Hi gurus,
using Squid 2.5 Stable 7 I have following configuration:
cache_peer parent-proxy parent 8080 3130 login=PASS no-query
Authentification is done by the local proxy to which the users connect. The
parent authenticates once more. I have no administration rights on this
parent.
Now
Hi,
I'm coming back with this prolem I haven't solved yet. I'm managing an
architecture
of about 20 proxies under squid (most of them version 2.5 Stable1 and
RH9) with three
level of peering :
level1
||
level 2
Hello,
I try to integrate websense with a squid proxy server.
I installed websense entreprise components (Policy
Server, User Service, Websense Entrepris Manager,
Filtering Service and Network Agent) in a W2K3 machine
and I installed Squid in a RedHat 9 machine.
I am now trying to install the we
Help about squid an isvw (trend micro isvw - smb)
I work with Linux only 30 days (Debian), and I descover how it is amazing and
excellent. Good bye windows forever.
Configuration for gateway - 1 PC
---
OS:_Debian sarge 3.0
Proxy/cache:_
Interestingly enough, Microsoft recommends NOT to use it over the
Internet (and has been doing so for the last 10 years). You should write
the webmaster of that site and ask him to move to a standard
authentication scheme such as Digest or Basic over HTTPS.
Thanks! That was it.
Hello,
Installed squid 2.5STABLE9 with ntlm_auth from samba 3.0.11.
Periodically got this error from winbindd:
After restart working fine...
rpc_client/cli_pipe.c:rpc_api_pipe(435)
cli_pipe: return critical error. Error was Call timed out: server did not
respond after 1 milliseconds
and
Hi All,
I am trying to use Squid as an accelerating proxy server to a web server
that is authenticating clients via NTLM. This is on an intranet. I
*know* the limitations of NTLM, and I *know* it is a crap protocol and
breaks standards etc. but it is what we are stuck with on this intranet
:(
Hello,
Squid get a zero size reply when accessing to hotmail.com when it is
configured to use cache_peer. to circumvent the problem, in squid.conf
pass the "nonhierarchical_direct" parameter to off.
regards,
Christian
Any idea please.
I am using websense 5.5 evaluation version.
Thanks
Remarque : message transféré en pièce jointe.
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails !
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/--- Begin
>> This sounds like what I'm looking for, not sure how I missed it :)
But
>> I can't find any examples, as I'm not to sure how this works. I've
>> searched the archives with no luck. Where can I find more info on
>> deny_info and %s?
>There isn't much more to say about it. The %s is meant to gi
Hi,
I have currently setup one of the squid proxy servers to use a
/usr/lib/squid/wbinfo_group.pl to do group lookups. I am noticing a
performance hit when using multiply groups after turning on logging every
user authentication requires a lookup in all the groups. I am also using
NTLM which al
Hi!
I have trouble with my squid. When someone is uploading files then my
connection is getting very slow and I canât browse the web. Can I limit
my upload bandwidth with Squid? I mean something like that(this is my
bandwidth limitation for download):
acl files url_regex -i ftp .exe .mp3 .vqf .
Hi,
My setup is RHEL-3.1 and
Squid-2.5-STABLE9+collapsed_forwarding turned on.
I am trying to get squid to work in accelerator mode
to provide relief to a backend server. The clients are
set up so they make requests to the squid box but if
squid doesn't have the object in cache, clients go to
m
Hallo,
can I configure squid in order to give http access to only some host
(some URLs)
and nothing else from the internet.
Thank you
Frank
On Fri, 4 Mar 2005, Brad Taylor wrote:
deny_info http://your.domain/errorpage.asp?url=%s some_acl
When we setup the asp page to display the value of %s, the value is the
origin server not squid, the requested server. I'm I doing something
wrong. Shouldn't %s be the requested URL?
%s is the reque
On Sat, 26 Feb 2005, Pankaj Agarwal wrote:
I am facing a very strange problem with squid. Users in my LAN are not able
to connect to some of the HTTPS sites. On that particular sites it keeps on
asking for username and password but if I configure the client to direct
access ..then I gives the
On Sun, 27 Feb 2005 [EMAIL PROTECTED] wrote:
Is there a difference in function between the statements
Socket created at 0.0.0.0, and
Accepting connections at 0.0.0.0
Not much.
Regards
Henrik
On Sun, 27 Feb 2005, MailAdmin wrote:
1. I need to use emule software with proxy but it does'nt work.
how should I change sqid.conf file?
emule is not suitable to be proxied over HTTP. You should look into using
another kind of proxy (in addition to Squid) for this purpose. I would
recommend u
On Sun, 27 Feb 2005, Vishal Kashyap @ [SaiHertz] wrote:
Problem :
1.
