level they are wondering where they can purchase a subscription to
a maintained list of categorised web sites and urls, that could be used to
develop a bunch
of allow/deny acl's.
Does anyone on this list use squid in this way, and knows of such service ?
Please reply off list, thanks
A
On Mon, Feb 3, 2014 at 4:18 PM, Amos Jeffries wrote:
> * Fix external_acl_type async loop failures
>
> This issue shows up as extra failed authentication checks if the
> external ACL uses %LOGIN format code and credentials are not already
> known. This can have nasty side effects when combined wit
On Thu, Feb 13, 2014 at 7:40 AM, Alex Rousskov
wrote:
> On 02/09/2014 06:48 AM, Eliezer Croitoru wrote:
>> I have helpers in all sort of languages and it seems to me that there is
>> a limit that do exist on the interface between squid and the helpers by
>> the nature of the code as code.
>
> For
this on July 31st 2013.
It had a patch for the negotiate-kerberos-auth helper.
Regards,
Alan Mizrahi
On Sun, Feb 9, 2014 at 10:48 PM, Eliezer Croitoru wrote:
> I have tried for a very long time to understand what are the limits of the
> interface between squid and the helpers.
> I
On Wed, Jan 8, 2014 at 1:05 PM, Amos Jeffries wrote:
> On 7/01/2014 10:21 p.m., Rietzler, Markus (RZF, SG 324 /
> ) wrote:
>> thanxs,
>>
>> our assumption is, that it is related to helper management. with 3.4. there
>> is a "new helper protocol", right?
>
> Right. That is the big user-visible bit
Classification: UNCLASSIFIED
Caveats: NONE
Just curious that if there is an order that Squid goes in to match a site in
the allowed sites
ACL. Top down??
...Alan
***
* Alan Raczek *
* Principal Network Engineer
Classification: UNCLASSIFIED
Caveats: NONE
Sir,
No that is not the same issue. Some HTTPS sites work, some don't. The
browser does not even try to think about a response, just throws
the "This page can't be displayed" message in IE. And outr proxy is the only
means for Internet access so we can't
our network setup:
LAN - proxy server - ASA 5510 - Internet
***
* Alan Raczek *
* Principal Network Engineer *
* CACI*
* Work: (443) 395-5133*
* Cell
There's a website with a Flash application that tries to fetch an XML.
Based on the headers, the server seems to be Apache 2.2.15 on CentOS.
Without Squid, the content is displayed normally in IE.
With Squid, the client gets an 502 Bad Gateway (ERR_READ_ERROR).
I think the problem is that server
On Thu, Dec 5, 2013 at 9:41 AM, Brendan Kearney wrote:
> i am wondering if there is a logformat code that can be used to log the
> URL (domain.tld or host.domain.tld) independent of the URI
> (/path/to/file.ext?parameter)? i am using %ru, which gives me the URL
> and URI in one string. %rp seems
xt"
http_access allow allowed_src
http_access deny all
If you still want to go ahead with the poorly written perl thing, read this:
http://www.squid-cache.org/Doc/config/external_acl_type/
Alan
On Sat, Aug 17, 2013 at 3:02 AM, Oliveiros Peixoto (Netinho)
wrote:
> Hi Jeffries!
>
> I created my own script auth_basic. This script checks the username and
> password, if correct it inserts the username and date in the table sessions
> and returns OK login = username for squid.
> I also created
ecifies %LOGIN. In your case all you need is %SRC to provide
the source IP.
Alan
explicit calls to
fflush() after each fprintf(stdout, ...), and now it works like a
charm.
I haven't measured the performance improvement with this, and I'm sure
it doesn't solve Klaus' issue, but I am very interested in improving
performance in every possible way, even if its
On Tue, Jul 9, 2013 at 1:32 PM, Amos Jeffries wrote:
> On 8/07/2013 6:34 p.m., Alan wrote:
>>
>> On Mon, Jul 8, 2013 at 6:25 AM, Eliezer Croitoru
>> wrote:
>>>
>>> try this if you want to try something new.
>>>
>>> https://github.com/
st, they
are very helpful.
Best regards,
Alan
PS: Had to resend to the mailing list because it doesn't allow attachments.
Here are the attachments:
storeid.pl script:
http://pastebin.ca/2420563
storeid.txt file:
http://pastebin.ca/2420565
This looks wrong:
http_access deny !allowdomain
Try:
http_access deny allowdomain
On Fri, Jul 5, 2013 at 5:16 AM, kannan rbk wrote:
> Dear Team,
>
> I am using squid proxy 3.1 in centos machine. I want to restrict
> client request from particular domain and web context.
