> Hi,
>
> I have a large squidGuard.conf file with many different db files that
> take a long time to rebuild. I only have a couple that vary
> frequently
> and wonder if there's a way I can ask squidGuard to only rebuild
> certain databases..
>
> eg, This list is not updated very often
>
On Tue, 8 Feb 2005, Oliver Hookins wrote:
I've never quite understood it... hence my problem. Let me run this by you
though.
It's an ordered list of rules
http_access allow|deny acl AND acl AND ...
OR
http_access allow|deny acl AND acl AND ...
OR
...
On Tue, 8 Feb 2005, Oliver Hookins wrote:
http_access allow AuthGroup
http_access allow SURFING
http_access allow allowedsites
http_access deny all
Will that do it, and grab authentication details for every request?
Yes, but I would not recommend leaving allowedsites world open like this.
acl mynet
On Mon, 7 Feb 2005, jennyw wrote:
We're using Squid as a Web accelerator and need to clear the cache every
morning (the store goes into maintenance mode at 4 a.m. and all pages
have a message saying so; we don't want those pages cached).
The best approach to this is to make the web server set prope
Hi,
it was my mistake. I uncommnet debug in wbinfo_group.pl.
Also it wasn't clear enough structure of requests for this perl script.
I ask:
mylan\\test test (domain\\user group)
and i have very pretty reply with OK in the end.
Thanks to everyone
Nikolay
[EMAIL PROTECTED]@inet
08.02.2005 10:13
Since it's a multiple of 64 try.Are you using a super computer?Can we
know your machine Specs too pliz??
www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.4
pak kumis wrote:
hello,
I'am newbie here,
I want to know, it's need to change file descriptors up to 8192 ?
What effect to my system if I up to 8
You said that the web archived version of the mysql_acl website
(http://web.archive.org/web/*/http://www-users.york.ac.uk/~mfn100/squid_mysql.html)
still had the patch available for download, are you sure this is the case? I
have tried every version of the site and I can't find a link that lets m
>Greetings,
> We have been unable to get Windowsupdate working in our environment
>for quite some time now, and solutions I have seen posted on-line do
>not seem to work for us.
> We have implemented a SUS server on our internal network segment,
>which works fine, but the public network segm
I brought this up only because of a query by my peers asking about the
possibility of people using gzipped HTML pages as a delivery vector
for virii.
My concern with this is that we would very likely end up blocking more
legitimate pages than we would protect ourselves against. My
inclination is
On Tue, 8 Feb 2005, Glynn Robinson wrote:
You said that the web archived version of the mysql_acl website
(http://web.archive.org/web/*/http://www-users.york.ac.uk/~mfn100/squid_mysql.html)
still had the patch available for download, are you sure this is the case?
Yes, I am positively sure.
I
have
On Tue, 8 Feb 2005, Paul Fiero wrote:
I brought this up only because of a query by my peers asking about the
possibility of people using gzipped HTML pages as a delivery vector
for virii.
Any decent virus scanner should be able to scan gzipped HTML pages for
malicious code just as it can scan plai
On Mon, 7 Feb 2005, Chris Robertson wrote:
Just as a note, the diff to the patch available is for Squid 2.4Stable7 not
2.5... I have no skills when it comes to C programming, so I have no idea
how much trouble that is going to cause.
Probably there is quite a bit of changes required. For example e
I've read about WCCP/VPN problems and tried to clear DF bit by PF on
Squid's server (2.5.7, FreeBSD-CURRENT):
scrub out on lan0 proto tcp to my.vpn.net.work/24 no-df
So, I see by tcpdump that DF is cleared, but some VPN client still
can't receive their files, the connections hangs after some amou
I've tried installing the diff file using the following instructions:
cp -rl squid-2.4 squid-2.4.mysql
cd squid-2.4.mysql
zcat diff-file.gz | patch -p1
However, the patch program asks me which files I would like to patch and I'm
unsure which files need to be patched. I assumed this would be auto
hi list
I am wondering if anyone here running "Virtual Server via IP Tunneling"
or "Virtual Server via Direct Routing", LVS based caches cluster.
Thanks and Regards
Askar
On Tue, 8 Feb 2005, Glynn Robinson wrote:
I've tried installing the diff file using the following instructions:
cp -rl squid-2.4 squid-2.4.mysql
cd squid-2.4.mysql
zcat diff-file.gz | patch -p1
However, the patch program asks me which files I would like to patch and I'm
unsure which files need to
A big thanks to Tom Earl who wrote to me and explained part of the
problem.
--
For our network, we only had problems with v5.windowsupdate.com - the
windows update for Windows XP.