I am not able to authenticate my local users with pam_auth
Yes, I have done
chown root /usr/lib/squid/pam_auth
chmod u+s /usr/lib/squid/pam_auth
and restarted squid ,without any success
Can you run pam_auth interactively from the
On Mon, 28 Feb 2005, Vishal Kashyap @ [SaiHertz] wrote:
that ident look up could not be used for Access Control in squid.
Is this true?
ident lookups is supported by Squid since version 1.1.
Only restricting is that ident lookups by design is incompatible with
transparent interception proxying, mu
On Mon, 28 Feb 2005 [EMAIL PROTECTED] wrote:
# squid -z
2005/02/28 13:14:01| assertion failed:
/usr/obj/i386/squid-2.5.STABLE6/squid-2.5.STABLE6/src/repl/lru/store_repl_lru.c:282:
"!args"
Your removal policy configuration is incorrect.
cache_replacement_policy lru # politica de reemplaç de fitxer a
On Sun, 27 Feb 2005, Dominik Jais wrote:
delay_parameters 1 -1/-1 13000/13000
I'm using the configuration above. My problem is, that eath user gots 13kbps,
but the 13000 mean bytes = 104kbps
Is this a documentation bug?
The above setting will give each user ca 104kbit/s or 12.5KByte/s.
Most clien
On Mon, 28 Feb 2005, [ISO-8859-1] "José J. Cintrón" wrote:
How can I get squid (2.5.STABLE9) to allow FTP. No matter how I attempt to
connect to an ftp site I cannot connect to it. If I do a
For Squid to proxy requests for ftp:// objects you must be using a web
browser configured to use Squid a
On Tue, 1 Mar 2005, Ytzhak Levy wrote:
For some sites site squid returns "zero sized reply". (eg www.ibm.com which is redirected to www.ibm.com/us/).
www.ibm.com and www.ibm.com/us/ works just fine here using
Squid-2.5.STABLE9 (or very close to.. current Squid-2.5 sources).
Have you tried the not
On Mon, 28 Feb 2005, Robson Miranda wrote:
I found some informations in MSDN about some problems about detecting
if the proxy server is in Intranet Zone. In my setup, the workstations
are not in the same subnet as the proxy server, may be this is the
cause?
Sounds likely.
Try experimenting with dif
On Mon, 28 Feb 2005, Lucia Di Occhi wrote:
Is --enable-linux-netfilter required for transparent intercepting proxies on
linux 2.6 kernel using iptables?
The note from ./configure --help says it's needed for 2.4, is it also needed
on 2.6?
yes.
Regards
Henrik
On Mon, 28 Feb 2005, Rich Hawley wrote:
I am looking for documentaion or examples on using the acl
req_hdr/resp_hdr to help prevent spyware from being installed. I read
previous posts where it was suggested to check the squid.conf.default.
However my debian package does not have such a file and w
On Tue, 1 Mar 2005, lakmal silva wrote:
FreeBSD 4.8 and WCCP as described in "Squid, the
definitive guide" by Duane Wessels. I followed exactly
the procedure given in the book but no luck so far.
The problem is, WCCP detects the squid server and
redirects packets to squid. But I don't see any logs
On Tue, 1 Mar 2005, lartc wrote:
I think that you mis-typed the RFC it's actually 3168 ...
Indeed.
The ip TOS is now 4 bits, so the squid.conf.default ought to be changed
to reflect 0 -> 63 rather than 0 -> 255 as is now indicated.
Agreed. It's 6 bits (0 - 63).
Looking thru the archive, i noticed
On Tue, 1 Mar 2005, David Landgren wrote:
It looks to me that in the line:
charset=ISO-8859-1;^MSet-Cookie:xadxcpt=1;path=/;^MSet-Cookie:xadxsessionid=coro6a3d4a;path=/;
... the programmers have messed up their line-ending, and it's this that is
causing Squid (2.5-STABLE8) to choke. But then again
On Tue, 1 Mar 2005, Patricio Bruna V wrote:
how that squid manage the authentication?
By HTTP authentication.
when a client authenticate itself squid store the ip somewhere?
and the on it uses that ip to let him navegate?
No need to. Authentication is an integral part of the HTTP proxy protocol.
i
On Tue, 1 Mar 2005, Mario Maradiaga wrote:
I´m having trouble with squid on my Fedora Core 2 box, what´s happening is
that every two weeks or so the squid service will shut itself down
Any hints in cache.log to why?
and when I
try to restart it it always fails.
