Why confused?
Becuase this morning I discovered that the word causing access denied is
Pene; this word is contained in acl bad_word_content_type:
acl bad_word_content_type url_regex -i sesso culo culi tette nudo nuda seno
seni PENE cazzo cazzi teen figa webtv streaming tvgratis
Reading log you
Hi !
Something that could help you because it's simplier (IMHO) to manage
ACLs, is SquidGuard.
I use it and find it Extremely good.
Matching a rule with or without excerptions, is just a matter of typing
the word/url/address you are considering to ban/allow.
Regards
Valter
Reale Marco
- Check squid's access.log (for starters)
M.
Hi,
Yeah, I forgot to say that i have ever done that, and nothing strang for
me :
access.log.to.parse:1163670988.715387 192.168.171.102 TCP_MISS/401
4954 GET http://smme.ucr.fr/ - DIRECT/62.39.40.130 text/html
fre 2006-11-17 klockan 09:15 +0100 skrev Reale Marco:
Why confused?
Becuase this morning I discovered that the word causing access
denied is Pene; this word is contained in acl
bad_word_content_type:
acl bad_word_content_type url_regex -i sesso culo culi tette nudo nuda seno
seni PENE cazzo
fre 2006-11-17 klockan 01:39 +0100 skrev Aleksandar Tancevski:
2006/11/16 02:41:14| ACL name 'all' not defined!
FATAL: Bungled squid.conf line 60: ident_lookup_access deny all
My squid is squid/2.5.STABLE6(istalled trough yum) on CentOS 4.3 OS, my
squid.conf is:
#acl all src
I use squidnt 2.6 stable4 on windows 2003 and it works perfectly with
Active Directory Integration
Just a curiosity...
Today reading again cache.log I saw an interesting thing:
helperOpenServers: Starting 5 'mswin_check_lm_group.exe' processes
-cache.log---
2006/11/17
fre 2006-11-17 klockan 13:00 +0800 skrev Adrian Chadd:
On Fri, Nov 17, 2006, Alexandre Correa wrote:
Seems squid is running fine without dlmalloc and gnumalloc !!!
squid 3147 6.2 41.8 1110696 1074044 ? Sl Nov14 273:48 (squid) -D -s
Thats great to know. I know I've run Squid w/
fre 2006-11-17 klockan 09:47 +0100 skrev Sébastien GASPARI:
Yeah, I forgot to say that i have ever done that, and nothing strang for
me :
access.log.to.parse:1163670988.715387 192.168.171.102 TCP_MISS/401
4954 GET http://smme.ucr.fr/ - DIRECT/62.39.40.130 text/html
Which Squid
I use squidnt 2.6 stable 4 on Windows 2003 with Active Directory
Integration
My squid.conf is:
-squid.conf--
external_acl_type NT_global_group %LOGIN
c:/squid/libexec/mswin_check_lm_group.exe -G -c acl DomainUsers external
NT_global_group c:/squid/etc/DomainUsers.txt
acl
Which Squid version? The site only offers microsoft integrated
authentication which due to it's violations to the HTTP protocol does
not work via Squid-2.5 or earlier.. 2.6 required for this to even have a
chance of working.
Regards
Henrik
Squid Cache: Version 2.4.STABLE6, do you think it's
fre 2006-11-17 klockan 10:27 +0100 skrev Sébastien GASPARI:
Squid Cache: Version 2.4.STABLE6, do you think it's something not taking
in charge in this version of squid ?
Should work, assuming there is no other proxies involved in the request
chain.
Regards
Henrik
signature.asc
fre 2006-11-17 klockan 10:39 +0100 skrev Sébastien GASPARI:
Henrik Nordstrom a écrit :
fre 2006-11-17 klockan 10:27 +0100 skrev Sébastien GASPARI:
Squid Cache: Version 2.4.STABLE6, do you think it's something not taking
in charge in this version of squid ?
Should work,
fre 2006-11-17 klockan 10:09 +0100 skrev Reale Marco:
Why squid start 5 processes? I think they are they enough because I
haven't problem but I would like to know where is this value taken from
and how to change it
It's the children= option to external_acl_type. Defaults to 5
(undocumented,
Henrik please have patience with me.
This is my squid.conf?
squid.conf-
auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe
external_acl_type NT_global_group %LOGIN
c:/squid/libexec/mswin_check_lm_group.exe -G -c
auth_param ntlm children 100
squid.conf-
fre 2006-11-17 klockan 11:41 +0100 skrev Reale Marco:
I addes children=100 at the end of external_acl:
external_acl_type NT_global_group %LOGIN
c:/squid/libexec/mswin_check_lm_group.exe -G -c children=100
but in cache.log I saw squid start always 5 processes.
order on the external_acl_type
Hi Henrik
many thanks for your kind support and your patience!!!
Bye
Marco Italy
-Messaggio originale-
Da: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Inviato: venerdì 17 novembre 2006 14.24
A: Reale Marco
Cc: squid-users@squid-cache.org
Oggetto: Re: R: [squid-users] Squidnt:
Hi,
if we request an cached object that is expired trough squid in
accelerator mode and record squids request to the webserver we see this:
GET http://acceltest/library/img/online.gif HTTP/1.0
If-Modified-Since: Tue, 28 Mar 2006 07:29:00.GMT
Host: acceltest
User-Agent: lwp-request/2.01
Via: 1.1
Hi all,
Currently we have dynamic pages generated using PHP + Smarty, static
cache(HTML) are generated by Smarty with a max. life span of 24 hours,
and if there is any update to the content, the cache will be cleared
immediately thru PHP call.