If that matches your symptoms, this is what worked for us --
1. Check to make sure the WinHTTP is using a proxy.
In
Wondering if this will work... I have a laptop that moves with me between
multiple networks. I'm wondering it I might setup squid to know about the
available proxy servers on each of them and "figure out" which one it
should be using. I need to do this without using ICP as most of them are
actua
Chris Robertson wrote:
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Monday, February 07, 2005 11:58 AM
To: Chris Robertson
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Help..
On Mon, 7 Feb 2005, Chris Robertson wrote:
Not entirely true. There
I have log_fqdn set to on but due to the location of
squid, it cannot resolve client ip addresses
connecting to it. This generates a lot of unnecessary
traffic on the dns servers. Is there a solution to
resolve only the external ip addresses but not have
squid attempt to resolve the clients?
Or a
Hi squiders.
I am confused, about why when I try to access an
"https:/foo.foo/direcrory/index.html" squid tryes
to go to "/direcrory/index.html"
It removes the hostname from the URL
I have squid 2.5st7 and I use ldap authentication. Interesting is that when i
don't use
authentication, the proble
Dear All
Requirement has arisen to provide access to a group of machine
categorized based on IP address.
ACL created is as follows:-
acl fulltime_ip 10.10.10.40-10.10.10.254
acl slot1_ip src 10.10.10.25 10.10.10.3010.10.10.35
acl slot1_time time 08:00-10:00
acl slot2_ip src 10.10.10.39 10
You can put local machines in hosts file.Try it!
[EMAIL PROTECTED]@inet
08.02.2005 18:48
To
squid-users@squid-cache.org
cc
Subject
[squid-users] log_fqdn only for external addresses
I have log_fqdn set to on but due to the location of
squid, it cannot resolve client ip addresses
connect
> -Original Message-
> From: Paul Dugas [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 08, 2005 6:58 AM
> To: Squid Users Mailing List
> Subject: [squid-users] Select parent without ICP
>
>
> Wondering if this will work... I have a laptop that moves with me between
> multiple networ
Hi There,
I haven't been working on this for some time so I hope you remember this
:)
Transparent Proxy: Log with log_mime_hdrs enabled
==
1107817629.523 29787 10.6.0.2 TCP_HIT/200 69559 GET
http://definitions.symantec.com/defs/20050207-008-i32-1.
I had already tried that, but it didn't work. It looks
like squid just queries the dns server.
Does anything else need to be done to tell squid to
read the hosts file?
--- [EMAIL PROTECTED] wrote:
>
> You can put local machines in hosts file.Try it!
>
>
>
> -Original Message-
> From: thomas [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 08, 2005 8:16 AM
> To: squid-users@squid-cache.org
> Subject: [squid-users] SQUID- ACL for different time frame for different
> block of IP addresses.
>
>
> Dear All
> Requirement has arisen to provide
Hi Thomas
I am not familiar too, but I write my acl-s different
I deny every trafic I don't want to have
the "http_access allow Safe_ports" ... allows everything i htink
the restrictions would I write
acl time1 time 08:00-10:00
acl time2 time 10:00-12:00
http_access deny slot1_ip !time1
http_a
nsswitch.conf ???
defining the order for hosts:
host files dns
--- shawn reed <[EMAIL PROTECTED]> wrote:
> I had already tried that, but it didn't work. It looks
> like squid just queries the dns server.
>
> Does anything else need to be done to tell squid to
> read the hosts file?
>
> --- [EM
Thank you very much for your time and your explanation.
Regards
Gustavo
**
Gustavo M. Ortega
Sup. de Administradoras de Fondos de Jubilaciones y Pensiones
Tucumán 500
Tel.: 54 11 4320-5773
Visite http://www.safjp.gov.a
Thank you very much for your time and your explanation.
Regards
Gustavo
**
Gustavo M. Ortega
Sup. de Administradoras de Fondos de Jubilaciones y Pensiones
Tucumán 500
Tel.: 54 11 4320-5773
Visite http://www.safjp.gov.a
Okay, thanks for the help. Does this require
restarting squid? If so I will have to wait to try
this.
--- Alexander Varga <[EMAIL PROTECTED]> wrote:
> nsswitch.conf ???
> defining the order for hosts:
> host files dns
>
> --- shawn reed <[EMAIL PROTECTED]> wrote:
>
> > I had already tried tha
Hi Henrik,
Got you!
Now how am i supposed to stop this url, forl exemple?
Waht is the better way to stop a url like the one that
followed?
I arranged to do it like it follows:
^http://www.awprofessional.com/articles/article.asp?p=363731$
with url_regex.
