Hello Rodrigo, hello all!
I'm trying to implement the per user access restriction using Squid. I've
put the acls for each user in a seperate file like user-acl.txt. For
example, my `guest-acl.txt' looks like:
===
acl guest_ipdst some-ip/32
acl guest_mail dstdom_regex
On Wed, Feb 27, 2008, Mark Nottingham wrote:
Is this going to be a semi-regular event? I'd be interested in
participating in the future, but need more lead time to arrange
travel...
.. I'm happy to organise more frequent Squid related meets in Perth
(Western Australia) if enough people
On Tuesday 26 February 2008, Ric wrote:
On Feb 26, 2008, at 2:25 AM, Angela Williams wrote:
On Tuesday 26 February 2008, Ric wrote:
I'm wondering why we require squid -z before starting up Squid for
the first time. Is there some reason why Squid shouldn't do this
automatically when
On 20.02.08 15:12, Jeremy Kim wrote:
Our squid proxy works fine most of the time but couple times during the
day it would freeze or slow down causing connection to time out or take
really long time to get to the website. Then it would be fine again.
just a blind guess: isn't it swapping?
Hi List
I'm from Brazil and this is my first post here...
I'm trying do authentication in my Active Directory with Winbind and =
Samba, I'm using FreBSD 6.3 Release, Squid 2.6.STABLE16 and Samba =
3.0.28.
I am having problems with authentication
I used to Squid 2.5 and I obtained
On Feb 27, 2008, at 12:29 AM, Angela Williams wrote:
On Tuesday 26 February 2008, Ric wrote:
On Feb 26, 2008, at 2:25 AM, Angela Williams wrote:
On Tuesday 26 February 2008, Ric wrote:
I'm wondering why we require squid -z before starting up Squid
for
the first time. Is there some reason
Mark, thanks for raising these questions, we at Last.FM are facing the
same issues as Yahoo! is wrt squid-2/-3.
In answer to your final question in the list, I've tested -3 on a
number of servers over a number of time-periods during the past few
months. Unfortunately, the missing features found
On 24.02.08 20:53, Odhiambo Washington wrote:
Then use an identd as has been mentioned in this list before.
which will also not work because of transparecy (unless squid with tproxy
can fake outgoing IP even for ident connections). It would also slow down
connections (ident lookup per
I am trying to use various authentication helpers to be able to track
web usage on my new server.
Currently I am getting the following message:
snip
ERROR
The requested URL could not be retrieved
While trying to retrieve the URL:
On Wed, Feb 27, 2008 at 8:05 AM, Adrian Chadd [EMAIL PROTECTED] wrote:
On Wed, Feb 27, 2008, Mark Nottingham wrote:
Is this going to be a semi-regular event? I'd be interested in
participating in the future, but need more lead time to arrange
travel...
.. I'm happy to organise more
I have just been googling and I read that it is impossible for Squid
to provide for Transparent Proxying and for Authentication.
Would it be possible to replace the
/usr/local/squid/share/errors/English/ERR_ACCESS_DENIED page with a
custom one providing for usernames and passwords.
A Perl script
Hello,
I've setup squid to solely allow HTTP requests to access the proxy.
I need to know how to allow any FTP request to any IP/port to access the proxy
using TSL or SSL as well, but I dont want any P2P / Torrent or 1024 port
application other than Browsing and FTP to access the proxy.
How
Hi, spoke too soon. Was working for a few hours, then it started to fail again.
Nothing changed on the network, cant figure this out. Perhaps I should give up
running squid as a transparent proxy. :'(
Miraj.
-Original Message-
From: Miraj Shah [mailto:[EMAIL PROTECTED]
Sent: Tuesday,
On Wed, 2008-02-27 at 15:20 +1100, Mark Nottingham wrote:
Is this going to be a semi-regular event? I'd be interested in
participating in the future, but need more lead time to arrange
travel...
If enough folks want to meet, we should organize a Squid Conference. A
conference would allow
Rebecca Pakish Crum wrote:
Hi all - I'm running an older version of squid
(squid/2.5.STABLE10) on
a Fedora Core box. Usually I have no problems, but one of
my end-users
is clicking on a link on a county website that takes them
(or tries to
take
them) to
On Tuesday 26 February 2008, Ric wrote:
On Feb 26, 2008, at 2:25 AM, Angela Williams wrote:
On Tuesday 26 February 2008, Ric wrote:
I'm wondering why we require squid -z before starting up Squid for
the first time. Is there some reason why Squid shouldn't do this
automatically when
I have tried what you were suggesting with regards to the pinger, but it
still doesn't work.
