hi,
>>> Neither of the two requests shown in your log uses SSDOWNLOAD in the
>>> User-Agent.. The first is "Mozilla/4.0 (compatible; MSIE 6.0;
>>> Windows NT 5.1)", the second "SSREADER/3.7.0.0001"
>>
>> When I grep through access.log, I did see SSDOWNLOAD. Now I added
>> SSREADER too. Do I need a
> -Ursprüngliche Nachricht-
> Von: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
> Gesendet: Donnerstag, 13. November 2003 16:26
> An: Altrock, Jens
> Cc: 'Henrik Nordstrom'; '[EMAIL PROTECTED]'
> Betreff: Re: AW: AW: AW: AW: [squid-users] Group Authentication (NT4
> Domain)
>
>
> On Thu, 13
On Thu, 13 Nov 2003, Wei Keong wrote:
> However, what I am seeing is continuous stream of these kind of requests,
> to consecutive dest IPs, at about 10 req/s. I believe there is some kind
> of scanning going on...
>From where are you seeing these? From your own users or from other users
who sho
Well.I use squidguard as an external redirector program.
Thank you 4 your help.
Valter
Henrik Nordstrom wrote:
Please describe what method you use for detecting "prohibited address".
The error is most likely found there.
Regards
Henrik
On Thu, 13 Nov 2003, Valter Dal Bo wrote:
Hi all
Hi Adam,
You are right that it is a request for the root doc, and is normal to see
this type of request.
However, what I am seeing is continuous stream of these kind of requests,
to consecutive dest IPs, at about 10 req/s. I believe there is some kind
of scanning going on...
Rgds,
Wei Keong
O
On Thu, 13 Nov 2003, Altrock, Jens wrote:
> I can't even see the squid startup, I just see the last message, "aborted",
> before the above shown error comes...
And how are you starting Squid?
HAve you tried starting it manually like indicated earlier? If you do this
there is no way you do not s
Please describe what method you use for detecting "prohibited address".
The error is most likely found there.
Regards
Henrik
On Thu, 13 Nov 2003, Valter Dal Bo wrote:
> Hi all !
>
> I just find out a problem with my squid 2.4stable7 on Linux mandrake 9.0.
> When I click on the submit button af
The following:
utils/ntlm_auth.c: manage_squid_request(1042)
fgets() failed! dying. errno=0 (Erfolg)
This message appears about 10 times, and after that pressing enter results
in getting back to the
"command line" (however you call it though).
I can't even see the squid start
> We notice there is a surge in port 80 scanning through proxy
> servers in the past few days.
> Below is a sample of the scan request
That is just a request for the root of the document tree on the server
itself - it does not appear to be a request for a document on another
server. I see nothing
On Thu, 13 Nov 2003, Altrock, Jens wrote:
> same errors as before...
So what errors do you get? And where?
In one mail you say you don't get any errors but Squid is refusing to
start.
Regards
Henrik
On Thu, 13 Nov 2003, Galea Gilbert wrote:
> A basic question, let's assume a web site is cached by squid.
> The site is updated by the site maintainers.
> How will squid update it's old cached version?
Depends on how cache aware the web site was. If the web site did this
correctly in a planne
On Thu, 13 Nov 2003, Schelstraete Bart wrote:
> a) Do you really need to use winbind in order to use NTLM
> authentication? If I check the Squid FAQ, they are using the
> wb_ntlmauth. But I don't see any example with ntlmauth.
For good operation you need winbind.
There is a couple of other ntlm
Hi all !
I just find out a problem with my squid 2.4stable7 on Linux mandrake 9.0.
When I click on the submit button after filling in the fields in the page
http://www.sae.org/products/webcd/cddemo-dlrequest.htm
I get the following:
Method Not Allowed
The requested method POST is not allowed for t
Hi Alex,
There maybe another approach to allow people access to
your resticted IP resources. It is great for people on
Company networks behind proxy firewalls or ISP that
require them to use their proxies.
EZproxy
http://www.usefulutilities.com/
University Researchers who are located on our
On Thu, 13 Nov 2003, Altrock, Jens wrote:
> anyway, I dunno if it is needed, but do i need to configure pam when using
> nt4 domain
No. Only winbindd. You do not need either of PAM or NSS. These are only
needed if you want to make the OS use winbind for authentication of local
accounts, not fo
Galea Gilbert wrote:
>
> Hi all,
>
> A basic question, let's assume a web site is cached by squid.
> The site is updated by the site maintainers.
> How will squid update it's old cached version?
> Is there an ageing process?
>
> Best Regards,
> Gilbert
You need to update your basic knowledg
same errors as before...
anyway, I dunno if it is needed, but do i need to configure pam when using
nt4 domain
to authenticate? or do i need pam only in case of active directory? if so
that could be a
problem though too for i didn't yet configure pam
> -Ursprüngliche Nachricht-
> Von:
Hi all,
A basic question, let's assume a web site is cached by squid.
The site is updated by the site maintainers.
How will squid update it's old cached version?
Is there an ageing process?
Best Regards,
Gilbert
__
Gilbert Galea
I.S. Security Engineer
Engineer
our squid-setup:
at about 150 locations connecting to three parent squid intranet, =
interent
and extranet
we have at about 30 GB Traffic with 6-8 Mio Hits.
markus rietzler
Hello,
I'm just starting to use NTLM authentication with Squid and I have some
questions:
a) Do you really need to use winbind in order to use NTLM
authentication? If I check the Squid FAQ, they are using the
wb_ntlmauth. But I don't see any example
with ntlmauth.
b) If I tried:
Please file a bug report for this issue.