Anyway i would like to know if this is t
Hi all!
We have developed a solution for a client of ours where users are filtered
based on the IP address, agent and a unique cookie (IP, MD5(agent),
unique_cookie). We use an external acl for this purpose:
external_acl_type my_app negative_ttl=120 ttl=120 children=75 %SRC
%{User-Agent} %{Cook
On Tue, February 8, 2005 12:40 pm, Chris Robertson said:
> Add round-robin to the cache_peer lines (i.e. cache_peer 192.168.1.1
> parent 8080 0 no-query round-robin) and you'll be set. Make sure you add
> it to all the lines so they are all part of the round-robin queue. Squid
> will automaticall
On Tue, 8 Feb 2005, cipher wrote:
^http://www.awprofessional.com/articles/article.asp?p=363731$
with url_regex.
You should also translate the URL into regex
^http://www\.awprofessional\.com/articles/articles\.asp\?p=363731$
but keep in mind that this is an exact match for the URL. Any variance
fr
On Tue, 8 Feb 2005, Askar wrote:
I am wondering if anyone here running "Virtual Server via IP Tunneling" or
"Virtual Server via Direct Routing", LVS based caches cluster.
Not currently, but I have used LVS/DR and LVS/NAT in the past a lot to
load balance servers, including Squid proxy servers. N
On Tue, 8 Feb 2005, Paul Dugas wrote:
Wondering if this will work... I have a laptop that moves with me between
multiple networks. I'm wondering it I might setup squid to know about the
available proxy servers on each of them and "figure out" which one it
should be using. I need to do this with
On Tue, 8 Feb 2005, shawn reed wrote:
I have log_fqdn set to on but due to the location of
squid, it cannot resolve client ip addresses
connecting to it. This generates a lot of unnecessary
traffic on the dns servers. Is there a solution to
resolve only the external ip addresses but not have
squid
On Tue, 8 Feb 2005, Alexander Varga wrote:
nsswitch.conf ???
Not used by Squid.
Squid loads /etc/hosts (or the hosts file specified in squid.conf) on
startup, uses DNS for the rest.
Regards
Henrik
On Tue, 8 Feb 2005, Alexander Varga wrote:
Hi squiders.
I am confused, about why when I try to access an
"https:/foo.foo/direcrory/index.html" squid tryes
to go to "/direcrory/index.html"
It removes the hostname from the URL
More likely you have a broken client.
Try "client_persistent_connections
On Tue, 8 Feb 2005, Lasse Laursen wrote:
external_acl_type my_app negative_ttl=120 ttl=120 children=75 %SRC
%{User-Agent} %{Cookie} /path/to/my_app.pl
The check is rather database intensive so once we have allowed/denied a user
access we would like to limit the number of further requests on our
Hi Henrik,
Thanks for your response. So the squid server simply caches the response
from the external program internally based on the variables sent to the
program? So next time it will check the user it simple does a lookup in its
own cache based on the 3 values and returns a cached response?
On Tuesday 08 February 2005 16:00, shawn reed wrote:
> I had already tried that, but it didn't work. It looks
> like squid just queries the dns server.
>
sure it does but it should be your OS which first should query the host file
and then the dns server
> Does anything else need to be done to
On Saturday 05 February 2005 22:25, you wrote:
>
> LVS is useful in load balancing both servers and proxies, including
> transparently intercepting proxies if you like. It can even run on the
> same nodes as the servers, eleminating the need of extra hardware.
hmm, for server balance ok but do you
On Tuesday 08 February 2005 18:00, Henrik Nordstrom wrote:
> On Tue, 8 Feb 2005, Alexander Varga wrote:
> > nsswitch.conf ???
>
> Not used by Squid.
>
> Squid loads /etc/hosts (or the hosts file specified in squid.conf) on
> startup, uses DNS for the rest.
>
I never needed this and only now it cam
On Tuesday 08 February 2005 18:14, H Matik wrote:
> > Does anything else need to be done to tell squid to
> > read the hosts file?
>
> this should be done on dnOS s level, check your /etc/host.conf for priority
>
seems I answered this wrong here, sorry
Hans
>
> but you even could tweak your DNS s
Hi,
every one here.I have a problem to trouble you.
In the end of error page that create by squid,it said:
Generated Tue, 08 Feb 2005 20:56:59 GMT by localhost
(squid/2.5.STABLE7)
I just want to know how to change the GMT time to
local time.
Thanks
--
Happy for nothing
Hello all:
Here is what I want to do:
Limit certain users or groups of users to accessing only certain sites that
are preapproved by management. I however just cannot wrap my head around the
SQUID HOWTO that deals with this type of control.
