On Wednesday 25 October 2006 22:32, Marco Nicoloso wrote:
in my company, I have a Debian Sarge with the latest stable versions
of squid (2.5.9-10sarg2) and sarg (2.0.5.dfsg-1) installed. As I
upgraded recently from previous versions of both packages, I don't
know why in my logs of squid
On Tuesday 24 October 2006 21:40, Alejandro wrote:
Hi people, I have Debian Etch with Squid 2.6 STABLE3 as a proxy. I want
to authenticate the users in a LDAP remote host running slapd. So I run
the Squid authentication module ldap_auth to do a test in this way:
/usr/lib/squid/ldap_auth -b
Hi, Salvatore...
On Monday 23 October 2006 11:28, Salvatore Baglieri wrote:
I write you just to ask about traffic shaping.
That is to say, at the moment I use squid's delay pools to limit
download speed for files bigger than X kbytes.
But i would prefer to give priority to each port in
On Thursday 19 October 2006 17:05, John Fountain wrote:
I've been trying to get a redirector script to filter sites based on
the source ip address, I'm having no luck figuring this out. Is there
some way to apply an acl to a redirector script or should I be trying
to do the source address
On Friday 20 October 2006 09:39, sara gonzalez wrote:
I want to do the authentication without the authentication dialog. So to
say, the authenticacion will be transparent for the user... is
possible???
Transparent proxying and authentication don't go together with LDAP. It
works with NTLM
On Thursday 12 October 2006 11:24, B K wrote:
I have a general question about mime.
Can this be used as a application layer firewall. For example to block
traffic based on layer 4 information. For example Peer to Peer file
sharing programs or live streaming. If not what are my options, can
On Wednesday 11 October 2006 14:18, Jens Strohschnitter wrote:
out users can't get an access to the url: http://www.bundessortenamt.de
through the squid-proxy (Version 2.5.STABLE5).
Which means what?
In the logs I can't find
any error. When I try to access the site without using the squid,
On Wednesday 11 October 2006 14:19, Yonah Russ wrote:
I'd like to set up Squid to forward requests for our production
websites to our local development sites.
For example, when using the proxy, all requests for company.com,
www.company.com, cache.company.com, etc. should go to the machine
On Tuesday 10 October 2006 13:58, Young, Mike wrote:
I need some assistance with a strange Citrix problem we're having after
migrating to a new Squid proxy.
First a little background. We run a shop where any Internet
connectivity must go through a proxy before reaching its destination.
For
On Monday 09 October 2006 18:42, Boniforti Flavio wrote:
Boniforti Flavio ha scritto:
Hello list.
[cut]
I'm now confused about *what* to put in there... how should the access
lines be modified? Or do I have to insert something?
Many thanks in advance...
Anybody got a clue? Still
On Friday 06 October 2006 04:33, Ammad Shah wrote:
I want to how much data is comming from cache and from Internet, i am
using sarg for log analysis, is there any tool that shows me in
grph/chart or in precentage.
That information is available through Squid's SNMP interface.
For an example
On Friday 06 October 2006 18:05, Alejandro wrote:
Dear all, I use a user/password basic authentication system in order to
validate users to use Internet through the Squid. I know the client
browser sends the password to the Squid in a Base-64 encoding way, so my
question is:
Can the client
On Tuesday 03 October 2006 19:28, [EMAIL PROTECTED] wrote:
I have a list of IP addresses from which I want to allow access to a
specific number of internet addresses.
Use ACLs and http_access.
http://wiki.squid-cache.org/SquidFaq/SquidAcl
http://workaround.org/moin/HowSquidAclsWork
Christoph
On Monday 02 October 2006 15:38, Aguiar Magalhaes wrote:
I'm using squid 2.5 stable 14 and I can't access ftp
sites with my login (user/password).
They're not prompting (IE and Firefox):
An FTP authentication failure occurred while trying to
retrieve the URL:
On Saturday 30 September 2006 05:11, Chuck Kollars wrote:
Our experience with web filtering is the differences
in tools are _completely_ swamped by the quality and
depth of the blacklists. (The reverse of course is
also true: lack of good blacklists will doom_any_
filtering tool.)
