Hey All,
I want to extract session 5-tuples inside squid and send them to an
ICAP servers as an argument to the service being invoked. By session
5-tuple i mean the following
Source IP
Destination IP,
Source Port,
Destination Port,
Protocol
for a specific HTTP request. These are the 5-tuples
Hello,
Squid can't handle ntlm to ntlm exchange 2007, this is the double hop issue,
I've found a workaround that is telling to squid to auth in basic then
client auth in ntlm, we have to modify exchange IISAuthentication to accept
both ntlm and basic, that works, but only with XP clients. For
ons 2012-04-18 klockan 11:08 +0500 skrev Ahmed Talha Khan:
I want to extract session 5-tuples inside squid and send them to an
ICAP servers as an argument to the service being invoked. By session
5-tuple i mean the following
Source IP
Destination IP,
Source Port,
Destination Port,
Hey Henrik,
Thanks for the info. I am aware but that these are TCP level
identifiers. I digged into it and saw that class HttpRequest has
members client_ip, host_ip, port and my_addr. Client_ip is very
obvious and i can see that the X-Client-IP field is populated with it.
What about the following
ons 2012-04-18 klockan 14:03 +0500 skrev Ahmed Talha Khan:
Thanks for the info. I am aware but that these are TCP level
identifiers. I digged into it and saw that class HttpRequest has
members client_ip, host_ip, port and my_addr. Client_ip is very
obvious and i can see that the X-Client-IP
Hi,
Kindly I need to know how could I
1-Cache specific urls in domain for specific time
2-Select which pages which will be cached and which not and some pages will
contain parameters could I use regular expressions for that ?
3-I have in cahce log an error message temporary disabling (Not
On Wed, Apr 18, 2012 at 2:29 PM, Henrik Nordström
hen...@henriknordstrom.net wrote:
ons 2012-04-18 klockan 14:03 +0500 skrev Ahmed Talha Khan:
Thanks for the info. I am aware but that these are TCP level
identifiers. I digged into it and saw that class HttpRequest has
members client_ip,
Hello,
Thank you, but we are using Exchange 2010 SP1 (does that change anything) and
the below workaround isn't workable for me. (we now have a running proxy on
apache 2.0.54 on the site of our ISP, but they quit the support and maintenance
on that one so we now want to do it ourselves).
Are
Hello there,
I'm using squid transparent proxy for caching and I have also youtube
caching done with url_rewrite and apache script running on same machine as
squid.
It was all working fine, until I decided to go with TPROXY, as it has many
benefits. When I implemented the tproxy rules in
ons 2012-04-18 klockan 17:41 +0500 skrev Ahmed Talha Khan:
What do you mean by until- then here? Does this have to do with the
vectoring point, ICAP coming in PRE_CACHE before the request going
out?
Yes.
Regards
Henrik
On 18 April 2012 07:33, Simon Dwyer m...@simmyd.net wrote:
Hi all,
I have just implemented squid with kerberos + ntlm + basic
authentication.
I have just been told accessing a sharepoint website on the internet has
stopped working.
It seems the site is running NTLM authentcation.
I have
Hello,
Try to set Send LM NTLM - use NTLMv2 session security if negotiated
in local policies (secpol.msc)
Go to: Local Policies Security Options
Find Network Security: LAN Manager authentication level
Change Setting from Send NTLMv2 response only
to
Send LM NTLM - use NTLMv2 session
Hi everyone,
I'm trying to implement NTLM scheme in my squid box. I've already
configured samba and winbind so that I can check with wbinfo and even
run /usr/bin/ntlm_auth at the shell and it works. But for some hidden
problem squid is not having the same result. Look what is poping up at
the
Hello, I'm with a strange issue. I have just take care for a
environment that users get proxy by wpad. so far all it's work. the
targeted wpad is deliver by DHCP ( Server Windows 2008 R2 ) that
forwards to proxy squid.
when I change the ip address of my target wpad what is my proxy squid
( I have
I have seen this problem on a windows 7 and a Fedora 16 machine. I
think i can rule out the windows machine for once ;)
I am using FF on the linux machine... is that known to have double ntlm
issues?
Simon
On Wed, 2012-04-18 at 19:36 +0200, Clem wrote:
Hello,
Try to set Send LM NTLM - use
On 18 April 2012 23:07, Simon Dwyer m...@simmyd.net wrote:
I have seen this problem on a windows 7 and a Fedora 16 machine. I
think i can rule out the windows machine for once ;)
I am using FF on the linux machine... is that known to have double ntlm
issues?
