On Tue, 22 Mar 2005, Brett Lymn wrote:
We have added websense to the mixture, this also works fine and good mostly
except for one small thing - when squid passes the authentication details
to the Websense redirector the '\' character has been encoded as a %5c
yes..
which I can understand but the We
On Tue, 22 Mar 2005, David Lampkin wrote:
So I should be trying squid 3 instead of 2.5?
It's easier in Squid-3 as Squid-2.5 does not have builtin support of this
header and the source must be patched to add it. But at the same time
Squid-3 has it's own problems (still under development, not yet r
Matus UHLAR - fantomas wrote:
Hi Matus,
Thanks for your reply and I will try to let you know after making
changes as you suggested, atm kinda busy with other stuff
Thanks and regards
On 18.03 20:10, Askar wrote:
cache_dir diskd /cache1/cache 25000 32 256
cache_dir diskd /cache2/cache 1600
So I should be trying squid 3 instead of 2.5?
An example config file would be nice, as I dont know how to ad the
"Front-End-Https: yes" header part.
Thanks for the help tho.
David Lampkin
Lincom Solutions
[EMAIL PROTECTED]
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROT
So I should be trying squid 3 instead of 2.5?
An example config file would be nice, as I dont know how to ad the
"Front-End-Https: yes" header part.
Thanks for the help tho.
David Lampkin
Lincom Solutions
[EMAIL PROTECTED]
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTE
We have a school computer lab for which we essentially want to run a
redirector (with a bit of caching for some flash apps). I had hoped
that squid would let me simply screen on the basis of the browser user
env value and would include in the log the site to be accessed and the
user. the hosts we
All i finally figured it out.
Thanks anyways
Steven Adams wrote:
Hi,
I have got squid_ldap_auth working fine, but what i want to do is give
access to different sites depending on what group the user is in.
I have been told ineed to use squid_ldap_group but am having troubles
trying to work out h
Folks,
I am having interesting times. I have squid 2.5 stable7 (a bit
old I know but it is working), I am running samba3 and using the integrated
NTLM authentication so our users get authenticated to the AD domain when
they use their IE. All this works fine and is good.
We have added we
On Tue, 22 Mar 2005, David Lampkin wrote:
I'm currently pilot-testing a squid as a reverse proxy server,
to go in front of an OWA (Exchange server web interface) I have got it to
work fine with http, I can also access the pages by https, however when I
access the page, and login using https, the br
Hi,
I have got squid_ldap_auth working fine, but what i want to do is give
access to different sites depending on what group the user is in.
I have been told ineed to use squid_ldap_group but am having troubles
trying to work out how to use it.
Can anyone point me in a good tutorial or how-to a
On Mon, 21 Mar 2005, Jayesh Kamdar wrote:
Yes, I tried a search filters with ldapsearch. (ldapsearch -h ldapsrv1 -D
"uid=jkamdar,o=mitre.org" -b "o=mitre.org" cn="Kamdar,Jayesh H.")
This LDAP search looks for an user with the name "Kamdar,Jayesh H.", not
if he is a member of a certain group or n
On Mon, 21 Mar 2005, Tracey, Michael wrote:
I'm still very interested in trying this. How would you write the ACL to
drop SSL traffic after N bytes? Since I'm trying to make sure that people
don't upload files in the 300+ MB range, I'm sure that I can tweak the
amount of traffic where it will not
On Mon, 21 Mar 2005, Jayesh Kamdar wrote:
Yes, I tried a search filters with ldapsearch. (ldapsearch -h ldapsrv1 -D
"uid=jkamdar,o=mitre.org" -b "o=mitre.org" cn="Kamdar,Jayesh H.")
Now, before I get into details about syntex with squid ...I am confused about
- squid_ldap_match
- squid_ldap_a
On Mon, 21 Mar 2005 14:45:08 -0700, Jim B <[EMAIL PROTECTED]> wrote:
> Viewing the squid logs I see some activity for chat.yahoo.com how can
> I determine what chat room is being accessed is there a file on the
> users hard drive that would clue me into that or would the squid logs
> have any menti
Hi,
Im currently pilot-testing a squid as a reverse proxy server,
to go in front of an OWA (Exchange server web interface) I have got it to
work fine with http, I can also access the pages by https, however when I
access the page, and login using https, the browser switches back to htt
Viewing the squid logs I see some activity for chat.yahoo.com how can
I determine what chat room is being accessed is there a file on the
users hard drive that would clue me into that or would the squid logs
have any mention of it?
