Sorry. SSLDUMP is like tcpdump but for ssl, it Works on layer 3 and has nothing
to do with squid, that what we use.
Regards.
-Mensaje original-
De: PS [mailto:packetst...@gmail.com]
Enviado el: viernes, 03 de febrero de 2012 12:56 p.m.
Para: Alfonso Alejandro Reyes Jimenez
CC: squid
Hi.
If you have the certifícate information you may use ssldump to decode the
information. I hope this helps.
Regards.
-Mensaje original-
De: PS [mailto:packetst...@gmail.com]
Enviado el: viernes, 03 de febrero de 2012 12:11 p.m.
Para: squid-users@squid-cache.org
Asunto: [squid-users]
g. Alfonso Alejandro Reyes Jimenez
Coordinador de Seguridad - SASI
E-mail: aare...@scitum.com.mx
Telefono: 91507489
Movil: (044) 55 85 81 04 62
- Mensaje original -
De: Sekar Duraisamy [mailto:seka...@gmail.com]
Enviado: Saturday, December 17, 2011 07:45 AM
Para: squid-users@squid-cache.o
Chinner.
This information is not part of the squid configuration but I couldn't let you
jump to Cisco wccp without sharing my experience.
That feature is not working right with any asa5500 IOS version, it has a lot of
bugs. Be very careful if you set it up on production environment.
Regards.
sites:
export http_proxy=http://10.1.1.1:3128
export https_proxy=http://10.1.1.1:3128
(10.1.1.1 is our company proxy)
So how can I implement a HTTPS reverse site with Squid in my scenario ???
Thanks a lot,
Alejandro
--
Alejandro Cabrera Obed
aco1...@gmail.com
www.alejandrocabrera.com.ar
Thanks that was a great advice, I will read about it.
Have a great day.
Alfonso.
De: Manuel Rodríguez Hernández [mailto:mrodrig...@insys-corp.com.mx]
Enviado el: miércoles, 08 de junio de 2011 08:17 p.m.
Para: Alfonso Alejandro Reyes Jimenez; squid-users@squid-cache.org
Asunto: RE: [squid
Hi list.
We are going to work with an old squid (I mean old because this squid
was installed and administered by another person), It works with LDAP. I
don't have any experience working with LDAP authentication.
I was wondering if you can give me some advices for troubleshooting, any
advice will
Hi Andrew.
We usually use radius server for the authentication we don't pay attention to
IP's only the usernames and passwords.
If you need assistance with the radius server please let me know.
Regards.
Alfonso.
-Mensaje original-
De: Andrew Gilfillan [mailto:bl
Hi list.
We would like to know whats the best practice when we have more than 3000 rules
on our squid. Right now squid takes more than 15 minutes to start or restart,
we think that's because we have a lot of rules.
The question is:
If we change all that rules to a text file, squid will start f
query originserver name=intranetBP
acl OWA dstdomain webmail.company.com
acl WWW dstdomain www.company.com
but it doesn't work
Does anyone know if it's possible to do this ???
Really thanks
Alejandro
anet
access at all in the /var/log/squid/access log file.
Can you tell me why Squid doesn't work with my second web site on port 44000
???
Special thanks
Alejandro
gb, I don't succed and the access.log from squid tell
me this:
192.168.0.22 TCP_MISS/302 584 GET http://www.correo.gb/ -
FIRST_UP_PARENT/owaServer text/html
Please can you help me or give me a more explicit howto on this topic ???
Special thanks,
Alejandro
advantage of using a Squid as a reverse proxy in
front of my webmail ??? Because I can't see any security benefit...
Thanks a lot
Alejandro
Hi all!. I am using squid stable 2.6.stable18. and i need to log
failed authentications attempts or at least some info to look. I
noticed that NTLM don't log the username if it is fails, ldap_auth do
that so i can parse the log to find something like TCP_DENIED/407, a
low ts value and a username
e table but the access.log does not
report any traffic.
Thanks four your comments.
Alejandro
Thanks to all for your time and replies.
