You have to add principals for each hostname on your keytab
(HTTP/squid01.example.com, HTTP/squid03.example.com,
HTTP/proxy.example.com), creating user or computer accounts to hold
each kerberos principal. If you're load balancing, copy your keytab
file to all servers.
Then you have to set the
First of all thanks for professional comments about configs . i was looking
for that
Amos Jeffries-2 wrote
Possibly the URL-rewriter. Depending on whether it is rewriting URLs to
point anywhere back at this proxy.
my jesred.rules contains
regexi ^http://(.+\.||)server.cn/.*
Hi Guys ,
I am testing squid 3.4.0.2 on some jpg from ytimg ! , and it seems I can't make
squid cache .
no matter what I tried it just doesn't cache it !!! .
my conf :
acl = acl rewritedoms url_regex -i \.ytimg\.com.*.(jpg|png)
I tried a bunch of refresh pattern ...
refresh = refresh_pattern
On 12/10/2013 1:05 a.m., Calode wrote:
Hi Guys ,
I am testing squid 3.4.0.2 on some jpg from ytimg ! , and it seems I can't make squid cache .
no matter what I tried it just doesn't cache it !!! .
my conf :
acl = acl rewritedoms url_regex -i \.ytimg\.com.*.(jpg|png)
I tried a bunch of
FYI: please dont hijack unrelated topics. Thank you.
On 11/10/2013 3:52 p.m., Casey Daniels wrote:
Hello,
I'm trying to compile Squid 3.3.9 from Source and I keep getting
the error
checking size of size_t ... configure error in '/sources/squid-3.3.9'
Configure error: cannot compute size
Could you check also availability of primary DNS server on proxy node? I
suspect that the one is not available, so squid makes dns query to
primary server, waits for timeout (5 seconds by default IIRC) and then
queries the secondary DNS server (which answers to squid and you get
your page with
Thanks, but I figured out what the problem was.
It was outside squid. A security solution was scanning every request
to the proxy and preventing the conexion to be made, so that's why,
for the squid, the access was fast, because actually the request o
squid was.
Anyway, solved. Thanks!
Luiz.
On 12/10/2013 1:46 a.m., Calode wrote:
Please correct me if I am wrong !?
the Cache-Control is : public, max-age=21600
if I understand correctly the refresh patterns for such a case , it is
to be handled with : ignore-auth and override-expire
There is no auth to begin with.
Public has no
Thanks Amos, for the good explanation.
So this leads to: I'd like to anonymise my headers to the greatest
extent possible. Here is my config: https://pastee.org/khgtw
Does anyone have a recommended configuration for best privacy?
--
http://www.fastmail.fm - IMAP accessible web-mail
Amos Jeffries-2 wrote
Would your proxy happen to be receiving the inbound traffic to
www.netshahr.com port 80 ?
Let answer like this . netshahr.com is one of our customers . customers dst
port 80 will be routed to squid except if dst address is another customer .
so if netshahr.com wants
squid -k parse:
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Http-works-HTTPS-gives-cert-errors-No-errors-in-logs-tp4662560p4662586.html
Sent from the Squid - Users mailing list archive at Nabble.com.
I love squid and working with it for several years . For many years i was
betting on squid at least in forwarding proxy cache .
But recently a new competitor comes to open source market
http://trafficserver.apache.org/
I did not even tested it but i am going to prepare myself to defend squid
Hi.
My friends, I have a server with 2 ISP, I want to move some users to
use ISP-1 and others ISP-2, does this setting tcp_outgoing_address can
help me?
Squid 3.1.x.
I want this:
user-1 gw-1-isp-1
user-2 gw-2-isp-2
Thanks.
does this setting tcp_outgoing_address can help me?
yes, it does, but you need to configure PBR (Policy Base Routing). You
can find more at
http://lartc.org/howto/lartc.rpdb.multiple-links.html#AEN298
acl user_of_dep1 src 192.168.1.0/24
acl user_of_dep2 src 192.168.2.0/24
acl user_of_dep3 src
Them I have get help from my firewall, right?
On Fri, Oct 11, 2013 at 12:28 PM, Alex Domoradov alex@gmail.com wrote:
does this setting tcp_outgoing_address can help me?
yes, it does, but you need to configure PBR (Policy Base Routing). You
can find more at
I have a network that serves internet to 60 clients, all go through a
mikrotik rb which routes traffic according to MARK_ROUTING rule in mangle.
So, Group1 goes thru WAN1, and Group2 goes thru WAN2 etc.
Now i want to setup a squid proxy to optimize browsing, but if i mark
routing of the squid
On 11/10/2013 5:53 p.m., John Kenyon wrote:
Here is what I do to get the required HTTP stream details from tcpdump:
* use the -s option to fetch unlimited packet payload (-s 0 or -s 65536
depending on your system).
* save the capture to a .cap file.
* open with wireshark
* locate any packet in
On 12/10/2013 10:38 a.m., Beto Moreno wrote:
Them I have get help from my firewall, right?
Yes. It is no use Squid separating traffic into from-yyy.* and
from-xxx.* groups if the firewall and routing layer is sending
everything out ISP1. At most upper layer software like Squid can send IP
On 12/10/2013 10:55 a.m., Dean Volt wrote:
I have a network that serves internet to 60 clients, all go through a
mikrotik rb which routes traffic according to MARK_ROUTING rule in
mangle.
So, Group1 goes thru WAN1, and Group2 goes thru WAN2 etc.
Now i want to setup a squid proxy to optimize
19 matches
Mail list logo