Jim
Yes, I tried a search filters with ldapsearch. (ldapsearch -h ldapsrv1
-D "uid=jkamdar,o=mitre.org" -b "o=mitre.org" cn="Kamdar,Jayesh H.")
Now, before I get into details about syntex with squid ...I am confused
about
- squid_ldap_match
- squid_ldap_auth
- squid_ldap_group
I do have bi
>> I'm trying to block file uploads over a certain size with squid, and have
>> everything working, except where the user connects with HTTPS. Is there
a
>> way to limit uploads based on size when it's encrypted ssl (443) traffic?
>Nope. The size is not known to Squid when the traffic is encrypte
On Mon, 21 Mar 2005, Matus UHLAR - fantomas wrote:
that doesn't seem like proxypac script. That defines how to create custom
netscape packages, not proxy autoconfiguration.
Correct.
(I haven't tried setting browser.startup.page variable in that script,
that might work...but might not)
I would not b
On Mon, 21 Mar 2005, Joost de Heer wrote:
We have observed that when emails are sent by our users through
Yahoo, Hotmail or other web-based mailing service the Originating IP
in their mail headers is that of the caching server on which Squid is
running. This makes it impossible for us to trace th
On Mon, 21 Mar 2005, Kashif Ali Bukhari wrote:
i am getting these two logs in todays date
No1
2005/03/21 01:32:46| Config 'request_header_max_size'= 20480 bytes.
2005/03/21 01:32:46| Request header is too large (21900 bytes)
Probably a malfunctioning client.
2005/03/21 01:33:28| httpReadReply: Exce
On Mon, 21 Mar 2005, Tracey, Michael wrote:
I'm trying to block file uploads over a certain size with squid, and have
everything working, except where the user connects with HTTPS. Is there a
way to limit uploads based on size when it's encrypted ssl (443) traffic?
Nope. The size is not known to S
On Mon, 21 Mar 2005, Juhani Tali wrote:
The DNS round robin should work (and I am using it at the moment, somewhat).
The more interesting is what will happen if one server goes down.
Will the child squid take the next address from dns or fail?
Squid will mark the failed address as down and stop us
On Mon, 21 Mar 2005 [EMAIL PROTECTED] wrote:
With DNS you making round robin, and in this case every request is send to
the next in the zone file machine. like that 1,2,1,2,1,2 and because squid
is loading and checking dns at startup is it going to use this
round-robin. But be sure that you should
Cristian Rodriguez wrote:
On Mon, 21 Mar 2005 18:12:26 +0100, Andreas Pettersson <[EMAIL PROTECTED]> wrote:
In a few weeks we will upgrade our internet connection from 2 to 10
Mbit/s (symmetrical).
I'm running squid-2.5STABLE9 on a [EMAIL PROTECTED] MHz, and during peak time
the
cpu util is abo
Actually I asked a similar question awhile ago. The bottleneck is caused
the poll/select implementation. And there is no plan/way to improve it
in Squid-2.5. You can find the dev discussion about replacing it with
epoll in Squid-3.
It's working but not stable and I haven't tested it.
George
> --
Juhani Tali wrote:
The DNS round robin should work (and I am using it at the moment,
somewhat).
The more interesting is what will happen if one server goes down.
Will the child squid take the next address from dns or fail?
Tests showed that it will take the next address and it will not fail.
Now
In a few weeks we will upgrade our internet connection from 2 to 10
Mbit/s (symmetrical).
I'm running squid-2.5STABLE9 on a [EMAIL PROTECTED] MHz, and during peak time the
cpu util is about 20-25%.
Is it possible to predict the resource usage with 10 Mbit/s uplink?
Do I have anything to worry abo
> > On 16.03 14:23, Michael Pophal wrote:
> > > As I know there is a possibility to define a homepage via proxy-pac.
> On Thu, 2005-03-17 at 11:13, Matus UHLAR - fantomas wrote:
> > Where? I haven't found that anywhere.
> > Can you provide more info?