It is known for Windows 7 (I
Hi Javier,
Well you will be glad to know that i am using IWA with windows 7 and its
working great it most part.
by IWA i mean using negotiated kerberos authentication which is what i
think IWA basically is
There are just a few hicckups that happen but that also happens with
NTLM being this
HI Wladner,
I get that second message when i forget to start the winbind service.
on Centos : service start winbind
Simon
On Wed, 2012-04-18 at 16:05 -0300, Wladner Klimach wrote:
Hi everyone,
I'm trying to implement NTLM scheme in my squid box. I've already
configured samba and winbind
On 19 April 2012 00:05, Simon Dwyer m...@simmyd.net wrote:
Hi Javier,
Well you will be glad to know that i am using IWA with windows 7 and its
working great it most part.
by IWA i mean using negotiated kerberos authentication which is what i
think IWA basically is
Hi Simon,
I think we're
Hi all,
I have got kerberos working and moved it to production but then the
server started smashing its cpu. It seems that the squid_kerb_auth
processes are killing the cpu.
I have the following in my config.
/etc/sysconfig/squid/
KRB5RCACHETYPE=none
export KRB5RCACHETYPE
On 18.04.2012 23:21, Mahmoud Yousif wrote:
Hi,
Kindly I need to know how could I
1-Cache specific urls in domain for specific time
2-Select which pages which will be cached and which not and some
pages will contain parameters could I use regular expressions for
that
?
The web server sends
On 19.04.2012 08:21, Usuário do Sistema wrote:
Hello, I'm with a strange issue. I have just take care for a
environment that users get proxy by wpad. so far all it's work. the
targeted wpad is deliver by DHCP ( Server Windows 2008 R2 ) that
forwards to proxy squid.
when I change the ip address
On Wed, Apr 18, 2012 at 11:18:05PM +0200, Javier Conti wrote:
It is known for Windows 7 (I don't know about Linux clients) to behave
differently from Windows XP.
If you are using samba for the authentication then perhaps adding:
server signing = auto
to the smb.conf will help. By default
On 19.04.2012 03:27, x-man wrote:
Hello there,
I'm using squid transparent proxy for caching and I have also youtube
caching done with url_rewrite and apache script running on same
machine as
squid.
It was all working fine, until I decided to go with TPROXY, as it has
many
benefits. When I
On 19 April 2012 02:01, Brett Lymn brett.l...@baesystems.com wrote:
On Wed, Apr 18, 2012 at 11:18:05PM +0200, Javier Conti wrote:
It is known for Windows 7 (I don't know about Linux clients) to behave
differently from Windows XP.
If you are using samba for the authentication then perhaps
On Thu, Apr 19, 2012 at 02:09:20AM +0200, Javier Conti wrote:
Where should I put this setting? On the Squid server?
If you are using samba then the setting goes in the smb.conf, if you are
not using samba to do the NTLM auth then the setting won't help.
--
Brett Lymn
Warning:
The
On 19.04.2012 10:44, Simon Dwyer wrote:
Hi all,
I have got kerberos working and moved it to production but then the
server started smashing its cpu. It seems that the squid_kerb_auth
processes are killing the cpu.
I have the following in my config.
/etc/sysconfig/squid/
KRB5RCACHETYPE=none
On Thu, 2012-04-19 at 12:15 +1200, Amos Jeffries wrote:
On 19.04.2012 10:44, Simon Dwyer wrote:
Hi all,
I have got kerberos working and moved it to production but then the
server started smashing its cpu. It seems that the squid_kerb_auth
processes are killing the cpu.
I have the
So just disabled authentication on the proxy and the problem still
happens.
If i bypass the proxy i can login correctly but when i set the proxy and
go through without authentication it fails to log in.
Seems squid might be playing with the traffic some how?
Simon
On Wed, 2012-04-18 at 18:47
On 19.04.2012 12:09, Javier Conti wrote:
On 19 April 2012 02:01, Brett Lymn wrote:
On Wed, Apr 18, 2012 at 11:18:05PM +0200, Javier Conti wrote:
It is known for Windows 7 (I don't know about Linux clients) to
behave
differently from Windows XP.
If you are using samba for the
Are you sure /etc/sysconfig/squid is sourced by the squid startup script ?
Markus
Simon Dwyer m...@simmyd.net wrote in message
news:1334789097.2408.17.ca...@sdwyer.federalit.net...
Hi all,
I have got kerberos working and moved it to production but then the
server started smashing its cpu. It
Hi Markus,
This is in the /etc/init.d/squid
if [ -f /etc/sysconfig/squid ]; then
. /etc/sysconfig/squid
fi
What should the cpu usage be of each squid_kerb_auth process when used?
Cheers,
Simon
On Thu, 2012-04-19 at 06:15 +0100, Markus Moeller wrote:
Are you sure
Hi Simon,
Unfortunately I do not have a production environment to give you average
usage numbers.
Can you check that you don't have a file in /var/tmp like (or at least is
not modified):
-rw--- 1 squid nogroup 603 Apr 7 01:13 /var/tmp/opensuse12--HTTP-044_31
This is the replay
Hi Markus,
I do have a
-rw---. 1 squid squid92907 Apr 19 08:21 HTTP_23
which may have been the last time i tried to run it this morning.
I wont be able to try it again till tomorrow morning to see if it
modifies it
Cheers,
Simon
On Thu, 2012-04-19 at 06:44 +0100, Markus Moeller
34 matches
Mail list logo