Regards
Henrik
On Thu, 13 Nov 2003, oleg wrote:
>
> hello.
> i'm facing strange situation.
> from the users' point of view squid works as normal, BUT
> in my cache.log i have the following
> ===
> 2003/11/13 09:16:
On Thu, 13 Nov 2003, melvin melvin wrote:
> Hi all,
>
> how do i setup squid authentication in a way that it ties with my Windows
> password? Is LDAP_auth able to do this?
LDAP is one way if you are using MS AD.
You can also use Samba winbind. See the Squid FAQ.
Regards
Henrik
You need to allow access to the site in http_access..
Regards
Henrik
On Thu, 13 Nov 2003 [EMAIL PROTECTED] wrote:
>
>
> my situation : an iis server with intranet on the internal
> network (10.10.10.7:80.)
>
> I am trying to disclose the intranet pages to the internet
> with ncsa authentic
But dynamic pages does not have any information at all wrt expiry. There
is nothing to override.
Date: now
Last Modified: unknown (now assumed by Squid).
Apply your refresh_pattern setting to this and I think you will see why
the page is not getting cached.
It should be noted that it is not gen
On Wed, 12 Nov 2003, Dave Hahn wrote:
> I'm using Squid 2.5 Stable 4 with a rather basic config. Everything is
> working as it should, with the exception of one site
> (www.hcmuscle.com). Connections that do not go through the server are
> able to receive the page without problems. As soon a
On Wed, 12 Nov 2003, Alex Collins wrote:
> 1) Could this session cookie based auth possibly work with squid. I'm
> 100% open to suggestions.
Session cookie auth schemes works with web sites, not general Internet
proxies. This is because cookies are connected to domains visited, not
proxy servers
On Wed, 12 Nov 2003, Norman Zhang wrote:
> > Neither of the two requests shown in your log uses SSDOWNLOAD in the
> > User-Agent.. The first is "Mozilla/4.0 (compatible; MSIE 6.0; Windows
> > NT 5.1)", the second "SSREADER/3.7.0.0001"
>
> When I grep through access.log, I did see SSDOWNLOAD. Now
On Thu, 13 Nov 2003 [EMAIL PROTECTED] wrote:
> > Have you made sure the ident lookup have completed?
>
> How can I do this?
By using the ident ACL in http_access.
Another question: Are you sure that the ident acl is what you are looking
for? This is not the correct ACL for proxy authentication
On Thu, 13 Nov 2003, Altrock, Jens wrote:
> The Squid log file is in the /usr/local/squid/var/logs/ directory, and squid
> has access to the whole
> /usr/local/squid/ directory. So it must have write permission...
Try starting Squid manually
/path/to/squid -DNYd3
this should give you all error
On Thu, 13 Nov 2003, Blomberg David wrote:
> acl webmail url_regex -i ^http://webmail\.domain\.com
>
> http_access deny webmail
>
> deny_info ERR_SEND_HTTPS webmail
Ah, now I remember.
I would recommend upgrading as later Squid-2.5 versions supports sending a
URL in deny_info. If not you will
On Thu, 13 Nov 2003, Blomberg David wrote:
> Squid-2.5.STABLE1-63
I would probably recommend upgrading. See
http://www.squid-cache.org/Versions/v2/2.5/bugs/
but my memory is a little short and I don't exacly remember what was
discussed..
Regards
Henrik
Hi All,
We notice there is a surge in port 80 scanning through proxy servers in
the past few days. As these requests come from many valid source ips to
random destination ips, it is quite impossible to deny based on ip.
Below is a sample of the scan request.
GET / HTTP/1.1
Accept: image/gif,
>
>
> Have you made sure the ident lookup have completed?
How can I do this?
>
> Regards
> Henrik
>
> On Wed, 12 Nov 2003 [EMAIL PROTECTED] wrote:
>
> > And why does it not work für me???
> >
> > Version 2.5.STABLE4
> >
> > Squid.conf:
> >
> >acl user_rost ident rost
> >
I've checked permissions now and set them again, I set all permissions on
/usr/local/squid for user squid/group squid
and tried again. Same error, and no cache.log file again (although squid has
read/write access to the
/usr/local/squid/var/logs directory...)
any more ideas/suggestions?
> -U
hello.
i'm facing strange situation.
from the users' point of view squid works as normal, BUT
in my cache.log i have the following
===
2003/11/13 09:16:08| Starting Squid Cache version 2.5.STABLE4 for i686-pc-linux-gnu...
2003/11/13 09:16:08| Process ID 2215
melvin melvin wrote:
>
> Hi all,
>
> how do i setup squid authentication in a way that it ties with my Windows
> password? Is LDAP_auth able to do this? I need to set up password policies
> but i believe that the best thing is to use the same password for squid and
> windows so that all the exi
Hi all,
how do i setup squid authentication in a way that it ties with my Windows
password? Is LDAP_auth able to do this? I need to set up password policies
but i believe that the best thing is to use the same password for squid and
windows so that all the existing policies for windows apply to
> -Ursprüngliche Nachricht-
> Von: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
> Gesendet: Mittwoch, 12. November 2003 23:42
> An: Altrock, Jens
> Cc: 'Adam Aube'; '[EMAIL PROTECTED]'
> Betreff: Re: AW: [squid-users] Group Authentication (NT4 Domain)
>
>
> On Wed, 12 Nov 2003, Altrock, J
56 matches
Mail list logo