Alejandro
Jeffrey Goldberg escribió:
On Jun 22, 2009, at 7:03 PM, Amos Jeffries wrote:
On Mon, 22 Jun 2009 15:50:51 -0300, Alejandro Martinez
wrote:
Amos, thanks for your reply.
The last question, how do youy estimate that time ??
Now there is a
Amos, thanks for your reply.
The last question, how do youy estimate that time ??
Thanks,
Alejandro
Amos Jeffries escribió:
Alejandro Martinez wrote:
Is there any chance to get the elapsed time a user has spent on a site ?
If a user acces a site (ex: www.site.com) at 9:00 am for about 15
27;ve read that if you take the last log access
- the first log access for that site you can estimate it, but if I do
that, I have 3 hours and not 30 minutes.
I've seen that SARG show a total time on a site, but is that time true?
Thanks,
Alejandro
Chris.
Thanks for your answers.
Alejandro
Chris Robertson wrote:
Alejandro Martinez wrote:
Thanks for your reply.
Where can I find some info about squidclient x_forwarded ?
Just for clarity, squidclient is a very basic HTTP query tool, and has
nothing to do with X-Fowarded-For headers
Thanks for your reply.
Where can I find some info about squidclient x_forwarded ?
Maybe asking in squid-dev ?
Chris Robertson wrote:
Alejandro Martinez wrote:
Hi,
This is my first post.
I have two proxies
Network(Users) - > ProxyA (sibling)
-->
Hi,
This is my first post.
I have two proxies
Network(Users) - > ProxyA (sibling)-->
ProxyB (parent)
In proxyA I have:
forwarded_for on
In ProxyB I have:
follow_x_forwarded_for allow all
gt; .rapidshare.com
>> .googlevideo.com
>> .photobucket.com
>> .dailymotion.com
>> .logmein.com
>> .megavideo.com
>> .audio.uol.com.br
>> .imo.im
>> #
>>
>> But I am able to connect https://imo.im
>> I only got access denied when I access http://imo.im
>>
>> How do I block it?
>>
>> thanks
>>
>
>
--
Alejandro Bednarik
XTech - Soluciones Linux para Empresas
(011) 5219-0678
[EMAIL PROTECTED]
is also a workaround doing echo 8192 >
/proc/sys/fs/file-max and ulimit -Hn 8192 and then start squid, but is
not the best solution.
Cheers!
Paras Fadte wrote:
> ulimit -n shows 1024
>
> On 10/21/08, Alejandro Bednarik <[EMAIL PROTECTED]> wrote:
>>
>> Which is
Which is the output of "ulimit -n" (for linux) or "sysctl -a | grep
maxfiles" (for BSD)
Cheers!
Paras Fadte wrote:
> Hi,
>
> I get following message in cache.log .
>
> WARNING! Your cache is running out of filedescriptors
>
> How can it be resolved ?
m to connect?
>
> Thanks.
>
You can make a perl/python script to generate a file with a list of ip's
and add a acl to allow users who match that list.
acl users_ip src "/etc/squid/users_ip.acl"
http_access allow users_ip
Cheers!.
--
Alejandro Bednarik
XTech - Soluciones
Amos Jeffries wrote:
> Alejandro Bednarik wrote:
>> Amos Jeffries wrote:
>>> wrote:
>>>> Hi
>>>>
>>>> My squid log files, access and store, are becoming bigger and bigger;
>>>> more than 600 megabytes each. Does it affect squid
.STABLE4 or 3.0.STABLE9
>
Squid add an entry in logrotate directory's to do this jobs. Do you have
cron running and logrotate installed?
Cheers!
--
Alejandro Bednarik
XTech - Soluciones Linux para Empresas
(011) 5219-0678
[EMAIL PROTECTED]
We use S.A.R.G for extract that kind of information.
Saludos.
--
Alejandro D. Comisario
E-Mail: [EMAIL PROTECTED]
Depto. Tecnología y Seguridad Informática
Sistemas Catastrales S.A.
--
-Mensaje
g to take changes on real
time??
THANKS A LOT !!!
Saludos.
--
Alejandro D. Comisario
E-Mail: [EMAIL PROTECTED]
Depto. Tecnología y Seguridad Informática
Sistemas Catastrales S.A.