We
On Wednesday 27 September 2006 12:51, Boniforti Flavio wrote:
Hello list.
In our network we have following ACLs used to block streaming media:
acl ProtCiv src 10.167.211.11 10.167.211.42 10.167.211.86
acl streaming rep_mime_type -i ^video/x-ms-asf ^video/x-ms-sf
^audio/mpeg ^audio/x-mpeg
On Monday 18 September 2006 14:03, Pavel Ivanchev wrote:
Hi there!
I'm interesting in how to block skype with squid. I found in the net
some how-to and i followed it, but no result:
acl block_skype_IPs urlpath_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
acl connect method CONNECT
http_access deny
On Sunday 10 September 2006 09:33, hendra arif wrote:
i'm using transparant proxy in my network and it work
great, but i have small problem.
when user passtrough the proxy server the users ip
address change to proxy server ip address.
can squid not masquerading all users ip address ?
A
On Friday 08 September 2006 04:12, Henrik Nordstrom wrote:
tor 2006-09-07 klockan 21:45 +0200 skrev Christoph Haas:
obviously a cache - what WebWasher isn't. You could as well try to use
both through an ICAP connection since WebWasher works both as a
HTTP/HTTPS/FTP proxy and as an ICAP
On Friday 08 September 2006 10:46, Jakob Curdes wrote:
Note: You won't be able to scan CONNECT requests (https) via ICAP.
ICAP only deals with HTTP data, and CONNECT switches to tunnel mode
outside of HTTP.
The only thing I wanted to know is if I can chain webwasher with squid;
You can. No
On Thursday 07 September 2006 18:28, Jakob Curdes wrote:
several months ago we had a lengthy discussion here about the prevention
of ssl tunneling through a http proxy. The conclusion was that to avid
this type of misuse which can undermine your entire security strategy
you need to inspect the
On Thursday 07 September 2006 21:22, Dan Thomson wrote:
I'm sure this has been discussed before, but I'm curious about what
people think are the best file systems to use for your cache dirs.
I've read that ReiserFS and XFS are good choices... is there an
optimal request rate/request size to
On Monday 04 September 2006 14:49, beno wrote:
Somewhere in the documentation I copied the following:
Squid is written only as a high-performance proxy server, so there is no
way for it to function as a web server, since Squid has no support for
reading files from a local disk, running CGI
On Tuesday 29 August 2006 23:30, Kevin wrote:
On 8/29/06, Raj [EMAIL PROTECTED] wrote:
I am running squid version 2.5.stable10. All the users use the
following proxy.pac file
I do a lot with PAC, but never tried variables for return lines.
We are doing something similar here. And it works.
Hi, Raj...
On Tuesday 29 August 2006 11:38, Raj wrote:
I am running squid version 2.5.stable10. All the users use the
following proxy.pac file (browser pointing to the following proxy.pac
file).
p3 = PROXY proxy03.domain.com:3128;
p4 = PROXY proxy04.domain.com:3128;
p34 = p3 + ; + p4;
On Thursday 17 August 2006 15:21, Ralf Hildebrandt wrote:
We're trying this:
mplayer
http_proxy://proxy-cvk-2.charite.de:888/mms://stream01.cedis.fu-berlin.d
e:1755/fu-berlin/cedis/symposium/apostolopoulos_isdn.wmv
proxy-cvk-2.charite.de:888 being our Squid-2.6 proxy.
(The URL of the mms:
On Tuesday 15 August 2006 14:17, Aguiar Magalhaes wrote:
I'm using sarg to analyze de squid logs.. but all the
reports are off line.
I´ve tried to use trafshow, tcpdump, ethereal, etc.
but there's a lot of traffic on my network.
I need to know what the users are doing in the moment.
tail
On Thursday 03 August 2006 15:26, S t i n g r a y wrote:
is it possible to load list of client ips from a text
file ? in squid ?
Y e s, i t i s.
See the documentation on ACLs. The text file needs to be specified in
quotes ().