On 17.03 13:43, Michael Pophal wrote:
> It too
Looks like I might have squid working as a front end to OWA, but it
gives me a popup window for authentication, vs. the outlook web access
login screen.
Any idea how to resolve this?
> >On 18.03 20:10, Askar wrote:
> >>cache_dir diskd /cache1/cache 25000 32 256
> >>cache_dir diskd /cache2/cache 16000 32 256
> >>cache_dir diskd /cache3/cache 16000 32 256
> Matus UHLAR - fantomas wrote:
> >eh, three cache_dir's on two disks? a bit useless and ineffective
> >you only should use o
On 21.03 16:20, Juhani Tali wrote:
> I have a 2 level setup
> 1-st level is local squid, eg. squid-office that forward all non-local
> traffic to 2-nd level squids.
just one machine/process? that could be single point of failure...
> 2-nd level are 4 parent squid servers: squid1, squid2, squid3,
> We have observed that when emails are sent by our users through
> Yahoo, Hotmail or other web-based mailing service the Originating IP
> in their mail headers is that of the caching server on which Squid is
> running. This makes it impossible for us to trace the originator of
> that mail though
i am getting these two logs in todays date
No1
2005/03/21 01:32:46| Config 'request_header_max_size'= 20480 bytes.
2005/03/21 01:32:46| Request header is too large (21900 bytes)
2005/03/21 01:32:46| Config 'request_header_max_size'= 20480 bytes.
2005/03/21 01:32:51| Request header is too large (219
The DNS round robin should work (and I am using it at the moment, somewhat).
The more interesting is what will happen if one server goes down.
Will the child squid take the next address from dns or fail?
Juhani
[EMAIL PROTECTED] wrote:
With DNS you making round robin, and in this case every request
I'm trying to block file uploads over a certain size with squid, and have
everything working, except where the user connects with HTTPS. Is there a
way to limit uploads based on size when it's encrypted ssl (443) traffic?
Here's the ACL part of my squid.conf (I'm only blocking uploads based on
si
With DNS you making round robin, and in this case every request is send to
the next in the zone file machine. like that 1,2,1,2,1,2 and because squid
is loading and checking dns at startup is it going to use this
round-robin. But be sure that you should restart squid after modifing zone
files i
On Mon, 21 Mar 2005, Marc-Oliver Roos wrote:
I don´t want to give MY username / password to all users of my office.
I only want to give the username/password to squid!!!
But i don´t find the answer to give THIS username / password to squid.
See the cache_peer directive.
Regards
Henrik
On Mon, 21 Mar 2005, Marco Crucianelli wrote:
As I wrote in the other post, configure doesn't seem to accept this
option as I get policies built: lru in its output
What can it be!??!
Which version of Squid?
From ./configure --help
--enable-removal-policies="list of policies"
On Sun, 20 Mar 2005, David I Merchant-Dei Merchant-Dest wrote:
I am a LINUX newbe, I finally got my RED Hat 6.1 release operating
system 2.2.12 up and running, I have installed Apache server set up to
run virtual hosts, of course I have one static ip, and 75 domains. I want
to know if using Squid
Hi
I have a 2 level setup
1-st level is local squid, eg. squid-office that forward all non-local
traffic to 2-nd level squids.
2-nd level are 4 parent squid servers: squid1, squid2, squid3, squid4.
(2 servers, 2 processes to use both cpu-s)
It would be nice to load-balance the parents and if one
Hi !
We are using squid-2.4.STABLE6-6.7.3 in our ISP setup and are
absolutely satisfied with its performace. We are also using a
subscriber management software for billing and authentication wherein
the user has a PPPoE exe and he gets a Live IP dynamically after
authentication.
We have observed
Hello Mailing-List,
we want to use pam-authentication (with pam_mysql.o) for the
squid-users. But the users can't log in successfully :(
We are using squid-2.5.STABLE9 (under Debian Sarge with the debs
libmysqlclient14/mysql-client-4.1/libmysqlclient14-dev) and configured
it the following way:
#
>
> Hello,...
>
> i have setup a squid-proxy in my office last week - under
> windows 2000.
>
> The insatallation and configuration wasn´t a problem - only one thing:
>
> The internet-account in my office is registrated to my name -
> that means,
> that ALL other office-partners are surfin
> Hi, Elsen Marc
> Thank you for your kindly support at first.