Does anyone have any examples of how this can be accomp
On Tue, 8 Feb 2005 20:49:40 +0100 (CET), Henrik Nordstrom
<[EMAIL PROTECTED]> wrote:
>
>
> On Tue, 8 Feb 2005, Askar wrote:
>
> > I am wondering if anyone here running "Virtual Server via IP Tunneling" or
> > "Virtual Server via Direct Routing", LVS based caches cluster.
>
Yep, I am currently
Hello!
First post to this list, hope somebody can help me with this rather
strange problem...
First, this problem seems to be related to Microsofts service MSN
Messenger. Earlier this evening I noticed that the CPU usage on the
computer that runs squid (a P2 400Mhz with 256Mb RAM) was unusually h
On Tue, 8 Feb 2005, Paul Dugas wrote:
On some networks, yes. That may be the issue here. I may just need to
just wait. Boy, how I wish it was standard to hand out http_proxy info in
DHCP responses.
Well.. it is, sortof. See WPAD. Not an official standard but is supported
by Microsoft (DHCP then
On Tue, 8 Feb 2005, Lasse Laursen wrote:
Thanks for your response. So the squid server simply caches the response from
the external program internally based on the variables sent to the program?
So next time it will check the user it simple does a lookup in its own cache
based on the 3 values an
On Tue, 8 Feb 2005, H Matik wrote:
I never needed this and only now it came to my attention.
if hosts_file is not in squid.conf it still tries /etc/hosts right?
Yes, but it is only read on startup. Any changes done to /etc/hosts will
not be automatically picked up by Squid.
but anyway squid does
On Tue, 8 Feb 2005, H Matik wrote:
hmm, for server balance ok but do you think LVS is better then parent weight
and some other squid configs for walking through several frontend caches?
It depends a lot on your environment.
LVS is usually simpler than to install and maintain than a smaller Squid
i
On Wed, 9 Feb 2005 [EMAIL PROTECTED] wrote:
In the end of error page that create by squid,it said:
Generated Tue, 08 Feb 2005 20:56:59 GMT by localhost
(squid/2.5.STABLE7)
I just want to know how to change the GMT time to
local time.
See the Squid FAQ.
Regards
Henrik
On Tue, 8 Feb 2005, Johan [iso-8859-1] Ström wrote:
First, this problem seems to be related to Microsofts service MSN
Messenger. Earlier this evening I noticed that the CPU usage on the
computer that runs squid (a P2 400Mhz with 256Mb RAM) was unusually high,
and looking more closly I saw my squid
Lo all,
Can someone please just assit me with always/never_direct?
I have two cache peers configured. The one will be used "per default", the
other only for certain IP addresses.
cache_peer x.x.x.x parent 3128 0
cache_peer y.y.y.y parent 3128 0
Then, I have a ACL to setup the certain IP addresse
Hi:
I've included relevant parts of the conf file at the end of this email,
but first the human-readable version...
A quick description of the situation:
-
I have a working Squid-2.5.Stable5-4.fc2.2 installation under Linux,
using transparent proxying in conjun
No. there is no need to restert squid, not even reconfigure
good luck
--- shawn reed <[EMAIL PROTECTED]> wrote:
> Okay, thanks for the help. Does this require
> restarting squid? If so I will have to wait to try
> this.
>
>
> --- Alexander Varga <[EMAIL PROTECTED]> wrote:
>
> > nsswitch.conf
Thanx much!!
exactly this is the option I searched for.(this works for me)
...and Yes my users use it, and it is a MSIE bug :(
what ewer... thanx once again.
bye
Alexander
--- Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
>
>
> On Tue, 8 Feb 2005, Alexander Varga wrote:
>
> > Hi squiders.
> >
Dear All,
Warm wishes to all.
We are working on a script to make squid build,
configuration and
installation automation, based on shell script. We
started this project that
end-users are getting problem on build, installation
and configuration.
Currently intial version to get recent source,
Dear All
I have downloaded chpasswd from squid-cache.org/htpasswd. I wish to
use to provide web interface to users to chane their ncsa passwd
stored in /usr/local/squid/squid_passwd file.
When I am runnning make after .configuration, getting below error.
How can I fix the same. Or any one have work
H Matik wrote:
On Saturday 05 February 2005 22:25, you wrote:
LVS is useful in load balancing both servers and proxies, including
transparently intercepting proxies if you like. It can even run on the
same nodes as the servers, eleminating the need of extra hardware.
hmm, for server balance
64 matches
Mail list logo