Christoph
On Thursday 03 August 2006 16:46, [EMAIL PROTECTED] wrote:
Now it works from the local machine that is actually running squid,
but when I try to SSH using Putty into the squid host I get nothing. I
am forwarding port 3128 with Putty and setting the brower to use
localhost:3128 for proxy.
Just
On Thursday 03 August 2006 18:18, S t i n g r a y wrote:
sir i did this according to the docs it should be like
this
acl packb /home/admin/packb
You forgot the type.
acl packb src ...
Christoph
On Wednesday 02 August 2006 21:04, [EMAIL PROTECTED] wrote:
I'm running Fedora Core 5 with Squid 2.5. How do I configure Squid so
that I can view both http and https sites?
Unless Fedora provides a completely broken squid.conf with the installation
Squid will already be able to handle HTTP and
On Wednesday 02 August 2006 22:16, [EMAIL PROTECTED] wrote:
This is what my squid.conf looks like. Does it look broke?
Not at all. Just read and understand the documentation on http_access
and acl. Everything else is fine.
Christoph
On Tuesday 01 August 2006 23:44, Gregory EID wrote:
Squid is running on same machine as my firewall Shorewall doing NAT so
all outgoing emails have the same IP of Shorewall 196.44.102.241
When a client sends outgoing email using port 80 bypassing our SMTP
server (using port 25) the IP address
On Monday 24 July 2006 15:34, Santosh Rani wrote:
How to tame heavy mail attachments through hotmail please. Today one
user downloaded six BMP images equal to 218 MB.
Squid has no notion of hotmail email attachments. You can limit the size
of downloads (reply_body_max_size) for the domain
On Monday 24 July 2006 16:47, Santosh Rani wrote:
But my (reply_body_max_size) already reads as under
reply_body_max_size 2097152 allow all
In my case the user has first opened the file in browser window and
then saved the file. The file saved in this way is converted to BMP
even though it
On Sat, Jul 15, 2006 at 11:50:37PM -0700, Linda W wrote:
I was trying to track down a problem and got distracted on squid status
codes. I was curious on how to interpret these.
See
http://wiki.squid-cache.org/SquidFaq/SquidLogs#head-2914f3a846d41673d4ae34018142e672b8f258ce
Regards
Christoph
On Mon, Jun 26, 2006 at 12:02:14PM +0700, Karl Sumpter wrote:
I'm trying to apply the following ACL to block skype traffic...
acl numeric_IPs urlpath_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
acl Connect method CONNECT
I believe that urlpath_regex is the wrong ACL type. It would match the
part
On Mon, Jun 26, 2006 at 10:52:34AM +0100, Melanie Pfefer wrote:
Can squid block ports such as 3191 of bmc patrol? Only
when squid is off, the bmc agent is running.
Does it use HTTP? Do you have ACL that block the port?
And are you asking because something blocks off requests and you don't
want
On Wed, May 31, 2006 at 10:23:06PM -0700, ashraf modi wrote:
update my cache To squid13 it is working but the downloads like
winzip or other acrobat files are not cached it take same time for re
download
Has this worked on Squid-2 and now it fails on Squid-3 (Squid-13 is not
yet out). Did
On Mon, May 22, 2006 at 03:54:45PM +0545, Harish Pokharel wrote:
How can I restrict a particular ip to access for a certain duration of time?
I am using a transparent proxy.
I have done following
#---
acl testuser src
On Thu, May 18, 2006 at 05:47:26PM +0800, Deephay wrote:
I am currently configuring a proxy server in order I can browsing
web through that,
but after I configured the proxy, it can only be accessed by the
localhost (correctly).
telnet PROXY 44 will just continuely tring
nmap -p 44
On Thu, May 18, 2006 at 07:49:18PM +0300, [EMAIL PROTECTED] wrote:
how do i tell whether squid traffic came from a browser of from some other
application.
useragent_log in your squid.conf logs it. Other than that there is no
need really to tell Squid anything. Squid is a HTTP proxy. Any
On Wed, May 17, 2006 at 12:33:50AM +0200, Žiga Dolher wrote:
does anyone know how can I hide the password in squid.conf for the
function cache_peer?