Is Squid useful in my current suitation? Looking
Hi all,
Currently we have dynamic pages generated using PHP + Smarty, static
cache(HTML) are generated by Smarty with a max. life span of 24 hours,
and if there is any update to the content, the cache will be cleared
immediately thru PHP call.
Is Squid useful in my current suitation? Looking
I am having odd problems getting squid+wccpv2+Linux working with our
cisco router.
I apologize in advance for the relative deluge of information, but I
want to be sure to cover all the bases.
Here is the list of ingredients:
Hardware: IBM eServer something or other.
OS: Fedora Core 6
Hello,
I'm afraid that the setting I'm plan can be abuse.
I look in the FAQ and search this malling list archive, but didn't find any
clear answer.
Im using Squid 2.5 (RHAS) as a reverse proxy for several servers by setting:
httpd_accel_host virtual
httpd_accel_single_host off
I can't use
Hello again,
I was just corrected by one of my colleagues as to the hardware and os
of the squid server.
Hardware: IBM x360
OS: RedHat Enterprise Linux 4 update 3
Also, here is the combined tcpdump output from gre1 and eth2:
### This is the 3-way handshake.
gre1 12:17:04.712823 IP
Hello again,
Here is the cache.log from a squid-2.6.STABLE5-20061116 built with a
stock ./configure.
So grab the latest squid-2.6.stable release, and build with
./configure
make
make install
And you still get the same error, more or less.
In previous builds, I had tried disabling epoll since
I am using squid 2.6 and I
need to setup transparent caching for a webserver running on a port
other than 80. We have a webserver running on port 2000 . I have spent
quite a number of hours trying to figure out in changing this default
setting. Is there a way to change this ?
I solved the problem.
I was too aggressive in the version I was running.
Something seems to be broken between squid-2.6.STABLE5 and
squid-2.6.STABLE5.20061116
/Jason
fre 2006-11-17 klockan 14:28 + skrev John Moylan:
My thinking is that if one of the back-end Apache's goes down then the
Squid that was accelerating that box will go to it's parent (accessing
the alternate Apache.)
Why jump via the second Squid? The Squids can do all this automatically
fre 2006-11-17 klockan 16:13 +0100 skrev Thomas Ristic:
Despite the new Expires squid receives, it still replies to the client
request with the old Expires and max-age values for the object.
Yes... this is Bug #7...
Is this correct behavior? For the browser this looks like the object is
fre 2006-11-17 klockan 19:46 +0200 skrev Addady:
How can I prevent abusing my squid server be limit the reverse proxy service
only to the ip's in hosts_file?
By setting up http_access rules limiting which destinations is allowed.
Regards
Henrik
signature.asc
Description: Detta är en
fre 2006-11-17 klockan 16:03 -0500 skrev Jason Taylor:
I solved the problem.
I was too aggressive in the version I was running.
Something seems to be broken between squid-2.6.STABLE5 and
squid-2.6.STABLE5.20061116
It was, and got fixed yesterday. With some additional fixes in related
areas
When:
*refresh_stale_hit and collapsed_forwarding are both active, and
* the request contains a Cache-Control: no-cache directive, and
* multiple requests arrive within the refresh_stale_hit window
the first request will go forward as expected, but subsequent
requests get collapsed and
Mohan wrote:
I am using squid 2.6 and I
need to setup transparent caching for a webserver running on a port
other than 80. We have a webserver running on port 2000 . I have spent
quite a number of hours trying to figure out in changing this default
setting. Is there a way to change this ?
Chris,
Thanks for responding. As you can see I am still confused between the
two. I thought in 2.6 Reverse proxy was replaced by InterceptionProxy.
Did I get that wrong ? I probably did!
How are the two different ? I need to be able to install a cache proxy
alongside my webserver to cache
Mohan wrote:
Chris Robertson wrote on 11/17/2006, 2:30 PM:
Mohan wrote:
I am using squid 2.6 and I
need to setup transparent caching for a webserver running on a port
other than 80. We have a webserver running on port 2000 . I have spent
quite a number of hours trying to figure
fre 2006-11-17 klockan 12:52 -0800 skrev Mohan:
I am using squid 2.6 and I
need to setup transparent caching for a webserver running on a port
other than 80. We have a webserver running on port 2000 . I have spent
quite a number of hours trying to figure out in changing this default
setting.
Chris, that worked... well sorta.. I am seeing these messages in my
access logs and on the browser I see Invalid Request . Could be
missing some acl stuff ?
1163809785.556 3 10.169.155.217 TCP_DENIED/400 1638 GET
error:invalid-request - NONE/- text/html
1163809796.231 38
Mohan wrote:
Chris, that worked... well sorta.. I am seeing these messages in my
access logs and on the browser I see Invalid Request . Could be
missing some acl stuff ?
1163809785.556 3 10.169.155.217 TCP_DENIED/400 1638 GET
error:invalid-request - NONE/- text/html
1163809796.231
I have a web proxy solution (Squid + Dansguardian +75 Ntlm Helpers to
authenticate in the AD) supporting 1500 users.
In the last 3 days the squid started to Die (restart) with the following
errors, about 4 times in the day.
Resume
Warning: all ntlmauthenticator process are busy.
Consider
Hi,
For some security reason, I need to block Gmail Drive in my company's LAN.
By using the following configuration, I can block it if users log in
Gmail Drive in a normal way:
acl gdrive url_regex -i gmailfs
acl gmail dstdom_regex -i .*.gmail.com .*mail.google.com
http_access deny gmail gdrive
I have a web proxy solution (Squid + Dansguardian +75 Ntlm Helpers to
authenticate in the AD) supporting 1500 users.
In the last 3 days the squid started to Die (restart) with the following
errors, about 4 times in the day.
Resume
Warning: all ntlmauthenticator process are busy.
Consider
39 matches
Mail list logo