Thanks.
How to log access by reverse proxy ? And in which file ? access.log ?
Thanks
Jérôme
-Message d'origine-
De : Kenny Lee [mailto:[EMAIL PROTECTED]
Envoyé : jeudi 3 mai 2007 11:17
À : Jerome; squid-users@squid-cache.org
Objet : Re: [squid-users] Squid reverse proxy AND proxy
Hi,
Hi Chris,
Okay - I've followed those instructions and squid reloads the configuration
file without any
issues.
Browsing on port 8080 works, but once again 443 is challenging me for my
credentials even though I
have turned off all authentication.
The thing about squid is, it is selecting the
Hi Everyone.
I'm using squid for reverse proxy for 'flv' progressive download.
As you know, 'flv' is flash live video files. ( youtube... etc )
I want client's pc has not flv files.
But automatically 'flv' file saves in Internet Explorer ( C:\Documents and
Settings\Owner\Local
Chris Robertson escribió:
Emilio Casbas wrote:
I know that this is a question more related to urchin software,
but maybe someone in this list have successfully configured urchin
software (UTM enabled) with a squid reverse proxy configuration.
The Urchin UTM installation is available only with
On Fri, May 04, 2007 at 07:12:34PM +0900, Seonkyu Park wrote:
I'm using squid for reverse proxy for 'flv' progressive download.
As you know, 'flv' is flash live video files. ( youtube... etc )
I want client's pc has not flv files.
But automatically 'flv' file saves in Internet
I would try operating the origin website on SSL, (or try running Squid
as an HTTP - HTTPS bridge - but probably too complicated). I believe
that if content is delivered by SSL, it is not cached by the browser in
a way that is readable...
Just my 2c worth...
Stephen
-Original Message-
On Fri, May 04, 2007, Emilio Casbas wrote:
Thanks for the response Chris,
I'll give it a try and when I have it solved I'll write a small howto
to achieve it. It could be helpful to more squid users.
Please do; I'll add it to the Wiki as a Knowledge Base article:
On 5/4/07, Stephen [EMAIL PROTECTED] wrote:
I would try operating the origin website on SSL, (or try running Squid
as an HTTP - HTTPS bridge - but probably too complicated). I believe
that if content is delivered by SSL, it is not cached by the browser in
a way that is readable...
It is stored
On Fri, May 04, 2007 at 10:02:28AM +0200, Jerome wrote:
How to log access by reverse proxy ? And in which file ?
access.log ?
You can log it into whatever file you want. I'm using squid as a
reverse proxy for two sites, which I want to log separately. You can
do this by defining access lists
tor 2007-05-03 klockan 17:34 -0400 skrev Brian Kirk:
Ok I have been trying various configurations in my squid.conf, I am
sure that I was over complicating the issue. Here is a stripped down
version that I would like to use basic if NTLM fails, but it never
drops down to the basic
I'm experiencing problems with the download of files from various
websites through squid where the file stalls at the same exact point
every single time. This happens regardless of client OS or browser
(IE, Firefox, wget). For instance one of the problematic files is from
Microsoft. The
tor 2007-05-03 klockan 15:21 -0800 skrev Chris Robertson:
The second important function of the UTM Sensor is to uniquely identify
both sessions and unique visitors. Through a patent-pending combination
of browser cookies, the Sensor detects and initializes the unique
visitor and session
tor 2007-05-03 klockan 15:42 -0400 skrev Mike Poublon:
I just tried using the same config, but commenting out the auth_param
basic lines.
Instead of being asked for a password this time, I only get to a cache
access denied page. An ethereal snoop of the http response from squid
shows the
tor 2007-05-03 klockan 07:12 -0700 skrev Sathyan, Arjonan:
URL:
https://h20293.www2.hp.com/ecommerce/efulfillment/getReceipt.do?orderNumber=361694666
Seems to work fine with Squid-2.6 64-bits.
Building a 32-bit binary to test... Seems fine there as well.
So try upgrading to 2.6 to see if that
fre 2007-05-04 klockan 10:13 -0500 skrev Chris Reining:
The download always stops at 8% and 4,203,251. There is also nothing
in cache.log that eludes to any problem. And tcpdump looks normal, the
communication between the client and squid and squid and the server
just stops. Any pointers on
tis 2007-05-01 klockan 13:09 -0400 skrev Andreas Woll:
Squid is just listening to the http_port 3128.
All other ports are disabled.
