Re: [squid-users] SSL-bump DNS lookup issue

2014-02-11 Thread Eliezer Croitoru
Hey there, Just wanted to verify: Is it an IPV4 only network? Eliezer On 02/09/2014 11:36 PM, Darren Breeze wrote: Hi I am trying to build a squid that runs ssl_bump and icap to allow me to write a keyword filter for the kids that will cover ssl pages. I have ssl_bump working and my icap cli

[squid-users] squid + Office365 + Trend Micro

2014-02-11 Thread grmbl
Hello, I've successfully set up a debian squid + squidguard proxyserver using Kerberos to WIN2008 domain. Everything works as expected, except whatever I do I can't get this exception to work for our office365 environment and our Trend Micro AV (cloud with agents). You can check my /squid.conf/ i

Re: [squid-users] squid + Office365 + Trend Micro

2014-02-11 Thread Michele Bergonzoni
*acl direct dstdomain /etc/squid3/conf.d/domains* *http_access allow auth all http_access allow !auth direct http_access deny all* Using the auth ACL, even with a negation, makes squid ask for authentication. What you probably wanted is: http_access allow direct http_access allow auth all ht

[squid-users] Re: squid + Office365 + Trend Micro

2014-02-11 Thread grmbl
Ok, appearantly I need to set quotes for the file? /Then the ACL for that file would look like: acl accessess_to_search_engines dstdomain "/etc/squid/search-engines-urls.txt" *The quotes are important here to tell Squid it needs to look up definitions in that file.* / Now I get: *2014/02/11 11

[squid-users] Re: squid + Office365 + Trend Micro

2014-02-11 Thread grmbl
Cleaned /domains/ .live.com .lync.com .microsoft.com .microsoftonline.com .microsoftonline-p.net .microsoftonline-p.com .microsoftonlineimages.com .microsoftonlinesupport.net .msn.com .msn.co.jp .msn.co.uk .msecnd.net .msocdn.com .office.net .office365.com .officeapps.live.com .sharepoint.com .sha

[squid-users] Re: squid + Office365 + Trend Micro

2014-02-11 Thread grmbl
Hi Michele, I think that fixed the problem for Office365! Now I get /TCP_MISS/200/ and /TCP_MISS/404/ on **.trendmicro.com:443* and the agent status is still red. Hmmm... - squid.conf -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-Office365-Tr

Re: [squid-users] Re: squid + Office365 + Trend Micro

2014-02-11 Thread Amos Jeffries
On 11/02/2014 11:31 p.m., grmbl wrote: > Hi Michele, I think that fixed the problem for Office365! > > Now I get /TCP_MISS/200/ and /TCP_MISS/404/ on **.trendmicro.com:443* and > the agent status is still red. > > Hmmm... 404 is "Not Found" and usually comes from the origin server itself. :443

[squid-users] Re: squid + Office365 + Trend Micro

2014-02-11 Thread grmbl
Hi Amos, Thanks for looking into this! I've checked my log and it appears that I only get 404 on this line of access.log: *1392116368.550 0 10.10.10.222 TCP_MISS/404 0 CONNECT wfbssvc51.icrc.trendmicro.com:443 - DIRECT/- -* 200 I get on this line: *1392116315.477 1 10.10.10.58 TCP_MISS

[squid-users] external_acl_type strange behavior

2014-02-11 Thread bazn
Hi all i've written a external_acl_type in perl for managing user/time quotas. In my squid.conf i manage this like this: external_acl_type time_quota ttl=60 children-max=1 %LOGIN /usr/bin/perl /etc/squid3/cust/quota.pl the quota.pl now checks with the username given with %LOGIN (i have also a au

[squid-users] Re: cache directory initialization failed

2014-02-11 Thread grmbl
Hi, Show us the squid.conf file. It seems like there are no ACLs and no cache directories configured. Grtz grmbl - squid.conf -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/cache-directory-initialization-failed-tp4664719p4664720.html Sent from the Sq

[squid-users] Re: cache directory initialization failed

2014-02-11 Thread khadmin
hi grmbl, i Bought back the initial config file and i change permission on cache_effective_user from root to a standar user(in my case proxy-server) but i still have this error when i try to initialize the cache: Initializing the Squid cache with the command squid3 -f /etc/squid3/squid.conf -z ..