>
> #
> # Recommended mi
I experienced something that looks consistent with what you described:
http://www.squid-cache.org/mail-archive/squid-users/201212/0065.html
Please tell us your squid version, config file, and provide some logs
when the error happens.
On Thu, May 23, 2013 at 8:35 PM, James Harper
wrote:
> I was
I didn't see your email with the error and solution.
Can you please post it to the list for future reference?
On Thu, May 9, 2013 at 5:20 AM, SPG wrote:
> Thanks Markus. I posted my error and the solution. Perhaps you didn't receive
> the mail
>
> A lot of thanks.
>
>
>
> --
> View this message i
On Thu, Apr 25, 2013 at 10:50 PM, Jürgen Obermeyer wrote:
>
> My main idea is to try kerberos first, and if it fails, use basic
> authentication. I don't understand why this works fine with Firefox, but not
> with IE.
Based on what you wrote, I think the authentication that is working
for you is
Is there any way to construct an ACL that checks the authentication
mechanism used (eg: radius/kerberos)?
I want to allow radius authentication only for FTP users, since there
is no FTP client (that I know of) that works with Scalquid using
kerberos authentication, but I want to enable it only for
Is there any way to influence the order in which Squid sends the
Proxy-Authenticate headers to the client? I already tried changing
the order in the config file to no avail.
Background:
I have a squid 3.3.3 proxy using both kerberos and radius. A capture
shows it offers both Basic and Negotiate
rote:
> On 17/01/2013 6:28 a.m., Alan Schmidt wrote:
>>
>> Hi list,
>>
>> Due to my employer's specific requirement, I'm writing an external_acl
>> helper that allows us to query an LDAP server for valid dstdomains.
>> It's actually working (no
faqs, etc, without
any luck.
I'm relatively new to this kind of stuff (both lists and
external_acl_types :S). If someone coud point me at least at the right
documentation i'll be very grateful.
Thanks in advance.
--
Alan
run out of memory every day on a 3 Gb server.
Alan
> On 13.12.2012 11:48, Alan Lehman wrote:
> >> On 8/12/2012 11:02 a.m., Alan Lehman wrote:
> >> > I'm having trouble building 3.2.4 on RHEL5.
> >> >
> >> > I configured with options :
> >> > --enable-ssl --enable-useragent-log --ena
> If we narrow it down to the first 2 items (connection object or
> HTTP/1.1), what options are available to prevent the "timeout"?
>
Unless your other Squid versions are 3.2, they are not using
persistent connections, that means you can't rule out TCP or NAT
timeouts.
> On 8/12/2012 11:02 a.m., Alan Lehman wrote:
> > I'm having trouble building 3.2.4 on RHEL5.
> >
> > I configured with options :
> > --enable-ssl --enable-useragent-log --enable-referer-log
> > --with-filedescriptors=8192 --enable-delay-pools
> >
>
e: [squid-users] 3.2.4 build problem
>
> On 8/12/2012 11:02 a.m., Alan Lehman wrote:
> > I'm having trouble building 3.2.4 on RHEL5.
> >
> > I configured with options :
> > --enable-ssl --enable-useragent-log --enable-referer-log
> > --with-filedescr
l.cc:254: error: âerrnoâ was not declared in this scope
make[3]: *** [ext_file_userip_acl.o] Error 1
Any ideas?
Thanks,
Alan L
CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is
intended for the person or entity to which it is addressed and may contain
confidential an
uests
for particular sites to the bandwidth restricting cache.
If users connect to the squid cache directly we would authenticate using
Kerberos/NTLM for windows clients and Basic for others.
Does this approach seem valid ?
What kind of resource would the squid cache require ( RAM/CPU ... )
Rega
:
http://bugs.squid-cache.org/show_bug.cgi?id=3609
Best regards,
Alan
> On the other hand, %ue is only filled when the user has been
> authenticated, which is what I want.
I spoke to fast, %ue is not being replaced at all. The docs describe
it as "username from external acl helper", but there is no information
on how to set it in the external acl helper.
Is it set
I am having trouble the username tags in logformat and error templates.
