We are using Dell 2850 dual 3.2 Xeon processor, 8 Gig of Physical memory and
15rpm SCSI disk for caching (no raid). The software is FC 4 64 bit with Squid
2.5Stable13. Below is the way I complie my Squid:
--prefix=/usr --exec-prefix=/usr --bindir=/usr/sbin --libexecdir=/usr/lib/squid
Thanks for that, I have installed the helper but am getting stuck on the
configuration side. Could you point me to some documentation which
explains how to configure squid.conf.
I have tried
auth_param digest program /usr/local/squid/libexec/digest_ldap_auth -e
-b
We are using Dell 2850 dual 3.2 Xeon processor, 8 Gig of Physical memory and
15rpm SCSI disk for caching (no raid). The software is FC 4 64 bit with Squid
2.5Stable13. Below is the way I complie my Squid:
--prefix=/usr --exec-prefix=/usr --bindir=/usr/sbin
--libexecdir=/usr/lib/squid
Hi,
sorry for my bad english!
my system:
suse linux 10
Squid Cache: Version 2.5.STABLE10
samba (smbd) Version 3.0.20b-3.1-SUSE
wbinfo_group.pl is patched with
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE12-wbinfo_group.patch.
I'm trying to get the authentication by the
mån 2006-04-10 klockan 09:26 +0200 skrev Paolo Biancolli:
Thanks for that, I have installed the helper but am getting stuck on the
configuration side. Could you point me to some documentation which
explains how to configure squid.conf.
First of all you need an understanding of Digest
Please keep replies on the mailinglist.
sön 2006-04-09 klockan 16:52 -0400 skrev Scott Ehrlich:
I successfully patched the source for squid 2.5, compiled, and installed
it. I happen to be using NCSA auth and am trying to get my CDMA phone to
proxy through my squid server.
What is the
sön 2006-04-09 klockan 21:10 -0700 skrev Discussion Lists:
Suppose I have two squid3 machines that are clustered, and I want them
both to offer reverse SSL proxy (depending on whichever is active of
course). Assuming that all is set up correctly, couldn't I just keep
identical copies of the
[discussion moved to squid-users where it belongs]
tor 2006-03-30 klockan 19:04 -0600 skrev Cristal Montanez:
I was reading about this but the documentation In
late 1998, if you are buying a new machine for a
cache, I would recommend the following configuration:
300 MHz Pentium II CPU
Hi,
I have a network with some windows and linux clients. All clients authenticate
against a LDAP server (windows clients via samba) running on a linux server.
Now, I want to use the client's authentication within squid, so I can
allow/disallow access to (parts of) the internet, but without
Hello!
I have some trouble with new kind of flood targeted at proxy server.
One hosts creates thousands of new connections. Is there a way to
protect against that at squid level? I would like to avoid doing it with
netfilter, because it is hard to guess acceptable limit of connections
I have manged to get the digest_pw_auth program working properly without any
Problems.
You mentioned I need at least the -A option to the line in squid.conf. The ldap
database I am authenticating against is a MS 2003 active directory. Do I
specify the password attribute which contains the
Hi,
I have a network with some windows and linux clients. All clients authenticate
against a LDAP server (windows clients via samba) running on a linux server.
Now, I want to use the client's authentication within squid, so I can
allow/disallow access to (parts of) the internet, but without
On 4/10/06, Michał Margula [EMAIL PROTECTED] wrote:
Hello!
I have some trouble with new kind of flood targeted at proxy server.
One hosts creates thousands of new connections. Is there a way to
protect against that at squid level? I would like to avoid doing it with
netfilter,
Mark Elsen napisał(a):
There is a :
max_conn
parameter, check it out ; in squid.conf.default. Exact name slips me
for the moment
M.
I was thinking about something more sophisticated, because now I have:
acl too-many-connections maxconn 500
http_access deny all
snip
I have some trouble with new kind of flood targeted at proxy server.
One hosts creates thousands of new connections. Is there a way to
protect against that at squid level? I would like to avoid doing it with
netfilter, because it is hard to guess acceptable limit of connections
(browsers
Hi,
I'm currently researching squid's ability to have traffic destined for
specific IPs redirected to specific http_accel_hosts.
