Hi Emilio,
This is my outbound squid config located on my firewall - which is the last
squid in the chain configured as follows utilizing header_access filtering,
#
# header filtering
header_access Allow allow all
header_access Authorization allow a
ok, i've done make install in the /helpers/basic_auth/NCSA.
do i go to squid.conf and edit some of the parameters?
thanks.
> On Sat, 13 Dec 2003, Simon Walters wrote:
>
>> I am very new to squid, and I was following the instructions in a
>> manual to make squid ask for a username/password. It s
On Sat, 13 Dec 2003, Simon Walters wrote:
> I am very new to squid, and I was following the instructions in a manual
> to make squid ask for a username/password. It said squid came with a
> programme called ncsa_auth, but when I looked for it, I couldn't find it
> anywhere. I did a locate, but it
On Sat, 13 Dec 2003, Simon Walters wrote:
> I am very new to squid, and I was following the instructions in
>a manual to make squid ask for a username/password. It said squid
>came with a programme called ncsa_auth, but when I looked for it,
>I couldn't find it anywhere. I did a locate, but it
I am very new to squid, and I was following the instructions in a manual to make squid
ask for a username/password. It said squid came with a programme called ncsa_auth, but
when I looked for it, I couldn't find it anywhere. I did a locate, but it could only
find two files in the source folder.
On Fri, 12 Dec 2003, Linuxero Tux wrote:
> Besides memtest86, what other hardware test tools do you recommend for CPU,
> hard disks, network interfaces, etc.?
Stressing the disks with bonie++ and other benchmark tools etc.
> I'm using Suse Linux 7.2. Do I need to update it or there are any patc
On Fri, 12 Dec 2003 [EMAIL PROTECTED] wrote:
> I checked the systems that were affected and they were already up to date
> with the lastest, according to windows update. Any other ideas?
Not really, other than if there is no traffic to the proxy then the
browser is almost certainly broken.. but i
> Every 3 weeks, more or less, the server crashes and even the console
doesn't
> respond. I have no choice but to reboot it manually.
This is either a hardware or kernel problem, almost certainly not a Squid
problem.
I hadn't thought it. Maybe you're right, because I never did hardware tests.
I
On Fri, 12 Dec 2003, Emilio Casbas wrote:
> Here, in our third level of proxys fail. with forwarded_for off appear
> the ips of clients instead the string unknown
Then forwarded_for is enabled.
One thing you can do if making sure forwarded_for is off on all child
caches is to use http_header_a
I checked the systems that were affected and they were already up to date
with the lastest, according to windows update. Any other ideas?
Austin Wolfe
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 1:34 PM
To: [EMAIL PROTECTED]
Cc: [EMA
On Fri, 12 Dec 2003, Mike McCall wrote:
> Thanks Duane. Unfortunately, my domains list is HUGE (~600,000 domains) and
> the cache already runs at 50-95% CPU during the day, most of which I assume
> is due to the huge domains list. If I were to lose the dstdomain ACL and
> only use url_regex, wou
On Fri, 12 Dec 2003, Linuxero Tux wrote:
> Every 3 weeks, more or less, the server crashes and even the console doesn't
> respond. I have no choice but to reboot it manually.
This is either a hardware or kernel problem, almost certainly not a Squid
problem.
I would recommend testing the server
On Fri, 12 Dec 2003, Jim Greene wrote:
> Type in http://10.0.0.1:3128/www.yahoo.com in my browser. I need to be able
> to access a site like that because of some software we will be using that
> does not have a proxy setting.
> That gives me an error about not being able to bring up /www.yahoo.com
On Fri, 12 Dec 2003 [EMAIL PROTECTED] wrote:
> > access the proxy. If they shut down IE and try again, it will function
> > until the next deny. I have had them try to access the proxy without using
> > wpad.dat and they still get the same issue. I have another proxy that does
> > not require auth
On Fri, 12 Dec 2003, Frank Fegert wrote:
> Though i'm not a C wizard, i had a look at squid_ldap_auth.c,
> but couldn't find any character escaping and/or UTF8 conversion.
> Hence the question, is the character escaping and/or UTF8
> conversion done in the OpenLDAP functions/libraries, or has
>
On Fri, 2003-12-12 at 12:47, Emilio Casbas wrote:
> Duane Wessels wrote:
> >On Fri, 12 Dec 2003, Emilio Casbas wrote:
> >>Duane Wessels wrote:
> >>>Here is how X-Forwarded-For works:
> >>>
> >>>Each proxy in the hierarchy is going to append something to the
> >>>X-Forwarded-For header. If 'forwa
Hi Austin!