The logformat documentation says that %ul is the username from
authentication, but in my experience when there is an authentication
failure this is filled with whatever the user tried to authenticate
with instead of being empt
I have experienced a strange situation in which squid repeatedly
returns dns resolution error messages even though I can resolve the
same names at the command line, and even fetch the same pages via
wget.
Running squid -k reconfigure fixes the problem immediately.
My first theory was that there is
See this:
http://wiki.squid-cache.org/KnowledgeBase/DebugSections
So you could use, for example:
debug_options ALL,2 28,4 82,4
That would log at level 4 for of access control and external acl
related things and level 2 for the rest.
On Wed, Jul 11, 2012 at 6:08 PM, ml ml wrote:
> Hello,
>
> oka
I suggest you to try with squid 2.7 or 3.2 series.
I had some strange problems with the 3.1 series, I think external acls
was one of those problems.
When I tested 2.7 and 3.2, all the strange problems were gone. I know
2.7 sounds old, but it is incredibly faster than the rest.
Regarding your scri
Its written clearly in the manual:
access_log : [ [acl acl ...]]
In your case:
acl DENY_ACCESS http_status 403
access_log squid DENY_ACCESS
"squid" refers to a predefined logformat, see
http://www.squid-cache.org/Doc/config/logformat/
On Tue, Jul 10, 2012 at 10:23 PM, ml ml wrote:
> Hello Amos
l security crap, I
don't know much about it but try this:
echo 0 > /proc/sys/kernel/yama/ptrace_scope
Or simply start squid from gdb instead of attaching to the existing process.
Alan
ttp_access allow all
I can't find any clue in the log files.
Any ideas?
Alan
On Wed, Jun 6, 2012 at 10:47 PM, Amos Jeffries wrote:
> On 6/06/2012 8:15 p.m., Alan wrote:
>>
>> On Tue, May 29, 2012 at 7:39 PM, Amos Jeffries
>> wrote:
>>
>>>> 2. The %o tag (message returned by external acl helper) is not
>>>> url
e:
http://bugs.squid-cache.org/show_bug.cgi?id=3557
The bug report hasn't even been confirmed, but it would be great if
this could be incorporated in the next release.
Best regards,
Alan
now I think this refers to
the http server, not the proxy server. I am aware of %L, but I would
rather not use that.
2. The %o tag (message returned by external acl helper) is not
url-unescaped, so the error message reads: bla+bla+bla.
Best regards,
Alan
ched).
In squid 3.2.0.17 this problem is gone and I don't get the
authentication prompts anymore, but since it is labeled Beta instead
of Stable, I wonder if this can be solved in the 3.1 series.
Has anybody else been affected by this?
Best regards,
Alan
> On Mon, 21 Nov 2011 13:11:11 -0600, Alan Lehman wrote:
> > I'm having trouble with Squid not resolving "eldo.us" or
> "www.eldo.us"
> >
> > The browser reports :
> > Unable to determine IP address from host name www.eldo.us The DNS
>
the local IP and to a dns server on another
system on our network.
nslookup on both DNS servers works properly.
I've tried restarting squid and bind, but no change.
squid-3.1.6
bind-9.3.6
Any ideas would be most appreciated.
Thanks,
Alan
CONFIDENTIALITY NOTICE: This e-mail message inc
> From: Amos Jeffries [mailto:squ...@treenet.co.nz]
> Sent: Tuesday, August 10, 2010 6:48 PM
> To: Alan Lehman
> Cc: squid-users@squid-cache.org
> Subject: RE: [squid-users] possible SOAP problem with 3.1.4
>
> On Tue, 10 Aug 2010 09:14:05 -0500, "Alan Lehman"
>
> >> From: Amos Jeffries [mailto:squ...@treenet.co.nz]
> >> Sent: Sunday, July 11, 2010 1:55 AM
> >> To: squid-users@squid-cache.org
> >> Subject: Re: [squid-users] possible SOAP problem with 3.1.4
> >>
> >> Alan Lehman wrote:
> >>&
e: [squid-users] possible SOAP problem with 3.1.4
>
> Alan Lehman wrote:
> > We have particular application software license server for our office
> > that is located behind a Squid proxy. It stopped working after
> upgrading
> > Squid from 3.1.0.17 to 3.1.4. This server periodica
idn't change anything.
Any thoughts would be most appreciated.
Thanks,
Alan Lehman
CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is
intended for the person or entity to which it is addressed and may contain
confidential and/or privileged material. Any unauthorized r
> sön 2010-06-06 klockan 22:49 -0500 skrev Alan Lehman:
> > Trying to access http://www.kswheat.com/ via Squid 3.1.4 as proxy, I get
> > "403 Forbidden, You don't have permission to access / on this server".
