On 8/06/2013 3:32 a.m., ego...@gmail.com wrote:
Hi everybody,
I have configured Squid (v. 3.1.19) to authenticate against a Samba
(v. 3.6.3) domain, using smb_auth auth param basic program. Thanks to
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg638539.html
I edited smb_auth.sh
Greetings,
I have been fighting an issue with squid terminating unexpectedly with this=
error message.
(FATAL: Too many queued ntlmauthenticator requests)
I went back through my logs, and it started on 03/13, out of nowhere.
I am running squid 3.1.20, with Dansguardian, as a filter, in front of
On 6/7/2013 5:11 PM, Amos Jeffries wrote:
In the cases I needed something related to DNS I used costumed external
helper for the specific task.
using the internal dns resolver for too much time to remember there was
external one.
Eliezer
On 6/7/13 5:11 PM, Amos Jeffries wrote:
> If the consensus is that the upcoming 3.4 series internal resolver is
> sufficiently featured to be used in all the current network
> installations of Squid we may finally be in a position to remove the
> deprecated component entirely in 3.4.
We have been
Amos,
maybe if you create a googleForms (to populate a google spreadsheet)
or something like that you will be able to read results and maybe post
it in somewhere (just givin an idea).
BTW, we have here about 15+ squid servers (in several locations and
clients) and we dont use dnsserver helper.
--
> Em Sexta, Junho de 7 de 2013 11:59 WEST, Amos Jeffries
> escreveu:
>
> > On 7/06/2013 10:55 p.m., Nuno Fernandes wrote:
> > >> Good. That should be preventing loops.
> > >>
> > >> The ALL,2 will include the details from 11,2 I mentioned. So your log
> > >> should contain the outgoing request
> On 8/06/2013 2:39 a.m., MyName IsLive wrote:
> > Look i just need a server to set it as gateway on all my clients ALL their
> > traffic passing from my server and me can log all the traffic all http,
> > https traffics.
> >
> > i already paste all my config i did all changes npf-mli...@eurotux
> Em Sexta, Junho de 7 de 2013 11:59 WEST, Amos Jeffries
> escreveu:
>
> > On 7/06/2013 10:55 p.m., Nuno Fernandes wrote:
> > >> Good. That should be preventing loops.
> > >>
> > >> The ALL,2 will include the details from 11,2 I mentioned. So your log
> > >> should contain the outgoing request
On 06/07/2013 10:14 AM, cac...@quantum-sci.com wrote:
> On Thursday, June 06, 2013 09:38:41 PM Amos Jeffries wrote:
>> On 6/06/2013 5:06 a.m., cac...@quantum-sci.com wrote:
>>> On Friday, May 31, 2013 07:51:08 AM cac...@quantum-sci.com wrote:
On Wednesday, May 29, 2013 04:20:21 PM cac...@quant
Em Sexta, Junho de 7 de 2013 11:59 WEST, Amos Jeffries
escreveu:
> On 7/06/2013 10:55 p.m., Nuno Fernandes wrote:
> >> Good. That should be preventing loops.
> >>
> >> The ALL,2 will include the details from 11,2 I mentioned. So your log
> >> should contain the outgoing request details.
> >>
>
Hi everybody,
I have configured Squid (v. 3.1.19) to authenticate against a Samba
(v. 3.6.3) domain, using smb_auth auth param basic program. Thanks to
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg638539.html
I edited smb_auth.sh and now the authentication works smoothly, but
no
On 8/06/2013 2:39 a.m., MyName IsLive wrote:
Look i just need a server to set it as gateway on all my clients ALL their
traffic passing from my server and me can log all the traffic all http, https
traffics.
i already paste all my config i did all changes npf-mli...@eurotux.com said,
but that
On Thursday, June 06, 2013 09:38:41 PM Amos Jeffries wrote:
> On 6/06/2013 5:06 a.m., cac...@quantum-sci.com wrote:
> > On Friday, May 31, 2013 07:51:08 AM cac...@quantum-sci.com wrote:
> >> On Wednesday, May 29, 2013 04:20:21 PM cac...@quantum-sci.com wrote:
> >>> Does anyone know why I can't stay
> On Fri, Jun 7, 2013 at 10:46 PM, Amos Jeffries wrote:
>
>> Aha. Would you mind reading through the draft 3.4 release notes on this
>> feature and checking that those points are highlighted enough or in the
>> right way?
>> http://master.squid-cache.org/Versions/v3/3.HEAD/RELEASENOTES.html#ss2.3
Sorry, you are referring to wiki.
The bit I saw was in code control changes somewhere.
On Fri, Jun 7, 2013 at 10:46 PM, Amos Jeffries wrote:
> Aha. Would you mind reading through the draft 3.4 release notes on this
> feature and checking that those points are highlighted enough or in the
> right way?
> http://master.squid-cache.org/Versions/v3/3.HEAD/RELEASENOTES.html#ss2.3
>
> Amo
On 8/06/2013 1:43 a.m., csn233 wrote:
On Thu, Jun 6, 2013 at 11:24 PM, Eliezer Croitoru wrote:
This is the best example to demonstrate how CDN urls are being and can be
used.
Right the next couple urls will result in the same storeID
http://freefr.dl.sourceforge.net/project/vlc/2.0.5/win32/vlc-
Look i just need a server to set it as gateway on all my clients ALL their
traffic passing from my server and me can log all the traffic all http, https
traffics.
i already paste all my config i did all changes npf-mli...@eurotux.com said,
but that is the log file!
i can visit http sites but as
Overview of what you are needing:
* For all Squid ports receiving traffic via rules in iptables "nat"
table, you require "intercept" flag.
