i have a problem making WCCP (squid and cisco 2500) work with the Total Control
(56kbps) modem pool. though i am not pretty sure if this has something to do with my
squid compilation with GRE, or with Cisco's WCCP and TC.
transparency works fine on 33.6kbps TC, but on 56kbps TC does not.
On Mon, 5 Jan 2004 [EMAIL PROTECTED] wrote:
Henrik, do you know how I can use squid for multiple domain? I change my
squid.conf into (remove the ou):
auth_param basic program /usr/lib/squid/squid_ldap_auth -b o=vpop -h
localhost
See the search mode of the helper (-f argument).
Regards
Hello, [EMAIL PROTECTED]
I have Samba as a Primary Domain Controller of my network and squid.
Now I have the working basic authentication in the domain and now try to
work with NTLM authentication.
Run the /usr/local/libexec/ntlm_auth -d ACC\\UNIX and we can see:
On Mon, 5 Jan 2004, Andrew Nelson wrote:
I have a squid cache that makes people authenticate... I'd like to set up
PHP page that displays some information about the person logged in
based on the username they are using..
Then you need to forward the login information to your PHP page. The
On Mon, 5 Jan 2004, Andrew Nelson wrote:
I'm sure you know about authenticate_ttl and all about the way squid
caches auth detail so it doesn't have to keep bothering the client...
This has nothing at all to do with the client.
What this controls is how often Squid will ask the authentication
On Sun, 4 Jan 2004, Antonio Manfreda wrote:
Could not Activate TLS connection
Is this a bug? Or maybe am I missing something in Squid or OpenLDAP?
It is a bug. A fix will be available later today.
Regards
Henrik
Hello there,
is there a possibility of caching Cookies with Squid as well? I have some
sites I would like reach from my internal LAN without entering usernames or
passwords, but instead store them in the proxy itself.
Is this possible with Squid or any other tool?
Thanks
Florian
Hi all
i have installed latest fedora+ip+wccp patch to kernel
and patched to squid
installation went well
and i tested with one PC transparent cache, working fine
when i want to wccp based from ciso router
iam not able to see the hits are going from squid
here are the my report of all
any
On Mon, 5 Jan 2004, Henrik Nordstrom wrote:
On Sun, 4 Jan 2004, Antonio Manfreda wrote:
Could not Activate TLS connection
Is this a bug? Or maybe am I missing something in Squid or OpenLDAP?
It is a bug. A fix will be available later today.
Patch available in bug report #887 and
Serassio Guido wrote:
Hi Stefaan,
At 09.00 31/12/2003, Stefaan Van Dooren wrote:
Henrik Nordstrom wrote:
On Tue, 30 Dec 2003, Stefaan Van Dooren wrote:
Some of you may remeber that I had problems accesing a certain site
with SquidNT.
Yes, and that problem has been identified to
On Mon, 5 Jan 2004, [Windows-1251] Çàéêîâ Ñ.Ã. wrote:
ntlm-auth[453](ntlm_auth.c:290): ntlm authenticator. Got 'TT TlRMTVNTUAACAwA
DACgAAACCgkEATh/qICp5cswAAEFDQw==' from Squid
ntlm-auth[453](ntlm_auth.c:440): sending 'BH Helper detected protocol error'
Hi Henrik,
thanks for your time..
I'm sure you know about authenticate_ttl and all about the way squid
caches auth detail so it doesn't have to keep bothering the client...
This has nothing at all to do with the client.
By client, I meant browser - and it does!
What this controls is how
Hi all,
I've some beginers questions about log and log formats, which should have been
already posted a lot of times on this list...
I use the squid delivered with SuSE Linux 8.1.
The time format in the log is in a system timestamp format by default.
How could I change this?
I remember in an
On Mon, 5 Jan 2004, Florian Effenberger wrote:
is there a possibility of caching Cookies with Squid as well? I have some
sites I would like reach from my internal LAN without entering usernames or
passwords, but instead store them in the proxy itself.
Not without changing the code.
Is this
On Mon, 5 Jan 2004, hare ram wrote:
i have installed latest fedora+ip+wccp patch to kernel
and patched to squid
installation went well
have you loaded the ip_wccp module?