> > The web site loads normally if I bypass Squid
03 756 GET
http://www.kswheat.com/ - DIRECT/67.212.164.118 text/html
Nothing in cache.log
Thanks for any advice on this.
Alan
CONFIDENTIALITY NOTICE: This e-mail message including attachments, if any, is
intended for the person or entity to which it is addressed and may contain
confidential an
with Javascript I might be looking
for, or known issues with Squid and javascript?
Thanks,
Alan
> Hi Alan,
>
> Alan Lehman wrote:
> > squid-3.1.0.3 is periodically aborting with 'signal 6'. This system
> is
> > running both regular and reverse proxy functions. Any ideas? What
is
> > "lost DNS error info"?
>
> I think the DNS lookup
squid-3.1.0.3 is periodically aborting with 'signal 6'. This system is
running both regular and reverse proxy functions. Any ideas? What is
"lost DNS error info"?
Thanks,
Alan
/var/log/messages:
Mar 31 08:19:00 proxy3 squid[31952]: Squid Parent: child process 8977
exited
> Amos Jeffries wrote:
> > Alan Lehman wrote:
> >>>>>> Specific to your loop-back problem:
> >>>>>>
> >>>>>> You need to adjust your reverse-proxy configuration to block the
> >>>>> CONNECT
&g
ast it's not just hanging:
>
> cache_peer blah
>
> acl OWA dstdomain owa.domain.com
> http_access allow OWA
> miss_access allow OWA
> acl CONNECT method CONNECT
> cache_peer_access owa-server deny CONNECT
> cache_peer_access owa-server allow OWA
> never_direc
t;
As far as I can see, cache_peer doesn't allow a deny parameter, so I
tried the following and get "the requested URL cannot be retried". At
least it's not just hanging:
cache_peer blah
acl OWA dstdomain owa.domain.com
http_access allow OWA
miss_access allow OWA
acl CONNECT met
browser hangs and the following eventually
appears in
> > access.log:
> >
> > 1233516965.141 12567 [internal host IP] TCP_MISS/000 0 CONNECT
> > owa.domain.com:443 - FIRST_UP_PARENT/[owa server IP] -
> >
> > Any ideas would be most appreciated.
> >
> > Thanks,
> >
wa server IP] -
Any ideas would be most appreciated.
Thanks,
Alan
> cc'ing David W. who appears to have the same issue on 2.7 with similar
> but different pass-thru code.
>
> Alan Lehman wrote:
> >> Yes. Multiple authentication methods, triggered from multiple
> sources,
> >
> >> going via multiple paths can be
> Yes. Multiple authentication methods, triggered from multiple sources,
> going via multiple paths can be confusing.
>
> Squid auth_param elided, which leaves:
>
> "A user name and password are being requested by ..."
> == basic challenge by ISA.
>
> "Enter user name and password for ..."
ntegrated authentication" disabled
on the OWA server, Firefox would give me only the 2nd dialog, and it works. But
Activesync devices don't work "Windows integrated" disabled.
With "Basic authentication" and "Windows i
n
> >> the
> >> port?
> >>
> >>
> >> Amos
> >
> > The auth_param lines don't seem to make any difference. It works for
> me with them in.
> >
>
> Great. I'll get the wiki u
22.010| CacheManager::registerAction: registered
> >> basicauthenticator
> >>> The OWA web server has both basic and "Windows Integrated
> >> Authentication" enabled. If I disable "windows integrated", OWA
> works
> >> fine, but I need activ
t; Authentication" enabled. If I disable "windows integrated", OWA works
> fine, but I need activesync also, which does not work without "windows
> integrated" enabled.
> >
> > Thanks,
> > Alan
>
> Um, further on my other email.
> Try some of the setti
or
The OWA web server has both basic and "Windows Integrated Authentication"
enabled. If I disable "windows integrated", OWA works fine, but I need
activesync also, which does not work without "windows integrated" enabled.
Thanks,
Alan
16.4.64 parent 443 0 no-digest no-query originserver
login=PASS ssl sslflags=DONT_VERIFY_PEER
sslcert=/usr/share/ssl/exchange/exch-owa.pem name=owa-server
Thanks,
Alan
--
Please note our new email and website address!