--
s.log file ???
Thanks
alejandro.-
ss
log file in order to check its value ???
Special thanks
alejandro.-
Are these directives from squid.conf the common errors to convert the
squid proxy in a open proxy accesed from any Internet users:
acl lan src 0.0.0.0
http_access allow mi_lan password
?
Or any more ???
Really thanks
alejandro.-
which could be the problem ???
Really thanks
alejandro
Squid in order to point it to
192.168.1.1:3128 (IP/Port from the new top Squid) so users from my LAN
travel through both proxies ???
Thanks
alejandro.-
Dear all, I have Squid 2.6 over Linux and I want to clean the cache in a
good manner...what is the best way to do it ???
Thanks !!!
alejandro.-
-->Router Cisco--->PC Scanner pop3/smtp >useroutlook
Thz
Alejandro Decchi
Responsable Sistemas
( 11-4511-2340 int. 115
Av.Del Libertador 6250 Piso 10 - Cap.Fed.
(CP C1428ARS) Bs.AS. Argentina
-Mensaje original-
De: Adrian Chadd [mailto:[EMAIL PROTECTED]
E
dos.com.ar
and then:
http_access deny web_xxx
I can enter to www.gemidos.com.ar without any restriction, the ACL does
not work.
Can you help me ???
Thanks a lot,
alejandro
-10-27 10:28:31 [18769] sgDbLoadTextFile: put: Cannot allocate memory
2006-10-27 10:28:31 [18772] sgDbLoadTextFile: put: Cannot allocate memory
2006-10-27 10:28:31 [18773] sgDbLoadTextFile: put: Cannot allocate memory
I can't find this error message at Google.
What can I do ??? Can anybody help me ???
Really thanks,
alejandro.-
to
do this authentication ???
Thanking in advance
alejandro.-
s there any new tag
in replace of "redirect_program" in squid.conf ???
Thanks !!!
alejandro.-
If this is true, then Squid required a inverse search. From IP search domain. :(
Therefore put a IP address in a config file (ACL) instead of a
hostname isn't quicker.
somebody knows something about this? it's true?
Bye.
2006/10/17, Jaime Solorzano B <[EMAIL PROTECTED]>:
That was tested and th
(in the LDAP host).
Thank you, regards.
alejandro.-
Dear all, I use a user/password basic authentication system in order to
validate users to use Internet through the Squid. I know the client
browser sends the password to the Squid in a Base-64 encoding way, so my
question is:
Can the client browser send the password in an ENCRYPTED manner to the
Dear all, I'm new at squid and now I need to know this short topics for
the stable version:
1) Internal DNS client feature only uses UDP protocol and external uses
UDPand TCP ???
2) Is it necessary to use TCP for normal DNS queries ??? Because I know
that ALL normal queries run over UDPexcept
I have the same problem in Debian Sarge 3.1 someone can help me???
Thz
-Mensaje original-
De: Joost de Heer [mailto:[EMAIL PROTECTED]
Enviado el: Martes, 05 de Septiembre de 2006 11:34
Para: squid-users@squid-cache.org
Asunto: Re: [squid-users] squid can not automatically run when syste
Sorry Henrik to be very newbie what is TLS ??
-Mensaje original-
De: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Enviado el: Lunes, 04 de Septiembre de 2006 17:56
Para: Alejandro Decchi
CC: 'Saqib Khan (horiba/eu)'; squid-users@squid-cache.org
Asunto: RE: [squid-users]
ldap.When I
finished to installed all I did that the page explain step by step, but It
did not work
I hope if you could do this authentication can give a hand.
Thz
Alejandro Decchi
-Mensaje original-
De: Saqib Khan (horiba/eu) [mailto:[EMAIL PROTECTED]
Enviado el: Lunes, 04 de Septiembre de
Hi ! my squid friend.Can you explain me how did you do to install everything
. A long tome ago i tried but i could not made this method of athentication.