> I encounter this error when I logon Agile, But It is no
> problem if I
> connect internet directly if I use windows xp sp1 installed IE6.0.
> Windows XP sp1 eventviewer have not any error logs about it.
> dmesg com
Hello,...
i have setup a squid-proxy in my office last week - under windows 2000.
The insatallation and configuration wasn´t a problem - only one thing:
The internet-account in my office is registrated to my name - that means,
that ALL other office-partners are surfing on my account.
That means,
Hi, Elsen Marc
Thank you for your kindly support at first.
I encounter this error when I logon Agile, But It is no problem if I
connect internet directly if I use windows xp sp1 installed IE6.0.
Windows XP sp1 eventviewer have not any error logs about it.
dmesg command display as b
Matus UHLAR - fantomas wrote:
On 18.03 20:10, Askar wrote:
Find the info you asked
1) squid Version 2.5.STABLE9
2) Linux (slackware) kernel 2.6.11.3
3) 2 sata hard drive 37GB each
cache_dir diskd /cache1/cache 25000 32 256
cache_dir diskd /cache2/cache 16000 32 256
cache_dir diskd /cache3/cach
>
> Hi, Elsen
> This error appears in MS IE 6.0.2800. cipher
> Strength:128-bit.
- Could you post the complete error, as seen if the browser
or was that all ?
> But It is no
> problem if I connect internet directly.
> Squid Server version: Redhat Linux 9.0
Check
% dmesg
on
Hi, Elsen
This error appears in MS IE 6.0.2800. cipher Strength:128-bit. But It is no
problem if I connect internet directly.
Thanks
Seewo
"Elsen Marc" <[EMAIL PROTECTED]> on 03/21/2005 05:22:55 PM
>
> Hi, All
>
> I installed squid2.5stable7 on Dell Optiplex GX270 and I
> encountered regarding
> https error via squid2.5STABLE7
> I Got error message "Can not create SSL Socket: Socket Closed
> Prematurely."
> shown as below
>
- Where is this error appearing , browser ?
- OS/platfor
Hi, All
I installed squid2.5stable7 on Dell Optiplex GX270 and I encountered regarding
https error via squid2.5STABLE7
I Got error message "Can not create SSL Socket: Socket Closed Prematurely."
shown as below
Nothing found in cache log.
Any ideas?
Seewo
On 20.03 18:24, Cody Webb wrote:
> I am planning to host squid on a server with a 100Mbit connection. The
> company that will be hosting my server only allows 200Gbits of bandwidth
> per month. Delay pools will be used to limit total bandwidth and speed.
> I would like home broadband users to by
On 19.03 19:46, Cody Webb wrote:
> I would like to provide content filtering for members our my
> congregation. My content filter utilizes squid. I would like to
> conserve bandwidth as much as possible (due to the costs associated with
> bandwidth metering). Would it be possible for users downl
On 18.03 20:10, Askar wrote:
> Find the info you asked
>
> 1) squid Version 2.5.STABLE9
> 2) Linux (slackware) kernel 2.6.11.3
> 3) 2 sata hard drive 37GB each
>
> cache_dir diskd /cache1/cache 25000 32 256
> cache_dir diskd /cache2/cache 16000 32 256
> cache_dir diskd /cache3/cache 16000 32 256
On 18.03 07:14, Umar Draz wrote:
> hi dear members!
>
> i want maximum HIT in my squid cache so plz help me what kind of
> refresh_pattern should be use?
It's not about refresh pattern, it's abour properly set up squid. big disk
and memory space, reasonably set maximum_object_size, good replace
> On Thu, 17 Mar 2005 13:59:57 -0900, Chris Robertson <[EMAIL PROTECTED]> wrote:
> > You are seeing peaks of over 20 Mb/sec traffic, from 2500 clients. That's
> > quite a bit for one box to be handling. What kind of requests per second
> > does that translate out to? (Cache Utilization in the ca
Hi, I'm coming back later than what I had planned :-)
My investigations didn't gave me more than what I already had.
I increased the syn backlog, no results but according to the
monitoring I've set up, one point is sure now (like you were
saying), it's not a squid problem, but an OS or even hardwa
58 matches
Mail list logo