Well, the error says that cachemgr.cgi didn't succeed in connecting to
the http_port. Make sure your http_port specification and cachemgr.conf
(or manual server
Using 2.6 stable 12 on BSD configured with --enable-sll and
--enable-snmp. I need to reverse proxy for a seperate web server (Team
Foundation Server) doing https. The directions I have for setting up
reserve proxy seem to be pre-2.6 so the squid.conf settings won't work.
I've read some throught
Squid 2.6 Stable 9. Ok so if I understand you correctly, it will not
drop down to basic ever with IE since it is NTLM capable, it will just
prompt you for your credentials if the credentials that were provided
weren't a member of the specific require-membership-of group. And
that would explain
I just put iptables on our squid box and noticed some very strange
activity (IPs have been changed to protect the innocent):
[44165032.82] Dropped default (OUTPUT): IN= OUT=eth0
SRC=MY.PROXY.IP.ADDRESS DST=SOME.RANDOM.IP.ADDR LEN=40 TOS=0x00
PREC=0x00 TTL=64 ID=41807 DF PROTO=TCP SPT=3128
Pat Riehecky wrote:
I just put iptables on our squid box and noticed some very strange
activity (IPs have been changed to protect the innocent):
[44165032.82] Dropped default (OUTPUT): IN= OUT=eth0
SRC=MY.PROXY.IP.ADDRESS DST=SOME.RANDOM.IP.ADDR LEN=40 TOS=0x00
PREC=0x00 TTL=64
On 5/4/07, Pat Riehecky [EMAIL PROTECTED] wrote:
I just put iptables on our squid box and noticed some very strange
activity (IPs have been changed to protect the innocent):
[44165032.82] Dropped default (OUTPUT): IN= OUT=eth0
SRC=MY.PROXY.IP.ADDRESS DST=SOME.RANDOM.IP.ADDR LEN=40 TOS=0x00
On 5/4/07, Brian Kirk [EMAIL PROTECTED] wrote:
Squid 2.6 Stable 9. Ok so if I understand you correctly, it will not
drop down to basic ever with IE since it is NTLM capable, it will just
prompt you for your credentials if the credentials that were provided
weren't a member of the specific
fre 2007-05-04 klockan 13:47 -0400 skrev Chris Nighswonger:
FWIW, you can pass *realm* off on IE's NTLM prompt by
'domain\username' in the 'username' field ([EMAIL PROTECTED] may
work as well).
That's the domain, not the realm. NTLM (and Negotiate) does not have a
realm..
Regards
Henrik
On 5/4/07, Henrik Nordstrom [EMAIL PROTECTED] wrote:
fre 2007-05-04 klockan 13:47 -0400 skrev Chris Nighswonger:
FWIW, you can pass *realm* off on IE's NTLM prompt by
'domain\username' in the 'username' field ([EMAIL PROTECTED] may
work as well).
That's the domain, not the realm. NTLM
Hi,
Can anyone tell me should I re-compile the source with any specific option
enabled for resolving this issue...?
Regards,
Sathyan Arjunan
Unix Support | +1 408-962-2500 Extn : 22824
Kindly copy [EMAIL PROTECTED] or reach us @ 22818 for any correspondence alike
to ensure your email are
Kinkie wrote:
On 5/4/07, Pat Riehecky [EMAIL PROTECTED] wrote:
I just put iptables on our squid box and noticed some very strange
activity (IPs have been changed to protect the innocent):
[44165032.82] Dropped default (OUTPUT): IN= OUT=eth0
SRC=MY.PROXY.IP.ADDRESS
That supposes that the connection are with legitimate clients, but since the
OP referred to SOME.RANDOM.IP.ADDR, and connections ... to the outside
world, I suspect it was an open proxy.
Maybe.. It depends on how random they are...
Still the destination port is random, source port is my service
Indeed, after a bit of poking about it seems that you hit the nail on
the head now I am trying to figure out how to alter the expiration
times in iptables but that is a topic for another list if my google
time proves fruitless.
THANKS!
Pat
On Fri, 2007-05-04 at 21:52 +0200, Kinkie wrote:
[EMAIL PROTECTED] wrote:
Hi Chris,
Okay - I've followed those instructions and squid reloads the configuration file without any
issues.
To be clear, you are using the same domain name or IP address in both
definitions of the parent proxy, correct? You are no longer using the
real
Hi all, i have a question, i need to check users with squid in a LDAP
server in linux, and in a AD server in windows, is it possible??? to
have this two methods of check with squid??
Regards,
--
Fabio S. Silva
[EMAIL PROTECTED] wrote:
Hi Chris,
Okay - I've followed those instructions and squid reloads the configuration file without any
issues.