[squid-users] Re: cache directory initialization failed

2014-02-11 Thread khadmin
HI, Finally i find a solution for my problem. Indeed i Uncomment and adjust the following to add a disk cache directory. #cache_dir ufs /usr/local/squid/var/cache/squid 100 16 256 the squid.conf file The solution was on the squid web page http://www.squid-cache.org/Doc/config/cache_dir/

[squid-users] reading winbind reply failed

2014-02-11 Thread Eric Vanderveer
When authenticating with ntlm in squid I get this in my logs Login for user [domain]\[user]@[computer] failed due to [Reading winbind reply failed!]. I have checked winbind using the normal commands such as wbinfo -u wbinfo -g and I even use the ntlm_auth program manually using my account info wi

Re: [squid-users] Re: ICP and HTCP and StoreID

2014-02-11 Thread Niki Gorchilov
Rising this issue from the dead :-) On Thu, Jan 16, 2014 at 8:21 AM, Alex Rousskov wrote: > On 01/15/2014 03:31 PM, Niki Gorchilov wrote: >> Actually, it is working. [...] inter cache communication is working only with >> altered URLs but this still does the job: >> - If UDP is MISS the originati

[squid-users] Negotiate Keep-Alive

2014-02-11 Thread Allan Carvalho
Dears Squid users and developers. I'm facing a problem with Windows 7,8 + Mozilla Firefox workstations. A brief explanation: these workstations (Windows 7, 8 with Mozilla Firefox) don't auth on a squid server with kerberos, but, everything is fine with IE and Chrome. A "half-solution" is set ke

[squid-users] Re: reading winbind reply failed

2014-02-11 Thread Eric Vanderveer
Figured out the problem. I had to remove cache_effective_group from squid.conf. Works great now. On Tue, Feb 11, 2014 at 12:27 PM, Eric Vanderveer wrote: > When authenticating with ntlm in squid I get this in my logs Login > for user [domain]\[user]@[computer] failed due to [Reading winbind >

Re: [squid-users] Negotiate Keep-Alive

2014-02-11 Thread Amos Jeffries
On 2014-02-12 07:14, Allan Carvalho wrote: Dears Squid users and developers. I'm facing a problem with Windows 7,8 + Mozilla Firefox workstations. A brief explanation: these workstations (Windows 7, 8 with Mozilla Firefox) don't auth on a squid server with kerberos, but, everything is fine with

Re: [squid-users] Re: ICP and HTCP and StoreID

2014-02-11 Thread Amos Jeffries
On 2014-02-12 06:51, Niki Gorchilov wrote: Rising this issue from the dead :-) On Thu, Jan 16, 2014 at 8:21 AM, Alex Rousskov wrote: On 01/15/2014 03:31 PM, Niki Gorchilov wrote: Actually, it is working. [...] inter cache communication is working only with altered URLs but this still does th

Re: [squid-users] Re: cache directory initialization failed

2014-02-11 Thread Amos Jeffries
On 2014-02-12 05:41, khadmin wrote: HI, Finally i find a solution for my problem. Indeed i Uncomment and adjust the following to add a disk cache directory. #cache_dir ufs /usr/local/squid/var/cache/squid 100 16 256 the squid.conf file The solution was on the squid web page http://www.squid-c

Re: [squid-users] external_acl_type strange behavior

2014-02-11 Thread Amos Jeffries
On 2014-02-12 01:31, bazn wrote: Hi all i've written a external_acl_type in perl for managing user/time quotas. In my squid.conf i manage this like this: external_acl_type time_quota ttl=60 children-max=1 %LOGIN /usr/bin/perl /etc/squid3/cust/quota.pl the quota.pl now checks with the usernam

[squid-users] url_rewrite question

2014-02-11 Thread Ricardo Klein
Hi, I have a client who doesnt whant to remember his new internal web system URL (ok, ok, but, he pays, he owns), so, he keeps using http://online.publicdomain.com instead of http://online.internaldomain.local Following this documentation: http://wiki.squid-cache.org/Features/Redirectors#Using_an

Re: [squid-users] A very low level question regarding performance of helpers.

2014-02-11 Thread Alan
Hi Eliezer, I know you have been testing fake helpers in a variety of languages. How about this one in C? Save it to helper-trivial.c and then compile it like this: gcc -O3 trivial.c -o trivial strip trivial #include int main(int argc, char *argv[]) { char in[256]; char out[3] = "OK\n"; while (1