Hello,
We're using squid 2.4stable with the extended logfile patch.
Is there something similiar for the 2.5 version or is this
already a feature of the 2.5 version?
Sorry for my question, but I've got to change the versions
because I need ssl and keep the extended httpd logfile possibilty
without
Hi,
I have a caching problem.
I want to redirect my traffic to other Proxy server.
cache_peer ip_address parent8090 0 no-querydefault
acl all src 0.0.0.0/0.0.0.0
prefer_direct off
With this setting sometimes I saw the old pages, but without this the pages
Hi,
I have a caching problem.
I want to redirect my traffic to other Proxy server.
cache_peer ip_address parent8090 0
no-querydefault
acl all src 0.0.0.0/0.0.0.0
prefer_direct off
With this setting sometimes I saw the old pages, but
How does it look like in tcpdump (on both sides of squid box)?
I ran a tcpdump from my workstation to dst host squid server and on the
squid server using a src host as my workstation. I am not sure about what I
should specifically be looking for so I have pasted the output of the dump
below (I
Hi.
I have denied certain IP Addresses access to the internet. The problem is
that those user's need access to our intranet. Our service provider has
denied access to all Addresses except those that obviously come from the
proxy. The user's access is denied when trying to access the
On Thu, Jun 24, 2004 at 11:38:15AM +0200, Vikesh Singh wrote:
I have denied certain IP Addresses access to the internet. The problem is
that those user's need access to our intranet. Our service provider has
denied access to all Addresses except those that obviously come from the
proxy. The
Hi all!
Is it possible to block msn messenger file sharing in Squid? Msn and sending /
receiving messages should be allowed, filesharing not.
Regards /Mattias
Hi all!
Is it possible to block msn messenger file sharing in Squid?
Msn and sending /
receiving messages should be allowed, filesharing not.
Note that SQUID only serves http requests , and http is
stateless in it's nature. In so far that this issue relates to the
fact that MSN
Today i block MSN like this,
acl MSN req_mime_type ^application/x-msn-messenger$
http_access deny MSN
And its working...
Just don't know how to block file sharing like this. Maby deny port80 to
some msn site...
/Mattias
-Original Message-
From: Elsen Marc [mailto:[EMAIL PROTECTED]
Thank you.
This works perfectly - however, in my configuration - the allow all was
specified in the section below the allowed ports.
-Original Message-
From: Christoph Haas [mailto:[EMAIL PROTECTED]
Sent: 24 June 2004 12:07
To: '[EMAIL PROTECTED]'
Subject: Re: [squid-users] Access
I'm a total newbie to squid, and am having to relearn Unix for this
project. Reading through the msgs on this list, I've run into a road
block while planning my squid implementation. I have a fairly complex
problem with a reverse proxy application. I need to set up a reverse
proxy system
Hi,
why on earth would you want to block msn messenging, I can unstand the
blocking of file sharing, but really
or are you just one of those mean administrators
quoteThis is my network, mine you hear./quote
LOL
Kind Regards
Brent Clark
-Original Message-
From: Olsson Mattias
To run multiple instances of squid on one server simply run squid -f
/path_to_squid.conf. Configure each squid.conf to listen on a different IP
address. Virtual hosting may be an option but with using SSL I'm not sure
that you can. I'm also having some difficulty setting up squid to use 1 ip
On Thursday 24 June 2004 12:10, Ryan Sclanders wrote:
How does it look like in tcpdump (on both sides of squid box)?
I ran a tcpdump from my workstation to dst host squid server and on the
squid server using a src host as my workstation. I am not sure about what I
should specifically be
Hye,
Is-it possible to allow connect specify http website without ncsa authentication ?
Thks
Hye,
Is-it possible to allow connect specify http website without
ncsa authentication ?
Thks
(WEB) Cache authentication is an option, not a must.
M.
I know that it's a option, I'm actually use NSCA but I want allow an access without
authentification to oracle.com.
I know that it's a option, I'm actually use NSCA but I want
allow an access without authentification to oracle.com.
That should be possible, rather easy ,combining auth based en dstdomain
based acl statements in squid.conf.
M.
Can you more explain?
I try with this but it's not ok. metalink.oracle.com must be ask a Username/password
prompt but it doesn't appears.
acl domains dstdomain .oracle.com
acl user_dl proxy_auth download
http_access allow domains
http_access allow user_dl
acl domains dstdomain .oracle.com
acl user_dl proxy_auth download
Are you using only the download user to be queried for authentication ?
Else use REQUIRED to get all user authentication informations.
http_access allow domains
It will allow the *.oracle.com to all.
http_access allow user_dl
Can you more explain?
I try with this but it's not ok. metalink.oracle.com must be
ask a Username/password prompt but it doesn't appears.
It does for me when I click on the linl 'Login to metalink'
Please note that authentication to webcaches (proxy authentication) and
Is it possible to block msn messenger file sharing in Squid?
Msn and sending /
receiving messages should be allowed, filesharing not.
There is a test and analysis needed on this one. Enable the log_mime_hdrs to
on. Use the msn with the proxy and get the access.log results.
*_mime_* acls are
Hi all,
I want to bind an ip address to a user , for example
user abc should be able to login from only 192.168.0.1
ip
I am using right now PAM based authenticaion using
/etc/passwd
Squid Version is 2.4.STABLE1
IS this possible , and any changes to accomplish this
will do
Thanks and
Brent Clark wrote:
why on earth would you want to block msn messenging
An ISP or Internet Cafe wouldn't.
Businesses have two good reasons to:
1) Waste of bandwidth
2) Waste of productivity
The only exception would be if the usage is business-related. Most of the
time, it isn't - that's why
s s wrote:
I want to bind an ip address to a user , for example
user abc should be able to login from only 192.168.0.1
ip
There is an external_acl helper that allows you to match IP addresses with
usernames - though I can't recall its name. Look in the Squid source, under
helpers/external_acl
You must create:
First
acl localhost src 192.168.0.0/255.255.255.0# an acl with the
local ip's This line is optional
acl iprestricted src 192.168.0.1 # an acl
with the ip to be restricted
Second
acl userrestricted proxy_auth userabc
I'd just as soon block all instant messaging. Completely. In the few
cases where it is for business intents, we'll use a service like SameTime.
I've seen viruses, child pornography and the likes hit a company network
because of instant messaging. It isn't a matter of it's my network, all
I have squid running in server accelerator mode pointing to one backend
server. What's the best way to:
a. firewall the squid box
b. firewall the backend server to only accept connections from the squid
box
Any pointers or suggestions would be great.
Thanks.
-
Jim
Niti Lohwithee wrote:
Adam Aube wrote:
Fix the SSL_Ports acl line. If it still doesn't work, post your
entire squid.conf (without blank lines or comments).
I am really sorry for above squid configuration. In fact , My squid
box have a correct [acl SSL_Ports port 443] but http_access
Hi,all
my squid get trouble ,and i can not restart squid .but after i reboot it ,i can start
squid server.
the message is below
Jun 25 02:00:03 squid01 squid[29411]: Squid Parent: child process 29413 exited due to
signal 6
Jun 25 01:59:59 squid01 squid[29411]: Squid Parent: child process 29441
30 matches
Mail list logo