And is the kernel patch you are using the WCCPv2 patch, or is it the
WCCPv1 patch? The two protocols requires different
On Mon, 5 Jan 2004, Andrew Nelson wrote:
I'm sure you know about authenticate_ttl and all about the way squid
caches auth detail so it doesn't have to keep bothering the client...
This has nothing at all to do with the client.
By client, I meant browser - and it does!
So do I.
On Mon, 5 Jan 2004, Jean-Michel Bonnefond wrote:
Hi all,
I've some beginers questions about log and log formats, which should have been
already posted a lot of times on this list...
It has, and is in the Squid FAQ.
The time format in the log is in a system timestamp format by default.
Hello Henrik,
and thanks for your quick reply!
The change is quite trivial, just search for HDR_SET_COOKIE
and you will find it.
I guess you mean
/* remove Set-Cookie if a hit */
if (is_hit)
httpHeaderDelById(hdr, HDR_SET_COOKIE);
in src/client_side.c?
If I remove it, I
According to show ip wccp web-cache WCCP works fine (Total Packets Redirected 56880)
Do you set next parameters in squid.conf ?
httpd_accel_host virtual
httpd_accel_port 0
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Hi all
i have installed latest fedora+ip+wccp patch to kernel
Hi,
your setup and the debug information look fine. The router talks to the
squid which means wccp is working.
Try to find out with tcpdump if the squid gets the requests, caches the
content and tries deliver it.
If not check the setup of the squid.
If yes, note that the wccp redirect works
Hi,
I'd like to use Linux+squid for transparent proxy-cache.
For easy administration I see that exists a webmin plugin for
squid.
What I'd like to know is what Linux distribution should be
more effective to meet the functional system requirements.
Read the info regarding the setup of a
Hello List
we have been having these messages in cache logs for last 2 days.
2004/01/06 03:20:41| WARNING: Forwarding loop detected for:
GET /testrun/index.html HTTP/1.0
Authorization: Basic Z2V0OmdldA==
User-Agent: curl/7.10.7 (i386-portbld-freebsd4.9) libcurl/7.10.7
OpenSSL/0.9.7c
ipv6
Hi All
First I want to thank you. With your help I put a Squid box working just
fine.
But i'm missing something.
Let me tell you what's going on.
I put SquidGuard with squid. SquidGuard is blocking some sites and
replacing some banners, I tell squiGuard to redirect to
On Mon, 5 Jan 2004, Florian Effenberger wrote:
I guess you mean
/* remove Set-Cookie if a hit */
if (is_hit)
httpHeaderDelById(hdr, HDR_SET_COOKIE);
in src/client_side.c?
If I remove it, I assume all cookies will be cached, right?
Yes.
Is there any way to only let
On Mon, 5 Jan 2004, Elton S. Fenner wrote:
Hi All
First I want to thank you. With your help I put a Squid box working just
fine.
But i'm missing something.
Let me tell you what's going on.
I put SquidGuard with squid. SquidGuard is blocking some sites and
replacing some banners, I
On Mon, 5 Jan 2004, Mahmood Ahmed wrote:
Hello List
we have been having these messages in cache logs for last 2 days.
2004/01/06 03:20:41| WARNING: Forwarding loop detected for:
GET /testrun/index.html HTTP/1.0
Authorization: Basic Z2V0OmdldA==
User-Agent: curl/7.10.7
Does the question is only caching cookie, or sharing cookie ?
Is your objective to store the cookie and being able to review it
afterwards ?
Or using same authentication simultaniously for several users (or
clients) ? (which make sense for a lot services, for example writing
simple wget stuff
Hi Francois,
the latter one, I would like to share a session ID given by a cookie to my
internal LAN. Do you have a solution for that?
Thanks,
Florian
- Original Message -
From: Francois Liot [EMAIL PROTECTED]
To: Henrik Nordstrom [EMAIL PROTECTED]; Florian Effenberger
[EMAIL
On Mon, 5 Jan 2004, Florian Effenberger wrote:
Defining an access list on when cookes should be cached would
work, but is a few lines more code.