You could use proper permissions so that only administrators get access
to the squid.conf.
Kindly
Christoph
--
Please reply to the list - not
On Wed, May 17, 2006 at 09:33:38AM +0200, Brent Clark wrote:
Im currently running nikto against my hosted box.
In the audit file I see this
Via: 1.0 my.machine.co.za:3128 (squid/2.5.STABLE13)
Anyone know how I can switch this off, would it be possible to hide this
header_access Via deny
On Mon, May 15, 2006 at 10:48:18AM -0500, Edson Alvarenga wrote:
Hi, i wonder, if squid is compatible whit firewall Netscreen 5Gt of
Juniper, and Fortinet 60A of Fortigate.
Why shouldn't it? Squid is just dealing with TCP connections.
Kindly
Christoph
On Wed, May 10, 2006 at 03:23:18PM +1000, mark_brimblecombe wrote:
I was woundering if someone could tell me what I'm doing
wrong with my squid.conf file.
Yes. :) You need to keep in mind that http_access statements are
considered from top to bottom. The first line that matches the criteria
On Wed, May 10, 2006 at 03:49:04PM +0200, Paolo Biancolli wrote:
We currently run squid 2.5 stable 13 on redhat 9 (2.4.20-8smp) in our
production environment.
We are getting new servers soon. Will FC4 suffice or should we rather
look at Red Hat enterprise?
What's the difference between
On Wed, May 10, 2006 at 04:40:46PM +0200, Hement Gopal wrote:
I am trying to use a custom error page for my clients but cannot get it
to work. I have restricted the downloads of certain file types during
office hours using :
acl files url_regex -i /usr/local/squid/etc/banned-files.txt
On Wed, May 10, 2006 at 04:03:29PM +0100, Neil A. Hillard wrote:
Christoph Haas wrote:
On Wed, May 10, 2006 at 03:49:04PM +0200, Paolo Biancolli wrote:
We currently run squid 2.5 stable 13 on redhat 9 (2.4.20-8smp) in our
production environment.
We are getting new servers soon
On Mon, May 08, 2006 at 07:41:02AM -0400, Michael W. Lucas wrote:
I've inherited a Squid 2.5 box that uses Websense for filtering and
squid_radius_auth against a Cisco ACS system for authentication.
This system asks for your username and password every fifteen minutes.
Trying to find where
On Mon, May 08, 2006 at 03:30:17PM +0430, power159 wrote:
i am useing this config :
**
acl fullaccess src 127.1.10.5/255.255.255.255
acl halfaccess src 127.1.10.0/255.255.255.255
acl noneaccess src 127.0.0.1/255.255.255.255
acl filter1
not showing custom error :(
On Mon, 08 May 2006 17:24:16 +0430, Christoph Haas
[EMAIL PROTECTED] wrote:
On Mon, May 08, 2006 at 03:30:17PM +0430, power159 wrote:
i am useing this config :
**
acl fullaccess src 127.1.10.5/255.255.255.255
acl
On Mon, May 08, 2006 at 10:21:38AM -0400, Michael W. Lucas wrote:
On Mon, May 08, 2006 at 02:01:09PM +0200, Christoph Haas wrote:
Not quite right. You can indeed enforce re-authentication. It's just
lousily documented. See:
http://workaround.org/moin/HowSquidAclsWork#head
On Mon, May 08, 2006 at 06:26:11PM +0430, power159 wrote:
Okey ! i tried follwoing confings and its working ! with all configs (IPS)
and all errors pages is working
**
acl fullaccess src 127.1.10.5/255.255.255.255
acl halfaccess src
On Mon, May 08, 2006 at 06:52:41PM +0430, power159 wrote:
Thanks Christoph
but now i have more problems
your configuration result :
fullaccess : working without problem ...
halfaccess : when visiting sites that isnot in URLs.txt , it showing
custom error But when visiting sites that
On Wed, May 03, 2006 at 07:23:12AM -0400, Sketch wrote:
Is there anyway to force https for certain URLs with squid?