For example, Squid listens on the following addresses:
192.168.5.2:80
192.168.5.3:80
The nature of requests coming in on each IP differ, so the host they
get sent to
Hello,
HTTP and FTP request using NTLM works fine with Mozilla and IE
browser. Now i want to authenticate a client FTP (like Filezilla) with
NTLM. I can't find a way to do this, is it possible ? Someone has ever
done it ?
I have tried to add these rules :
acl intfullacl external NT_global_group
mån 2006-04-10 klockan 15:59 +0200 skrev Paolo Biancolli:
You mentioned I need at least the -A option to the line in squid.conf.
Yes. It's required as without it the helper has no means of knowing how
to retrieve the users password (as plain-text or digest H(A1) hash) from
the directory server.
Hi Squid USers,
I have webservers in our local network that users should access always
directly. In order to realise that condition, i created an acl as follows:
acl dragon dst 10.1.0.0/255.255.0.0
always_direct allow dragon
no_cache deny dragon
Anyway, i keep finding such records inside
Great advice, thank you!
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Monday, April 10, 2006 2:18 AM
To: Discussion Lists
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Squid3 and certificates in a cluster
sön 2006-04-09 klockan 21:10
I run smartfilter plugin for squid. I define catagorys that I want blocked to
the internet. I found that I am unable to block any website that has https://
appended to the front end (443). As a result, a lot of the student body has
figured out how to bypass the filter. (smart kids). My
I run smartfilter plugin for squid. I define catagorys that I want blocked to
the internet. I found that I am unable to block any website that has https://
Do you really want to block secure websites ? (...)
appended to the front end (443). As a result, a lot of the student body has
Hi Squid USers,
I have webservers in our local network that users should access always
directly. In order to realise that condition, i created an acl as follows:
acl dragon dst 10.1.0.0/255.255.0.0
always_direct allow dragon
no_cache deny dragon
Anyway, i keep finding such records
Quoting Mark Elsen [EMAIL PROTECTED]:
I run smartfilter plugin for squid. I define catagorys that I want blocked
to
the internet. I found that I am unable to block any website that has
https://
Do you really want to block secure websites ? (...)
appended to the front end (443). As
I dont want to block all ssl sites. However, for some reason any url that has
https: in it, doesnt go through the proxy
- It should, in the default settings; check access.log for the failing URI's.
- Check cache.log , for further error info , if any.
...
M.
Hello,
please CC me on any follow ups as I no longer receive squid list emails.
thank you very much.
I have been using squid since the beginning of time (1999) and this is
the first show stopper I have ran into, nice work!!
Over the weekend we changed ISPs. the only thing changed on the
Hello,
I am a bit confused here. I am currently running an several servers each
with an instance of apache 2 and squid 2.5 using:
httpd_accel_single_host On
httpd_accel_host 127.0.0.1
httpd_accel_port 80
From your email it seems like I can set the apache servers as cache
peers? Is that
Hello,
please CC me on any follow ups as I no longer receive squid list emails.
thank you very much.
I have been using squid since the beginning of time (1999) and this is
the first show stopper I have ran into, nice work!!
...
- On the SQUID box, are you using the correct
Quoting Mark Elsen [EMAIL PROTECTED]:
I dont want to block all ssl sites. However, for some reason any url that
has
https: in it, doesnt go through the proxy
- It should, in the default settings; check access.log for the failing
URI's.
- Check cache.log , for further error info ,
I am trying to get WPAD or Internet Explorer Proxy Automatically Detect
Settings to work.
http://www.freeproxy.ru/en/free_proxy/faq/wpad.htm
I have NATed all DNS requests that contain wpad to my DNS server. I have
created DNS entries for wpad, wpad.reversednsofmyips.com etc on the server
mån 2006-04-10 klockan 15:08 +0200 skrev Michał Margula:
Hello!
I have some trouble with new kind of flood targeted at proxy server.
One hosts creates thousands of new connections. Is there a way to
protect against that at squid level? I would like to avoid doing it with
netfilter,
mån 2006-04-10 klockan 10:41 -0400 skrev Sketch:
Hi,
I'm currently researching squid's ability to have traffic destined for
specific IPs redirected to specific http_accel_hosts.
Is there any way to accomplish this without running multiple instances of
squid?
Yes, there is several.
Do
mån 2006-04-10 klockan 17:03 +0200 skrev Aurélien Bras:
HTTP and FTP request using NTLM works fine with Mozilla and IE
browser. Now i want to authenticate a client FTP (like Filezilla) with
NTLM. I can't find a way to do this, is it possible ? Someone has ever
done it ?