Alan Leh
On Wed, 29 Mar 2006 04:58:10 -0800, Henrik Nordstrom said:
"With Squid you will see the following ports in use:
a) The TCP ports specified by http_port (and/or https_port) in LISTEN
state, and any client connections open to these..
b) UDP icp_port, snmp_port and htcp_port
c) One additional rand
w RPC
http_access allow RPC
[typical stand-alone forward http proxy configuration follows]
Any thoughts would be most appreciated.
Thanks
Alan Lehman
header fields for stripping?
Regards
Alan
allow OWA
miss_access allow RPC
miss_access deny all
cache_peer_access ip_of_exhcange allow OWA
cache_peer_access ip_of_exhcange allow RPC
cache_peer_access ip_of_exhcange deny all
never_direct allow OWA
never_direct allow RPC
Thanks again,
Alan Lehman
> -Original Message-
> From: Odh
t;3) what does cache.log have to say about the attempts?
Nothing.
Thanks,
Alan
George Butler Associates, Inc.
Creating Remarkable Solutions
for a Higher Quality of Life
Alan Lehman, P.E.
Electrical/Critical Facilities Group
One Renner Ridge
9801 Renner Boulevard
Lenexa, KS 66219-9745
T.
ection attempts from the client, but squid seems
to be ignoring. Nothing is passed to the exchange server.
Thanks,
Alan
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Monday, May 26, 2008 1:04 PM
To: Alan Lehman
Cc: squid-users@squid-cache.org
Subject: Re: [s
s Squid is trying to access something on the web server, but I
don't know why. There is only very occasional traffic in access.log for
x.x.x.20. Any ideas would be most appreciated.
Alan Lehman
search did not find that
username/password you see ERR, so you may have it already there.
Your details look basically OK. I found that when I had the -D details wrong I
would get messages such as "credentials invalid"
Alan.
Totally correct Amos
I rebuilt with netfilter only and works great, thanks
Alan
-Original Message-
From: Amos Jeffries [mailto:[EMAIL PROTECTED]
Sent: 14 February 2008 22:04
To: WRIGHT Alan
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Transparent Proxy not working in 3.0
Problem solved, clearly I used the wrong option for build
I tried make clean and rebuild with --enable-linux-netfilter only and it
works fine
-Original Message-
From: WRIGHT Alan
Sent: 14 February 2008 13:47
To: squid-users@squid-cache.org
Subject: [squid-users] Transparent Proxy
Type: text/html\r\n
Content-Length: 1447\r\n
Expires: Thu, 14 Feb 2008 04:44:37 GMT\r\n
X-Squid-Error: ERR_INVALID_URL 0\r\n
X-Cache: MISS from localhost.localdomain\r\n
Via: 1.0 localhost.localdomain (squid/3.0.STABLE1)\r\n
Proxy-Connection: close\r\n
\r\n
TIA
Alan
text/html\r\n
Content-Length: 1447\r\n
Expires: Thu, 14 Feb 2008 04:44:37 GMT\r\n
X-Squid-Error: ERR_INVALID_URL 0\r\n
X-Cache: MISS from localhost.localdomain\r\n
Via: 1.0 localhost.localdomain (squid/3.0.STABLE1)\r\n
Proxy-Connection: close\r\n
\r\n
TIA
Alan
Squid 3.0R1 fails in daemon mode when binding to a privileged port.
Works fine on ports > 1023.
There is nothing running on the ports as verified with "lsof -i" and
"netstat -a"
Debug (squid -X) shows this:
2008/02/04 11:13:24.293| acl_access::containsPURGE: invoked for
'http_access allow manage
Squid 3.0R1 fails in daemon mode when binding to a privileged port.
Works fine on ports > 1023.
There is nothing running on the ports as verified with "lsof -i" and
"netstat -a"
Debug (squid -X) shows this:
2008/02/04 11:13:24.293| acl_access::containsPURGE: invoked for
'http_access allow manag
quot;;
}
}
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: 14 March 2007 12:06
To: WRIGHT Alan
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Question on 302 problem
ons 2007-03-14 klockan 11:01 +0100 skrev WRIGHT Alan:
> Thanks Henrik,
> Cha
ideas?
Thanks again
Alan
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: 12 March 2007 15:08
To: WRIGHT Alan
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Question on 302 problem
mån 2007-03-12 klockan 14:59 +0100 skrev WRIGHT Alan:
> 2007/03
achalan.f2s.com'
In the cache.log file.
Any ideas what the problem is?