I check my access.log files like you recommend it and I found that the
largest is 350 MB size. Hopefully the squid rotate the logs daily and don't
become bigger.
When my system crashes, the screen turns black, the keyboard doesn't respond
and the HDD led is off. I can't login or use
Duane Wessels wrote:
On Fri, 12 Dec 2003, Emilio Casbas wrote:
Duane Wessels wrote:
Here is how X-Forwarded-For works:
Each proxy in the hierarchy is going to append something to the
X-Forwarded-For header. If 'forwarded_for' is on, then Squid appends
the client's IP address.
Y
See squid.conf or the FAQ.
Regards
Henrik
On Fri, 12 Dec 2003, Emilio Casbas wrote:
> Hi,
> In one jerarquia of 3 levels of proxy-cache, we have configured so that
> the first level shows ips of the clients (forwarded on) and works well,
> and in proxis-cache of third-level of exit (forwarded
On Fri, 12 Dec 2003, babar haq wrote:
> but df max shows my /cache to 3002100 it never grows beyond this
And what filesystem are you using? If reiserfs or another filesystem
dealing well with small files then Squid may think it is using slightly
more than it actually ius..
Regards
Henrik
On Fri, 12 Dec 2003, babar haq wrote:
> this is my cache_dir line in squid.conf
> cache_dir ufs /cache 3500 16 256
>
> but df max shows my /cache to 3002100 it never grows beyond this
What have you set as cache_swap_low/high?
Regards
Henrik
> Thanks Duane. Unfortunately, my domains list is HUGE (~600,000 domains) and
> the cache already runs at 50-95% CPU during the day, most of which I assume
> is due to the huge domains list. If I were to lose the dstdomain ACL and
> only use url_regex, would performance stay where it is? Sadly,
On Fri, 12 Dec 2003, Victor Souza Menezes wrote:
> squid_ldap_auth: WARNING, could not bind to binddn 'Invalid credentials'
The -D either does not give a correct DN of the user you want Squid to log
in as while performing the searches, or the -w password is wrong.
Regards
Henrik
On Fri, 12 Dec 2003, Emilio Casbas wrote:
>
> Duane Wessels wrote:
>
> >
> >Here is how X-Forwarded-For works:
> >
> >Each proxy in the hierarchy is going to append something to the
> >X-Forwarded-For header. If 'forwarded_for' is on, then Squid appends
> >the client's IP address.
> >
> Yes,
> On Fri, 12 Dec 2003, Mike McCall wrote:
>
> > All,
> >
> > I have a fairly busy cache using native squid ACLs to block
> access to
> > certain sites using the dstdomain ACL type. This is fine
> for denying
> > access to sites like www.playboy.com, but doesn't work when
> people use
> > go
Duane Wessels wrote:
Here is how X-Forwarded-For works:
Each proxy in the hierarchy is going to append something to the
X-Forwarded-For header. If 'forwarded_for' is on, then Squid appends
the client's IP address.
Yes, it works in our first level of proxys.
If it is off, then Squid appends th
Hi everybody!
I have this problem with the office's proxy server:
Every 3 weeks, more or less, the server crashes and even the console doesn't
respond. I have no choice but to reboot it manually.
I set up the syslog service to log all the important system messages, at
least is what I believe =
On Fri, 12 Dec 2003, Emilio Casbas wrote:
> Hi,
> In one jerarquia of 3 levels of proxy-cache, we have configured so that
> the first level shows ips of the clients (forwarded on) and works well,
> and in proxis-cache of third-level of exit (forwarded off), but here is
> where it does not work
On Fri, 12 Dec 2003, Jim Greene wrote:
> Hello,
> I am attempting to do the following:
> Type in http://10.0.0.1:3128/www.yahoo.com in my browser. I need to be able
> to access a site like that because of some software we will be using that
> does not have a proxy setting.
> That gives me a
On Fri, 12 Dec 2003, Mike McCall wrote:
> All,
>
> I have a fairly busy cache using native squid ACLs to block access to
> certain sites using the dstdomain ACL type. This is fine for denying access
> to sites like www.playboy.com, but doesn't work when people use google's
> cache of pages and
All,
I have a fairly busy cache using native squid ACLs to block access to
certain sites using the dstdomain ACL type. This is fine for denying access
to sites like www.playboy.com, but doesn't work when people use google's
cache of pages and google images, since the domain becomes www.google.com
Hello,
I am attempting to do the following:
Type in http://10.0.0.1:3128/www.yahoo.com in my browser. I need to be able
to access a site like that because of some software we will be using that
does not have a proxy setting.