Any errors received telling why it
On Wed, 2 Mar 2005, Ling Ling Chan wrote:
We are running SQUID (as forward proxy)and we had configured to resolve
our domain (.mycompany.com) internally. However, We have some URLs that
are configured using our DNS, and those website are hosted by 3rd party
web hosting company.
Is Squid using th
On Wed, 2 Mar 2005, Alexander Shopov wrote:
How can I force SQUID to *not* honour the "Cache-Control: private" header?
By changing the code.
There is patches around, both in the squid-users archives and in the bug
database IIRC.
Regards
Henrik
On Fri, 4 Mar 2005, sania maro wrote:
I am now trying to install the websense's squid
plug-in. But when I enter the Filtering Service
machine's IP address, I get the following message "The
Filtering Service provided does not support a remote
plug-in. Select another Filtering Service".
Have you trie
On Fri, 4 Mar 2005, AVRAMAKIS Christian (ext.) wrote:
Squid get a zero size reply when accessing to hotmail.com when it is
configured to use cache_peer. to circumvent the problem, in squid.conf
pass the "nonhierarchical_direct" parameter to off.
You should probably be using "never_direct allow al
On Wed, 2 Mar 2005, Joost de Heer wrote:
2005/03/02 09:13:22| Rebuilding COSS storage in
/opt/squid-master/var/cache/coss0 (CLEAN)
Be warned that COSS is still considered highly experimental...
2005/03/02 09:13:22| assertion failed: cbdata.c:163: "type > 0 && type <
cbdata_types"
A stack trace of t
On Wed, 2 Mar 2005, David Rosca-Lorenz wrote:
when my squid is requesting at its "cache_peer" the "cache_peer" is accepting
the first request and at the second request nothing anymore.
What does access.log say?
cache_peer 10.20.1.126 parent 3128 7 proxy-only
As this peer obviously isn't using ICP
On Wed, 2 Mar 2005, Andrew McKinney wrote:
The two config files are very similar, differing only on the cache_peer and
http_port (for crt info) lines. The symptoms of the ASP issue are, that after
I authenticate successfully to squid/winbindd, I am prompted with the old
three field NTLM Ruth box
On Thu, 3 Mar 2005, Axel [iso-8859-1] Böhme wrote:
We've tried the following iptables rules on the firewall:
iptables -t nat - A PREROUTING -i "Interface for local net" -s !
"squid-machine" -p tcp --dport 80 -j DNAT -- "squid-machine:3128"
iptables -t nat -A POSTROUTING -o "Interface for local net"
On Wed, 2 Mar 2005, guest01 wrote:
I am using Debian Woody stable, squid/2.5.STABLE4 with a previous
working config file, all
iptable-rules are disabled. Authentication disabled to.
I tried to increase the debug_level, but there are no concrete errors in
the logfile!!
"The request GET ... is ALLOW
On Thu, 3 Mar 2005, Sangeeta Chachlani wrote:
I need to understand the source code of squid as to where is it
actually picking the webpages if they are cached when they are
requested. Is there any documentation that I can refer to understand
what the various C files are doing in the source code of
On Fri, 4 Mar 2005, SXB6300 Mailing wrote:
On every child of one level, I get the message : TCP connection to
parent/8080 failed
This indicates one of two things:
a) The TCP connection to the parent was refused by the parent.
b) The TCP connection to the parent timed out for some reason.
'a' has a
On Fri, 4 Mar 2005 [EMAIL PROTECTED] wrote:
And now we have to avoid auth. on the parent for this URL. I need a
construct like
if NOLOGON then cache_peer parent-proxy parent 8080 3130
login=user:secret no-query
which replaces "login=PASS" by a fixed username:password.
How can we do this? Is it po
On Fri, 4 Mar 2005, Shadow wrote:
Can I limit my upload bandwidth with Squid?
no.
the delay pools in Squid only applies on downloads from servers.
Regards
Henrik
Hi there,
We are using both SQUID (the latest stable version) and cache flow to
cache the pictures for the website.
I've been puzzled by the following fact that SQUID can only push less
than 30Mbps traffic with P4 2.4G, 2G mem, 4x18G hard disk because it
uses up the CPU. And we have an old cac
Hi,
i want to use Squid 2.5Stable8 on my Debian Sarge System as a transparent
Proxy. We've got i Firewall here (debian machine with iptables).
The idea is, that the users from the local net (172.21.0.0/16) use the
transparent proxy.
Squid is running normal on the Proxy Machine and i've set the
47 matches
Mail list logo