Can you give me a hand explain me step by step how this you all I read a lot
of article hou to install ldap and squid with active directory but
I read a lot article to start squid automatic when the pc start or restart
the same with apache.Sameone can help me ?? I am using debian sarge 3.1 and
i would like to do when the pc restart squid clean the cache it is posible
because i do not find and it is possible programm x date clean the cac
go to the squid page,and there theare are the files to manage and the
software to the user can change their password.
thz
Adecchi
- Original Message -
From: "Guido Serassio" <[EMAIL PROTECTED]>
To: "Widi Apriyadi" <[EMAIL PROTECTED]>;
Sent: Monday, August 28, 2006 5:07 AM
Subject: Re: [
Hello squid user. I install the cgi tool to the user can change their
password. They put the old password and then put the new password.The page
said the password was changed, but when they try to access with the new
password they can not and then they try with the new password and they can
acc
I installed the tool to help the squid user to changes their passsword but
when they change their password squid do not use the new password to
navagate.
Someone can help me ?
Hello i install change password of squid .When i tried to change the
password the page told me the password was changed, but when i try to access
with thw new password ,squid do not authenticate but if i put the oldest
password i can navegate.
Pls Helppp
Hi
I check in the internet explorar options do not use proxy server for
local address, but it does not work
Have i to configurate anything in the squid proxy ??
thz
- Original Message -
From: "Rayudu Madhava" <[EMAIL PROTECTED]>
To: ; "Alejandro Decchi"
Someone know how to configurate squid-cache to do not resolve the name of
the webpage that are in my intranet ??? Because i configurate in the
internet explorer to do not use proxy server for local address, but it does
not work
Thz
Ale
Some one can explain me how to do it ??? Pls guide me step by step. I try do
it with squid_ldap_auth and NTLM and i could not . I have a debian sarge 3.1
and the squid 2.6 stable 2
Pls help
How did u install Kerberos ??
Thz
Ale
- Original Message -
From: "Mario Iseli" <[EMAIL PROTECTED]>
To:
Sent: Monday, August 14, 2006 6:15 PM
Subject: [squid-users] [Solution] Squid on Active Directory
Hello Squid-Users,
this week I had problems with binding Squid to Active Directory
Hello Squid User I read your article is nice. But you authenticate with
ntlm.
Could you implement Squid_ldap_auth
Because i had a problem
- Original Message -
From: "Mario Iseli" <[EMAIL PROTECTED]>
To:
Sent: Monday, August 14, 2006 6:15 PM
Subject: [squid-users] [Solution] Squid on
Anybody know if i need to install and configure Kerberos and if i need to
confiure ldap. And anybody know if i need to configure kerberos and ldap to
authenticate the users in active directory to navagate throw squid proxy
Thz
- Original Message -
From: "Alejandro Decchi&quo
nt Size: 0 KB
Page faults with physical i/o: 396
Memory usage for squid via mallinfo():
total space in arena: 2113 KB
Ordinary blocks: 2049 KB 2 blks
Small blocks: 0 KB 1 blks
Holding blocks: 208 KB 1 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 63 KB
Total in use: 2257 KB 107%
Total free: 63 KB 3%
- Original Message -
From: "Henrik Nordstrom" <[EMAIL PROTECTED]>
To: "Alejandro Decchi" <[EMAIL PROTECTED]>
Cc:
Sent: Saturday, August 12, 2006 3:47 PM
Subject: Re: [squid-users] Help Error squid !!!
Hello my squid friend ! Someone known if i have to configure the salpd.conf
with the information of my windows 2003 active directory domain controller.
Thz
- Original Message -
From: "Henrik Nordstrom" <[EMAIL PROTECTED]>
To: "Alejandro Decchi" <[EMAIL PR
Hello anybody know how to install squid_ldap_auth with squid in Debian Sarge
3.1. I read all article but i had problem to install it:
When i try to do :
./configure --enable-auth="LDAP" --enable-basic-auth-helpers="LDAP"
--enable-LDAP-auth-helpers="LDAP"
it is O.K but when i made :
make i had
Hello !
When i try to do :
./configure --enable-auth="LDAP" --enable-basic-auth-helpers="LDAP"
--enable-LDAP-auth-helpers="LDAP"
it is O.K but when i made :
make i had this error:
make[3]: *** no rule to make target 'libldap.a', need by 'all-am'.stop.
make[3]: Leaving directory
'/root/Deskto
Anybody know hot to install squid with ldap with all package to
authenticate by Active directory of windows 2003 server.Because i had a lot
of problem to install it after to install squid.