Does Filezilla support
On 4/10/06, Henrik Nordstrom [EMAIL PROTECTED] wrote:
mån 2006-04-10 klockan 10:41 -0400 skrev Sketch:
Hi,
I'm currently researching squid's ability to have traffic destined for
specific IPs redirected to specific http_accel_hosts.
Is there any way to accomplish this without running
Hello,
What is the best option to start squid in deamon mode and avoid these errors ?
I run RHEL V4 + squid stable 13, + wccp.
Regards,
Running: squid -sY /usr/local/squid/var/squid.out 21
/usr/local/squid/bin/RunCache: line 35: 6794 File size limit
exceededsquid -NsY $conf $logdir/squid.out
I have been running Squid as a reverse proxy to an Apache origin server
on the same host. Squid and Apache use the same port number but
different addresses, as recommended (the public routable address for
Squid, 127.0.0.1 for Apache).
I would like to change this configuration (at least in
Some versions of IE are broken and look for wpad.da, missing the t
at the end. Symlink so they stay the same.
You need to be able to access the wpad file without the proxy for
obvious reasons (but this is sometimes overlooked). Check by turning off
all proxy options and trying to access where
Mohammad Shakir wrote:
I have 3 cache_peer and want to configure like this
Paccs acl goes to 192.168.0.1
MediaExt acl goes to 192.168.0.2
and all others request goes to 192.168.0.3
for this I change in squid.conf like this, but it is not working properly.
Could you be more specific in how
Logu wrote:
Hi,
Is it possible to select and authenticate the clients based on their
src IPaddress against a particular ldap server.
Say for example I want to authenticate the client
172.16.1.1 against the ldap server at 172.16.1.10 and the client
172.16.1.5 against the ldap server
Nick Duda wrote:
We use AD for authentication via samba/winbind. I have ACL setup to deny
downloading of file types but want to enable certain users to download.
# Define files to block from downloading
acl filedownloads urlpath_regex -i \.exe$ \.mp3$ \.mov$ \.mpg$ \.mp?$
\.avi$ \.rm$
# File
s??n 2006-04-09 klockan 16:52 -0400 skrev Scott Ehrlich:
I successfully patched the source for squid 2.5, compiled, and installed
it. I happen to be using NCSA auth and am trying to get my CDMA phone to
proxy through my squid server.
What is the best way to create a proxy account with no
Hi All,
I am running Squid Cache: Version 2.5.STABLE10. I am having a problem
with one web site. If I use proxy.pac file it says page cannot be
displayed. If I use manual proxy server settings it works fine. I dont
have any rules in proxy.pac file for this web site. I couldn't figure
out why it
I've got Squid-2.5.STABLE13 with the epoll patch, and I'm getting a
lot of clearing ENTRY_DEFER_READ messages in my cache.log. Is this
something I should be concerned about, or just a debug message at the
wrong verbosity level?
[EMAIL PROTECTED] wrote:
Hi
I posted my question earlier also but no one replied and I am not
getting enough information on squid website also. So pl reply to me.
Below is my question and configuration
I am using class 3 delay pool and objective is to allocate 128kbps to
each host which
Dwayne Hottinger wrote:
Quoting Mark Elsen [EMAIL PROTECTED]:
I dont want to block all ssl sites. However, for some reason any url that
has
https: in it, doesnt go through the proxy
- It should, in the default settings; check access.log for the failing
URI's.
-
This is not the case for me. I've had half_closed_clients set to off, and I
continue to
get more than 5 or so log lines of this per second.
Henrik's earlier confirmation of setting the debug level in the patch to
debug(20, 2) was a more
useful reply for me.
--john
- Original Message
Hi All,
I am running Squid Cache: Version 2.5.STABLE10. I am having a problem
with one web site.
- What is the problem, in more exact terms ?
For instace, full error(s) - returned in browser ?
If I use proxy.pac file it says page cannot be
displayed. If I use manual proxy server
Hello,
What is the best option to start squid in deamon mode and avoid these errors ?
I run RHEL V4 + squid stable 13, + wccp.
Regards,
Running: squid -sY /usr/local/squid/var/squid.out 21
/usr/local/squid/bin/RunCache: line 35: 6794 File size limit
- Check whether none of your
48 matches
Mail list logo