Could this be an idea for 3.0?
Too late to enter the unofficial todo for 3.0, but patches implementing
the feature may get accepted.
Regards
Hello,
I'm trying to set up back-end Kerberos authentication beetween Squid and
Windows 2000 Server.
I'm using pam_auth helper, which works fine with a few changes to file
/etc/krb5.conf.
Anyway I can only authenticate users whose accounts are defined locally on
my Squid Linux box.
If a user is
Hi guys
Happy 2004 80)
Bart gave me a goog help telling me to use degug_options ALL,2 9,28 in
squid.conf
example:
http://mirror.phy.bnl.gov/debian-iso/gluck.debian.org/cdimage/testing/netinst/i386/beta
-1/ is DENIED, because it matched 'government_domains'
I have been unable to get mrtg working with Squid on my debian box. I have
tried this on two different boxes with the same results.
While snmpget does work I am trying to use a script located at
http://www.psychofx.com/chris/unix/mrtg/mrtg-squid.cfg for the mrtg config
Example output:
Hi all,
I hope you can help me:
I'm trying to authenticate squid users against a MS Active directory but i am
having problems. I've already tried all the statements tha are in the
squid_ldap_auth manual.
the MS Active directory is under the following domain:
tre-pb.gov.br
I created some users
Every time I try to start Squid calling for port 443 to be accelerated, I
get an error stating that the key does not match the name of the machine.
Any thoughts on how to correct this? I'm using a self generated cert using
openssl.
Thanks,
Charles
Hello Victor,
I haven't heard of using ldap for MSAD authentication.
I personally setup a Redhat 9 box running Samba 3, Kerberos 1.3.1 and
Squid 2.5stable4. It uses the *new* ntlm_auth from Samba 3.
Have you looked into this solution?
--Dave
On Mon, 2004-01-05 at 13:04, Victor Souza
thanks for your answer Dave.
I don't know many things about your solution.
Is this what people are calling Single Sign On Systems, that is, a System
where the user has to log on only one time?
would you please tell me how you achieved that, i mean, which changes did you
have to do ?
Check out
http://itmanagers.net/Documents/File/walkthroughs/[EMAIL
PROTECTED]/Squid+and+Samba+3+-+Walkthrough.html
It will give you a general idea of what is needed.
Myself and others are working on a HOWTO on this subject but it isn't
ready yet.
--Dave
On Mon, 2004-01-05 at 14:02, Victor
Hi,
I'm running Squid 2.5 Stable4 om Redhat 9
My LDAP server is a Windows2003 server with Active Directory running.
To day I finally got the ldap helpers working from shell.
I got the OK message from both the squid_ldap_auth and the squid_ldap_group
from shell.
I konfigure the squid.conf with
Hi All,
Does anybody has examples of how using the filter search for
squid_ldap_auth? I don't understand the ones in the man page or the one
in RFC2254.
thanks,
toblo
- Original message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Date: Mon, 5 Jan 2004 09:49:41
I have an RH9 with qmail 1.03, vpopmail 5.3.30, qmailadmin 1.0.29,
openldap 2.0.27, squid 2.5STABLE3-0 and LDAP Browser/Editor 2.8.2
I've managed to connect both vpopmail and squid to openldap. Both can
authenticate the users okay. The problem raises when I tried to
authenticate vpopmail's user
Hi,
I will be on vacation for a while later this month and so do not need
any logs on my machine for squid. How do I disable logging? I am using,
Squid Cache: Version 2.5.STABLE3
I googled a while before asking this, but could not find a exact
solution. One solution suggested using /dev/null as a
On Mon, 5 Jan 2004, Antonio Manfreda wrote:
(pam_auth): pam_krb5: unable to determine uid/gid for user
Is there any way to avoid PAM uid/gid lookup of users (I just need
authentcation), maybe through a modified pam_krb5 module?