Here is my entire squid.conf without commented out lines.
Please have a look and if possible let me know what I should change in it.
Thanks
Chris
http_port 80
cache_peer 192.86.77.19 parent 80 0
First off, when you run squid -k rotate, squid sends EOF to all
rewriter children and starts new ones. This is coded behavior,
although it's a simple patch to disable if you want - just remove the
calls to redirectShutdown() and redirectInit() from the mainRotate()
function.
As far as
We decided that we wanted to cache files up to 5GB (DVD ISOs), and in
the process noticed this compile-time flag:
--enable-large-cache-files Enable support for large cache files (2GB).
WARNING: on-disk cache format is changed by
this option
We're running a 64-bit
On Wed, Feb 27, 2008, Matus UHLAR - fantomas wrote:
On 27.02.08 10:29, Angela Williams wrote:
To me this does not make sense really.
I setup a squid server, create the squid cache structure and start squid.
I can count the numbers of time I have had to rebuild a fresh cache
structure
Is your ftp client sending requests to squid as HTTP?
Squid is a _HTTP_ proxy at the moment. It can gateway _TO_ FTP, but it doesn't
speak FTP
to the client.
Adrian
On Wed, Feb 27, 2008, Charbel Maroun wrote:
Hello,
I've setup squid to solely allow HTTP requests to access the proxy.
I
Hello,
How to tell wccp to no redirect some urls to proxy ?
--
Sds.
Alexandre J. Correa
Onda Internet / OPinguim.net
http://www.ondainternet.com.br
http://www.opinguim.net
There's no way to do that right now - you have to put in IPs in an ACL
on the router to bypass.
Bypassing isn't actually all that hard, especially if you're running TPROXY.
Someone just needs to sit down and code it up.
(I'm open to discussions with interested parties if a group of people would
I need to setup a reverse proxy on the same Windows server that allows
only certain defined URLs (www.somedomain.com/Test/this_url_only.asp).
Squid-Listen-On:8880 - send to localhost: (IIS)
I've got the reverse proxy working using the following in my squid.conf file:
http_port
Hi again,
I have got even more info on how this would like to be done.
They are talking about they might want to use Forms authentication for users
on the internet and from what I think I understand that is basicly just a
.net website so that should be too hard to get running :\
But in the end
Just so people aren't left wondering why there's been no response -
the best way to approach this is being discussed amongst the core
developers at the moment. It just co-incides with three of them -
Alex, Henrik and Robert- in transit to London.
That said, if anyone else has anything to offer on
I'd love to hear the thoughts on this as well.
We (Flickr) run squid 2 with what might be a very specific use-case: constantly
full and churning reverse-proxy caching, making
use of both memory and disk. Until 3 has some of the things that Mark points
out, and gains stability for our use, we
Hey there,
I am using a client called: FlashFXP and in the proxy settings I choose:
HTTP PROXY (Connection Tunnel)
So yes client supports HTTP Proxy, it's only the squid that is blocking it as
it shows on these logs.
It is actually blocking all ports besides 80 and 8080 in order to block all
Squid is HTTP proxy and not FTP proxy; you need to check your firewall rules
for this. Check what modules are loaded in your iptables.Try loading
ip_nat_ftp module in iptables-config.
Thank you.
Regards,
+++
Technical Support
Excelize Software Pvt Ltd
www.excelize.com
I just think Apache's mod_deflate has a weak point.
When client doesn't declare it accept encoding, apache returns an
uncompressed object, but for this object mod_deflate also returns a
Vary: Accept-Encoding header.
This make some browsers be confused. In fact my current IE6 sp2 can't
download
what I said is mod_deflate always send a Vary: Accept-Encoding
header to clients though it didn't compress that object.
this make some browsers have problems.
On Thu, Feb 28, 2008 at 2:49 PM, Nils Jeppe [EMAIL PROTECTED] wrote:
On Thu, 28 Feb 2008, J. Peng wrote:
I just think Apache's
On Feb 26, 2008, at 7:30 PM, Mark Nottingham wrote:
Hello Squid folk,
I maintain Yahoo!'s internal build of Squid, and serve as a resource
for the various Y! properties that use it.
We currently only use Squid-2, and don't have plans to migrate to
Squid-3; although ESI, ICAP as well as
Henrik, Adam, Alex,
Thank you for your advice. I appreciate that.
In the last few days, I was investigating the peer packets of FIN/ACK and
ACK.
I found a little bit strange behavior. When peer clients use TIMESTAMP of
TCP option, TIME_WAIT is always clear after linux that running on get ack
33 matches
Mail list logo