That gives me an error about not being able to bring up /www.yahoo.com
> -Original Message-
> From: Wolfe, Austin
> Sent: Friday, December 12, 2003 11:10 AM
> To: '[EMAIL PROTECTED]'
> Subject: Squid, NT Domains and non logged in systems
>
> Hello,
> I am running Squid version 2.5.STABLE2 on a linux Slackware version
> 9.1 server. It
Dear All
squid is very popular software
You people should invite for college and university
students to maintain squid site for you.
and they aslo can sponsor squid development.
or something at Govt level.
aslo there is very less information about support
contract at MARA System site . i shou
On Thu, 11 Dec 2003, Rami Jaamour wrote:
> #!/usr/bin/perl
> $|=1;
> while (<>) {
>
> [EMAIL PROTECTED]://soaptest.parasoft.com/[EMAIL
> PROTECTED]://soaptest.parasoft.com/glue/calculator-01.wsdl@;
>
> [EMAIL PROTECTED]://soaptest.parasoft.com/glue/[EMAIL
> PROTECTED]://soaptest.paraso
Hello all,
our squid (2.5stable3) is authenticating users via squid_ldap_auth
(with OpenLDAP 2.0.25) against our NDS.
If a password contains special characters (e.g.: §, \, ', ä, ö, ü,
EURO-sign, a, o, u with accent) the authentication fails. According
to a Novell TID the NDS seems to expect the p
Yes Indeed thats very good news ...
and feeling good seeing both gurus and Wessel and
Henrik replies these are really helpful and
informative.
and i want to request a author will he share sample
chapter from his book in electric form if possible :)
Wish Them GOOD luck in their future.
Thanks
Hi all!
I have found several month ago a website who has links of Proxys,
webmailer usw.
I have forgotten the website. Can nanybody help me?
Paul
Henrik, i know that i am annoying you with all these e-mails, but i couldn't
solve my problems with squid_ldap_auth. I followed your adivice and putted the
following line in squid.conf:
auth_param basic program /usr/lib/squid/squid_ldap_auth -p -R -b "dc=tre-pb,
dc=gov, dc=br" -D "cn=victor,cn=use
Hi,
In one jerarquia of 3 levels of proxy-cache, we have configured so that
the first level shows ips of the clients (forwarded on) and works well,
and in proxis-cache of third-level of exit (forwarded off), but here is
where it does not work and shows the following thing:
X-Forwarded-For: x.x.
>Hi all
>this is my cache_dir line in squid.conf
>cache_dir ufs /cache 3500 16 256
>but df max shows my /cache to 3002100 it never grows beyond this
>googling gave me an idea that i have to increase the ttl(time to live ).but i cant go
>to >the exact tag i am supposed to change in squid.conf
On Fri, 2003-12-12 at 17:58, Henrik Nordstrom wrote:
> Would a support contract work for you?
Let me second this.
If anyone here wants to contribute fiscally, but their company won't
allow a donation, buy something from one of the active developers - I
live in Sydney Australia, and support clie
Hi all
this is my cache_dir line in squid.conf
cache_dir ufs /cache 3500 16 256
but df max shows my /cache to 3002100 it never grows beyond this
googling gave me an idea that i have to increase the ttl(time to live ).but i cant go
to the exact tag i am supposed to change in squid.conf.
Hope som
Yeah I noticed that and tried limiting it to v1, however it get's the
same error on the squid side.
with 49 debug set to 9 the cache.log has this:
2003/12/12 03:46:09| snmpDecodePacket: Called.
2003/12/12 03:46:09| Failed SNMP agent query from : 192.168.252.82.
2003/12/12 03:46:10| snmpHandleUdp:
On Thu, 11 Dec 2003 [EMAIL PROTECTED] wrote:
> - my company doesn't let us send money or donations to the squid
> project (I've asked - I'd like to donate a Sun since that is what we
> use, but we can't donate).
Would a support contract work for you?
Squid support contracts via MARA Systems is
I noticed the post from DB earlier this week regarding the IE exploit,
and I became intrigued.
First off, which exploit are we talking about? Microsoft enumerates
them for reference, so I am confused which one this stops (or blocks).
Second, I'm very interested to know that an ACL can be created
Hello Henrik,
> > and thatswhy the kernel does NOT catch and decapsulate the incoming
> > packets before passing them to Squid when I turned on the wccp version
> > 2 on the router.
>
> Do you see the decapsulated packets anywhere?
This hint help a lot. Thanks tcpdump, iptables logging and this h
47 matches
Mail list logo