You can not use PAM without NSS. This is because PAM is
On Mon, 5 Jan 2004, Paulo Ricardo wrote:
Hi guys
Happy 2004 80)
Bart gave me a goog help telling me to use degug_options ALL,2 9,28 in
squid.conf
example:
http://mirror.phy.bnl.gov/debian-iso/gluck.debian.org/cdimage/testing/netinst/i386/beta
-1/ is DENIED, because it matched
On Mon, 5 Jan 2004 Jim_Brouse/[EMAIL PROTECTED] wrote:
SNMPGET Problem for cacheClientHttpRequests cacheClientHttpRequests
I think you meant to query for cacheProtoClientHttpRequests, not
cacheClientHttpRequests.
footnote: cacheClientHttpRequests is the number of requests from a
specific
On Mon, 5 Jan 2004, Victor Souza Menezes wrote:
I'm trying to authenticate squid users against a MS Active directory but i am
having problems. I've already tried all the statements tha are in the
squid_ldap_auth manual.
the MS Active directory is under the following domain:
tre-pb.gov.br
On Mon, 5 Jan 2004, Schaefer, Charles wrote:
Every time I try to start Squid calling for port 443 to be accelerated, I
get an error stating that the key does not match the name of the machine.
???
SSL keys does not have a name. All Squid requires from the SSL key is that
the certificate was
On Mon, 5 Jan 2004, Geir Fossum wrote:
The cache.log shows:
Warning:ldap_group #1 (FD 15) exited
Warning:ldap_group #1 (FD 16) exited
Anything relevant before this?
Regards
Henrik
On Tue, 6 Jan 2004 [EMAIL PROTECTED] wrote:
Does anybody has examples of how using the filter search for
squid_ldap_auth? I don't understand the ones in the man page or the one
in RFC2254.
What does the user objects you want to search for look like? Specifically
what attribute carries the
On Tue, 6 Jan 2004, toblo wrote:
I've managed to connect both vpopmail and squid to openldap. Both can
authenticate the users okay. The problem raises when I tried to
authenticate vpopmail's user into squid.
When I browse the userlist using LDAP Browser, I find that vpopmail saves
the
On Tue, 6 Jan 2004, Payal Rathod wrote:
I will be on vacation for a while later this month and so do not need
any logs on my machine for squid. How do I disable logging? I am using,
Squid Cache: Version 2.5.STABLE3
See the cache_access_log and store_log directives. This was also discusses
a
Hi Henrik,
That's a real fast reply. vpopmail save the password in userPassword
attribute.
I've found a workaround for this, I disable vpopmail's MD5 password
encryption and use the standard crypt instead. Now both vpopmail and ldap
can read the password.
Thanks,
toblo
- Original
Hi Henrik,
My user object is look like this:
uid=user1, ou=tld.com, o=vpop
I'd like to be able to log at squid as [EMAIL PROTECTED]. How can I check
the user1 part to uid and tld.com part to ou?
Thanks,
toblo
- Original message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: [EMAIL
On Tue, Jan 06, 2004 at 04:48:14AM +0100, Henrik Nordstrom wrote:
On Tue, 6 Jan 2004, Payal Rathod wrote:
I will be on vacation for a while later this month and so do not need
any logs on my machine for squid. How do I disable logging? I am using,
Squid Cache: Version 2.5.STABLE3
See
On Tue, 6 Jan 2004, toblo wrote:
Hi Henrik,
My user object is look like this:
uid=user1, ou=tld.com, o=vpop
I'd like to be able to log at squid as [EMAIL PROTECTED]. How can I check
the user1 part to uid and tld.com part to ou?
Then your user object need to contain an addribute having
Dear Sir,
I would like to share some experience and seeking your help.
I installed the Squid-2.4Stable7 in both LINUX platform (Red Hat 7.2 + Intel
P200MMX) and UNIX platform (Solaris 8 + UltraSPARC-IIe 648MHz). I found that
the response time of UNIX platform is much longer than LINUX platform
ldapsearch -b uid=user1, ou=tld.com, o=vpop -h your.ldap.server
gives me
ldap_sasl_interactive_bind_s: No such attribute
While
ldapsearch -x -b uid=user1, ou=tld.com, o=vpop -h your.ldap.server
gives me
version: 2
#
# filter: (objectclass=*)
# requesting: ALL
#
56 matches
Mail list logo