For example, http and https are on the same cache_peer and people
accessing the webpages, for example:
http://site.com/user
Should be able to use http *or* https, however
On Fri, Apr 28, 2006 at 11:41:54AM -0300, Rodrigo Brito wrote:
i have a squid proxy in my company and i don`t need to configure the
proxy and port in the internet explore.
Why not? Interception proxying?
i denied a lot of sites , but the users find another proxy servers in
the
that reads from STDIN and outputs to
STDOUT.
Kind regards
Christoph Haas
--
~
~
.signature [Modified] 1 line --100%--1,48 All
On Friday 17 March 2006 09:19, Magali Bernard wrote:
I'm up to upgrade my squid box from Debian Woody to Sarge.
squid was built from sources (not Debian package)
Then it's irrelevant whether you use Debian, RedHat or Solaris.
Is there a reason you didn't use the default binary package?
Do
On Friday 17 March 2006 10:54, Noc Phibee wrote:
1- If i don't delete the file browser option into the IE
configuration, my user can see
the ftp server with Squid
2- If i delete the file browser optiuon, my user can Upload on the
ftp server ..
If you use the folder view for
On Thursday 16 March 2006 14:19, Marco Berizzi wrote:
I'm blocking download of .wmv files with acl urlpath_regex,
but, for example, this wmv isn't catched by this rule:
http://www.gametrailers.com/download.php?id=7174type=wmvf=
squid.conf:
acl trojans urlpath_regex \.wmv$
http_access deny
On Thursday 16 March 2006 14:50, Marco Berizzi wrote:
Christoph Haas wrote:
On Thursday 16 March 2006 14:19, Marco Berizzi wrote:
I'm blocking download of .wmv files with acl urlpath_regex,
but, for example, this wmv isn't catched by this rule:
http://www.gametrailers.com
On Thursday 16 March 2006 17:39, Marco Berizzi wrote:
Christoph Haas wrote:
On Thursday 16 March 2006 14:50, Marco Berizzi wrote:
Christoph Haas wrote:
So this doesn't match. Try http_reply_access with content type ACLs.
What kind of acl should I implement?
Search your squid.conf
On Tuesday 14 March 2006 08:02, Stefano Del Furia wrote:
But is there the capability of change standard squid's errors pages ??
Yes, of course. See the errors_directory configuration directive in your
squid.conf. It's in /usr/share/squid/errors/... on my system. You are free
to change the
On Monday 13 March 2006 10:25, Ian Barnes wrote:
I have a question about FTP proxying. My squid is setup and working
perfectly, the only thing is that in internet explorer I have to turn
off enable folder view for ftp sites for it to actually work. Is there
a setting that I can set (in
On Monday 13 March 2006 21:47, Rachel wrote:
Is it possible to configure squid to not show some of / all of it's in
built error messages, getting the browser to display it's own defaults.
No. Because the browser will only use it's built-in error messages when it
detects a certain condition
On Monday 13 March 2006 22:31, Rachel wrote:
I have read that if the error templates do not contain %s then squid
will output %s at the end of each error message.
Correct. You can use !-- %s -- anywhere in an error page to make that
message a HTML comment and thus suppress it.
Christoph
On Wednesday 01 March 2006 08:15, Nilesh wrote:
is there way to restrict downloading of big files?
No. Squid can't know in advance how big a file will be.
Kindly
Christoph
--
~
~
.signature [Modified] 1 line --100%--1,48 All
On Wednesday 01 March 2006 21:03, Mark Elsen wrote:
No. Squid can't know in advance how big a file will be.
What about looking at Content-Length value ?
As trustworthy as the MIME type that the server sends. ;)
However you forgot to say how Squid can block access depending on the
On Friday 24 February 2006 12:53, Tomas Palfi wrote:
From the access.log file, which field or from what parameter can I
determine how long the users stayed on line or browsed the pages.
HTTP is stateless. Squid can record how long it took to deliver the page.