Have I forgot to change something in squid.conf?
TIA
Alan
Hi,
I install a solution Squid - dansguardian - squid and the acces log is
not showing the user-logon-name and source IP.
When we put NTLM and ACLs we receive access denied.
Squid conf 1:
cache_effective_user squid
cache_effective_group squid
http_port 3128
cache_dir aufs /cache 28000 16 256
p
never populated by Squid, but if i run it
manually and enter some text into STDIN then it populates the file fine.
Am I missing something in squid config? or is it something else?
Thanks
Alan
url_rewrite_program
-Original Message-
From: Angela Burrell [mailto:[EMAIL PROTECTED]
Sent: 02 March 2007 17:10
To: Guido Serassio; Santosh Rani; squid-users@squid-cache.org
Subject: RE: [squid-users] No squid_redirect option SQUID 2.6.STABLE3 ?
It has? What did it change to?
-Orig
Yes Guido, your right, I missed that on the rel notes :-O
Thanks for the pointer
Regards
Alan
-Original Message-
From: Guido Serassio [mailto:[EMAIL PROTECTED]
Sent: 02 March 2007 16:27
To: WRIGHT Alan; squid-users@squid-cache.org
Subject: Re: [squid-users] Errors when Starting Squid
squid
Thanks
Alan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: 02 March 2007 14:54
To: WRIGHT Alan
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Errors when Starting Squid
> Folks,
> When I start squid, i get the following
| ipcCreate: CHILD: c:/sqred/sqred.plx: (8) Exec
format error
2007/03/01 21:45:50| ipcCreate: PARENT: OK read test failed
2007/03/01 21:45:50| --> read returned 4
2007/03/01 21:45:50| --> got 'ERR%0a'
2007/03/01 21:45:50| WARNING: Cannot run 'c:/sqred/sqred.plx' process.
I have noticed that it is due to this command in the .conf file
url_rewrite_program c:/sqred/sqred.plx
When this line is commented, the proxy works fine.
Does anyone have an idea as to what the Exec Format error is?
Thanks
Alan
-- Forwarded message --
From: Alan Araujo <[EMAIL PROTECTED]>
Date: Feb 9, 2007 5:23 PM
Subject: Re: [squid-users] Dansguardian or Squid
To: Chris Nighswonger <[EMAIL PROTECTED]>
Thanks Chris,
My doub is if DG can auth users like Squid using NTLM.
I heard that new v
What is the best solution:
1 - Squid --> Dansguardian --> Squid
Or
2 - Dansguardian (2.9.8.2) --> Squid
Does anyone use the secound option ?
Thanks,
Hi,
Does anybody knows how to implement a fake_auth helper solution ?
Thanks,
Hi,
I´ve getting trouble with Squid 2.6 in my company. The directors are
cosidering to change it for a Blue Coat proxy. All the 60 NTLM Helpers
are constantly in RESERVED or DEFERRED state.
We are using ADS with security option,
auth_param ntlm max_challenge_reuses 100
auth_param ntlm max_chal
Hi,
I instaled a Squid 2-5 Stable 13 working together Dansguardian and
authenticating in Active Directory.
The winbind is operational and the NTLM authentication are working as well .
The problem is Basic authentication, the slot #1 are constantly in
BUSY state and requests are increasing until
Out of the ether, Alan B. Clegg spewed forth the following bitstream:
> My configuration includes this:
>
> cache_peer 127.0.0.1 parent 12080 0 no-query proxy-only default
> acl infragard dstdomain infragard.org
> always_direct deny infragard
> never_di
Greetings all!
I'm guessing that this question may have been asked before, but I've been
through the FAQ and have searched the mailing list and have come up
relatively empty.
My situation is this:
I have a local proxy that creates a VPN to a 'secure site'. This (non-squid)
proxy listens on 1208
Thanks for you attention. I've just now subscribed to this list. I'm a
little green with squid and want something that conventional wisdom
says can't be done. Here's the run down.
I'm looking at installing free wireless internet access for the public
to use in the downtown Macon GA area. Expens
Henrik Nordstrom wrote:
On Mon, 22 Mar 2004, Alan Lehman wrote:
It is. I have login=pass, and authentication = basic (only) on
eggchange.
needs to be login=PASS (or login=PROXYPASS depending on your setup)
Regards
Henrik
That works. Sorry to be so dense. Thanks for all your help.
1 - 100 of 111 matches
Mail list logo