* For ports expecting to need decryption of SSL/TLS you need ssl-bump
Squid-3.3 can intercept both port 80 and 443. Although there are
limitations on port
As mentioned in the subject this is a call for feedback regarding the
prospect of removing the external DNS helper component from Squid and
its associated "dnsserver" binary.
To most of you this will be known as the "--disable-internal-dns" build
option.
Background:
The external helper was
On Fri, Jun 7, 2013 at 1:46 PM, Amos Jeffries wrote:
> Small correction. The already underway video will still be served from cache
> location where it was found. The new one will be served as a MISS and stored
> in the new location.
Thanks Amos.
Hello Nuno!
I think you are great; by removing forwarding_for off it works, and i
think others site with problems can be resolved!
I experienced, with some users, some of these problems that, to be
solved, had to be natted without proxy.
Now i can workaround other cases, and then i will let you k
On Thu, Jun 6, 2013 at 11:24 PM, Eliezer Croitoru wrote:
> This is the best example to demonstrate how CDN urls are being and can be
> used.
> Right the next couple urls will result in the same storeID
> http://freefr.dl.sourceforge.net/project/vlc/2.0.5/win32/vlc-2.0.5-win32.exe
> http://freefr3.
Hi,
this is the log after i run those iptables rule and those changes in squid.conf:
1370611784.763 2407 192.168.4.99 TCP_MISS/200 1376 GET
http://www.facebook.com/ - HIER_DIRECT/31.13.86.8 text/html
1370611784.790 0 192.168.4.99 NONE/400 3972 NONE error:invalid-request -
HIER_NONE/- text
On 7/06/2013 10:55 p.m., Nuno Fernandes wrote:
Good. That should be preventing loops.
The ALL,2 will include the details from 11,2 I mentioned. So your log
should contain the outgoing request details.
Amos
Argg... i will have to check 4G of logfile :(
I will try to replicate with a devel mac
>
> Good. That should be preventing loops.
>
> The ALL,2 will include the details from 11,2 I mentioned. So your log
> should contain the outgoing request details.
>
> Amos
>
Argg... i will have to check 4G of logfile :(
I will try to replicate with a devel machine and post back later.
Than
> in /etc/sysctl.conf ipforwading is enabled.
>
> and for iptables:
> iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT
> --to-ports 3128
> iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT
> --to-destination 192.168.4.96:3128
> i added these tw
Hello,
i have installed a ubuntu 12.04 with squid 3.3.5 as intercept(transparent
proxy) + iptables.
now i can visit websites over http but not https! i will paste my config below
here is my network configuration:
auto lo
iface lo inet loopback
# The primary network interface
auto eth0//INTERNET
Em Sexta, Junho de 7 de 2013 10:26 WEST, Ict Security
escreveu:
> Hello,
>
> i notice, in Squid 3.1.1 and previous version, some problem when
> accessing some websites.
>
> It happens both on transparent and explicited proxy mode.
>
> As example, this site cannot be opened behing Squid 3.1.1
On 7/06/2013 8:48 p.m., Nuno Fernandes wrote:
Em Sexta, Junho de 7 de 2013 09:18 WEST, "Nuno Fernandes" escreveu:
Em Sexta, Junho de 7 de 2013 08:19 WEST, Amos Jeffries escreveu:
10.10.10.254 is the squid box. 3126 is the ssl intercept port.
# grep 3126 /etc/sysconfig/iptables
[0:0] -A PRERO
On Friday 07 Jun 2013 at 11:26:24, Ict Security wrote:
> Hello,
>
> i notice, in Squid 3.1.1 and previous version, some problem when
> accessing some websites.
>
> It happens both on transparent and explicited proxy mode.
>
> As example, this site cannot be opened behing Squid 3.1.1:
> http://w
Hello,
i notice, in Squid 3.1.1 and previous version, some problem when
accessing some websites.
It happens both on transparent and explicited proxy mode.
As example, this site cannot be opened behing Squid 3.1.1:
http://www.prefettura.it
It is a government italian site.
As this, there are some
Em Sexta, Junho de 7 de 2013 09:18 WEST, "Nuno Fernandes"
escreveu:
>
> Em Sexta, Junho de 7 de 2013 08:19 WEST, Amos Jeffries
> escreveu:
>
> > > 10.10.10.254 is the squid box. 3126 is the ssl intercept port.
> > >
> > > # grep 3126 /etc/sysconfig/iptables
> > > [0:0] -A PREROUTING -i vlan
Em Sexta, Junho de 7 de 2013 08:19 WEST, Amos Jeffries
escreveu:
> > 10.10.10.254 is the squid box. 3126 is the ssl intercept port.
> >
> > # grep 3126 /etc/sysconfig/iptables
> > [0:0] -A PREROUTING -i vlan10 -s 10.10.10.4 -p tcp -m tcp --dport 443 -j
> > REDIRECT --to-port 3126
> >
> > Only
On 6/06/2013 8:31 p.m., Nuno Fernandes wrote:
Hello,
I have squid 3.3.5 that stopped responding. I can see that it is using 100%cpu.
Cache.log reports thousands of:
2013/06/06 09:19:08.997 kid1| TcpAcceptor.cc(197) doAccept: New connection on
FD 27
2013/06/06 09:19:08.997 kid1| TcpAcceptor.cc(
35 matches
Mail list logo