But then the page stays on the
On Friday 24 February 2006 18:24, Tomas Palfi wrote:
That's a very good point, some people are faster than the others by
nature, and some use more paper than the others :) But it still leaves
me with the fact of how do I determine from the logs how long per day a
person spent browsing the
On Thursday 16 February 2006 12:01, Carlos Zottmann wrote:
We are successfully blocking the download of executable files with the
configurations below ... Maybe our users don´t have in IQ above 30 :-)
Seriously, I don´t have reports of people managing to circumvent it. If
anyone knows a way,
On Tuesday 14 February 2006 14:50, TL wrote:
At this moment all the users must authenticate to access internet (NCSA
AUTH) with porn filtering, and im blocking the downloads with an
external firewall which affects all my users behind squid.
Must... resist... the temptation... to blame...
Please reply to the list only! I don't like to move public support calls to
private email unless I'm getting paid for it. Thanks.
On Saturday 28 January 2006 10:40, asim hafeez wrote:
I think you could not understand what i'm saying. Again try to make
you understand,.don't mind my english is
On Friday 27 January 2006 12:07, asim hafeez wrote:
i'm using Squid NT 2.5 stable 6.i configured the acl
acl blocklist url_regex -i c:\squid\etc\blocked1.txt
http_access deny blocklist
in the blocked1.txt i just suppose to block yahoo.com i wrote
yahoo,and yahoo.com. and www.yahoo.com but
On Wednesday 25 January 2006 19:59, Schaefer, Charles wrote:
I'm having an issue with a squid.conf file running on 2.5 in which the
sites listed in the conf file as
acl bad_site dstdomain www.badsite.com
http_access deny bad_site
Don't you rather want to use dst instead of dstdomain?
Kindly
On Wednesday 25 January 2006 22:34, Mark Elsen wrote:
Don't you rather want to use dst instead of dstdomain?
From the FAQ on Access Controls :
# dst: destination (server) IP addresses
# myip: the local IP address of a client's
On Tuesday 24 January 2006 11:26, 서진수 wrote:
FileZilla transfers file through CONNECT method and bypasses below rule:
acl FTP proto FTP
acl PUT method PUT
http_access deny FTP PUT
Using CONNECTs for FTP are dangerous. Don't allow that. Limit CONNECTs to
port 443 if you can. You are ripping
On Monday 23 January 2006 15:36, S t i n g r a y wrote:
i am planning to build a Linux based firewall+proxy
server, currently i am using windows 2003 ISA 2000
with surfcontrol webfilter, which works fine except
for the performance point of view.
now cause this is my first time with linux
On Monday 23 January 2006 19:07, [EMAIL PROTECTED] wrote:
However, this does not belittle the effectiveness of redirectors. They
work and they're reliable.
Redirectors in general work well. But whether blacklists are effective or
not is surely hard to decide and more a religion than a
On Tuesday 17 January 2006 10:59, Remy Almeida wrote:
Can i limit the bandwidth based on the size of the file
for example 120mb file to use 33kbps
200mb file to use 64kpbs.
etc.
IMHO not. To set the appropriate bandwidth you would need to know the
On Tuesday 17 January 2006 11:12, Guillaume wrote:
I would like to know if there is a plugin for squid or an parameter in
squid.conf to have the ability to filter word that are forbidden...
Ex: sex, porn, etc...
You can filter those words on URLs using url_regex ACLs. However that's
pretty
On Tuesday 17 January 2006 19:01, Cristina Tanzi Tolenti wrote:
I would like yo use the blacklists that I downloaded from
http://urlblacklist.com/, some files are very large: 10-15MB. I create
an ACL for every blacklist
Why SQUID don't work (or it's very very slow) with the largest
Usual complaint... please reply to the original poster. /I/ wasn't the one
having a question. (This is really a bad habit that I haven't seen to
occur that frequently on any other mailing list.)
On Tuesday 17 January 2006 20:59, [EMAIL PROTECTED] wrote:
I'm surpised squid even recovered from
On Monday 16 January 2006 15:33, Morten W. Petersen wrote:
I was wondering if anyone know of a way to purge the entire cache in one
go.. any suggestions?
There is. Please see the FAQ.
Christoph
--
Never trust a system administrator who carries a tie and suit.