After setting up a test machine, and looking through the archives of
this thread, it appears as though my instructions were... Less than
perfect. No
Jason Hitt wrote:
Using 2.6 stable 12 on BSD configured with --enable-sll and
--enable-snmp. I need to reverse proxy for a seperate web server (Team
Foundation Server) doing https. The directions I have for setting up
reserve proxy seem to be pre-2.6 so the squid.conf settings won't work.
Hey guys, having trouble figuring this one out. I have a client trying to
run this java applet, but when we installed our transparent proxy last week
it stopped working. We have no ACLs running against this specific client;
the proxy is strictly for caching purposes
The java app runs against port
Kyle Wa wrote:
Hey guys, having trouble figuring this one out. I have a client trying to
run this java applet, but when we installed our transparent proxy last week
it stopped working. We have no ACLs running against this specific client;
the proxy is strictly for caching purposes
The java app
On 5/4/07, Fabio Silva [EMAIL PROTECTED] wrote:
Hi all, i have a question, i need to check users with squid in a LDAP
server in linux, and in a AD server in windows, is it possible??? to
have this two methods of check with squid??
It depends on the details (it's probably only feasible with
On 5/4/07, Pat Riehecky [EMAIL PROTECTED] wrote:
Indeed, after a bit of poking about it seems that you hit the nail on
the head now I am trying to figure out how to alter the expiration
times in iptables but that is a topic for another list if my google
time proves fruitless.
I suggest
Ok got that, added the directive, now I get this error
10.19.110.91 TCP_DENIED/400 1226 ticker 6 24491597,307616,758185,kylewa 63 -
NONE/- text/html
-Original Message-
From: Chris Robertson [mailto:[EMAIL PROTECTED]
Sent: Friday, May 04, 2007 2:40 PM
To: squid-users@squid-cache.org
Kyle Wa wrote:
Ok got that, added the directive, now I get this error
10.19.110.91 TCP_DENIED/400 1226 ticker 6 24491597,307616,758185,kylewa 63 -
NONE/- text/html
Well, a 400 error is Bad Request
Kinkie wrote:
That supposes that the connection are with legitimate clients, but since
the OP referred to SOME.RANDOM.IP.ADDR, and connections ... to the
outside world, I suspect it was an open proxy.
Maybe.. It depends on how random they are...
Still the destination port is random, source
Hello Facundo,
I read you message and the replies. I think that the
replies did not solve your problem. I did not open the
links provided, but i read the conclusion which is to
deny Via and X-Forwarded-For (XFF). You do not need to
deny anything. Actually, you need to disable the
transmission of
omero omero wrote:
Hello Facundo,
I read you message and the replies. I think that the
replies did not solve your problem. I did not open the
links provided, but i read the conclusion which is to
deny Via and X-Forwarded-For (XFF).
The commands I listed will deny the TRANSMISSION of the Via
omero omero wrote:
Hello Facundo,
SNIP
You want to
prevent internet servers from detecting that your are
behind a proxy, therefore you need to disable
transmission of Via and XFF.
To do that, add the following 2 lines to your squid
conf file and don't forget to restart the service
after
Hello Nicolas,
For your own convenience, i have chosen to add the
following:
If you really want to make your proxy server
anonymous. You have to know that disabling Via and XFF
is not enough. To explain my point, i will introduce
you to a header called UserAgent, this is also added
to the HTTP
Hello Nicolas,
For your own convenience, i have chosen to add the
following:
If you really want to make your proxy server
anonymous. You have to know that disabling Via and XFF
is not enough. To explain my point, i will introduce
you to a header called UserAgent, this is also added
to the HTTP
I did not recieve back my reply from squid site as
usually happens. I did not find it in the bulk or my
inbox.
Nicolas, a friend of Facundo, replied to me directly.
I have chosen to update my post.
I want to make sure that the following message was
recieved by squid users:
Hello Nicolas,
For
Henrik,
Please find the version details of my Squid
# /usr/local/squid/sbin/squid -v
Squid Cache: Version 2.6.STABLE12
configure options: '--prefix=/usr/local/squid'
'--enable-large-cache-files'
#
As per your suggestion I compiled the build to support large cache files
Hi
My OS is Redhat enterprise 4 AS.My Squid is squid-2.5.STABLE6-3.4E.11.
I do following task.
[EMAIL PROTECTED] ~]# service squid status
squid is stopped
[EMAIL PROTECTED] ~]# service squid start
Starting squid:[FAILED]
[EMAIL PROTECTED] ~]# service
47 matches
Mail list logo