On Sunday 15 January 2006 18:24, Jon Banks wrote:
I created the solution to make Squid work with Windows Update as
suggested by Brian E. Conklin on Sept. 9, 2005. I can get to Windows
Update, but it takes forever (or 10+ minutes) just for windows update to
tell me what files I need to
On Wednesday 11 January 2006 23:28, Ted Ritchie wrote:
I have what should be a very simple addition that I am trying to make to
my squid.conf file. I must be overlooking something rather obvious and
would appreciate it if someone would point me in the right direction. I
am trying to make it so
On Thursday 12 January 2006 17:21, simon dray (BITS) wrote:
we are trying create regex to prevent access to specifc area
Eg:- acl _web url_regex -i ^http://www.xxx.xxx.xx/another level/
If the url includes www.xxx.xxx.xx/anotherlevel// please note the double
// this doesn't match
On Tuesday 10 January 2006 13:57, Remy Almeida wrote:
i just know why i am unable to solve the problem of unable to determint
IP address
my squid proxy server is unable to find the DNS entry.
Which DNS entry? What is the error message in the cache.log? Which Squid
version? What did you try to
On Tuesday 10 January 2006 19:13, David Lynum wrote:
I've created ACL's in squid to keep my users from going to certain
websites during certain parts of the day. The acl's are working just
fine. But is there a way to kick those same users off of these acl
restricted sites if they already
On Thursday 05 January 2006 01:09, Dustin wrote:
I need to give limited access to a few web sites to one group, then
denying access to all else for that group. Another group will have
full internet access.
You don't explain which group is supposed to do what. So I'll guess.
From the faq, it
On Thursday 05 January 2006 10:52, [EMAIL PROTECTED] wrote:
i am getting error when a user access it ftp server that authenticates
him. user get time out error system doesn't prompts it.
I can only guess what you mean. Perhaps you are trying to do FTP-over-HTTP
and want to establish a
Happy new year...
I'm (still) trying to allow access to different MIME types
(http_reply_access) depending on an external_acl (an LDAP group lookup).
I tried the trick to query the ACL in a http_access line and use the
cached result in a http_reply_access line. That didn't work reliably.
On Friday 23 December 2005 14:23, Rick G. Kilgore wrote:
I have designed several custom messages for squid. We would like to put
our official logos in the message if possible. I have experimented with
this, and it appears that the normal img src= statements do not work
properly. Is it possible
On Wednesday 21 December 2005 21:22, Rick G. Kilgore wrote:
I have finally got my hands around some basic ACL's. Would like to use
some blacklists if they work ok. Do I really need to load squidgaurd to
use the blacklists properly/avoid performance issues?
SquidGuard is said to be faster when
On Thursday 22 December 2005 19:21, Jerry Thomas wrote:
I have a need to accelerate some web servers but they must see the
client IP address as the source of the connection.
Not possible with Squid (in a way that keeps you mentally sane). Let the
web servers use the X-Forwarded-For header
Palula...
On Wednesday 21 December 2005 06:17, Palula Brasil wrote:
I created a file with a some strings I don't want my clients to access.
Very nice it works fine, but it is blocking some sites with string I
don't want it to block... So I created another acl with permitted
strings ok? So the
On Wednesday 21 December 2005 13:25, Palula Brasil wrote:
The syntax looks very nice to me. In fact I changed all the two lined
permissions with exceptions within my squid.conf but still...
When I put canal on the good_strings file, the word anal can now be
accessed all over the place...
Can
Rick...
your application team is stupid. ;)
On Wednesday 21 December 2005 14:12, Rick G. Kilgore wrote:
Our application team does not want to rewrite a program that relies
heavily on the IP address to maintain the identity of a connection to
the client. I hate this idea and want the
Hi, Serassio et al...
thank you very much for the pointers.
On Monday 19 December 2005 23:42, Serassio Guido wrote:
At 14.01 19/12/2005, Christoph Haas wrote:
we have just spent two days hunting down a phenomenon regarding
external ACLs. I suspect a bug so I'll be a bit more verbose
1 - 100 of 334 matches
Mail list logo