Thz
Ale
Hello i have the same problem like you. I red the following article but did
not work
http://kb.papercutsoftware.com/Main/ConfiguringSquidProxyToAuthenticateWithActiveDirectory
I installed squid with the following command:
./configure
make
make install
then i configured the squid.conf with
http
Hello I had the following line:
ls -l /usr/local/squid/libexec/squid_ldap_*
-rwxr-xr-x 1 root staff 70955 2006-08-09 /usr/lib/squid/squid_ldap_auth
I made the following /usr/local/squid/sbin/squid start and i have not
error,but i can not navegate and Internet Explorar does not ask for user an
Hello my name is Alejandro from Argentina .Anybody install
squid_ldap_auth
with active directory ???
Could sameone give a hand with it ??
1)how to install squid_ldao_auth
2)Could sameone passme the configuration of the squid.conf
>>>
>>> thz
>>> Alejandro
>
Hello Squid- Users Someone implement squid-cache with active directory of
windows 2003 and Ldap I am using Debain Sarge I am trying with ntlm
but still continue without results.
I hope someone can help me
Ale
- Original Message -
From: "Matus UHLAR - fantomas" <[EMAIL PROTECTED]
Hello my name is Alejandro from Argentina .Anybody install squid_ldap_auth
with active directory ???
Could sameone give a hand with it ??
1)how to install squid_ldao_auth
2)Could sameone passme the configuration of the squid.conf
thz
Alejandro
someone help me?.
---
Ing. Alejandro S. Visentini
---
e logged but others (that should be
logged) aren't.
Can someone help me?
Thanks
-------
Ing. Alejandro S. Visentini
---
). But from a windows98 workstation that is at the same
"http_access" level in squid.conf the user doesn't have any problem.
Can someone help me?
Thanks
---
Ing. Alejandro S. Visentini
---
;t get a response from the
transparent cache.
Thanks,
Alejandro
f filedescriptors
Regards
Alejandro
Henrik Nordstrom wrote:
On Tue, 12 Oct 2004, Alejandro Barcena wrote:
I want to setup a transparent cache. But I can't find where does it
break. I'm sending the www trafic to squid with a cisco css 11000
series. I'm using RedHat Linux 9 with kerne
ss allow localhost
miss_access deny all
I hope someone could help me with this, thanks in advice.
Alejandro Barcena
Try with a .sh file named auth_ldap with the following content:
#!/bin/sh
./squid_ldap_auth -b "ou=,o=,c=zz" -u cn -s sub -D
"cn=,ou=,o=,c=zz," -w-f ""
ldap_ip_address
and then call the bash script in the squid.conf file ... don't forget to
give permisses to squid
Squid ask me for a password at every time that I change the URL in my
Browser ...
Its posible to avoid it using ldap auth + transparent proxy? ...
Regards,
_
Sebastián Arias
Infraestructure & Technologies
AT&T Latín América, Argentina
Phone: [5411]5288-05
web
...
Regards!
_
Sebastián Arias
Infraestructure & Technologies
AT&T Latín América, Argentina
Phone: [5411]5288-0524 - Fax: [5411]5288-0408
-Mensaje original-
De: Arias, Sebastian Alejandro - (Ext Arg)
Enviado el: Viernes, 29 de A
Fax: [5411]5288-0408
-Mensaje original-
De: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Enviado el: Viernes, 29 de Agosto de 2003 12:22 p.m.
Para: Arias, Sebastian ""Alejandro - (Ext Arg)
CC: '[EMAIL PROTECTED]'
Asunto: RE: [squid-users] THE LAST BIG HELP!
fre 2003
TED]
Enviado el: Jueves, 28 de Agosto de 2003 07:25 p.m.
Para: Arias, Sebastian Alejandro - (Ext Arg);
'[EMAIL PROTECTED]'
Asunto: Re: [squid-users] THE LAST BIG HELP!
On Thursday 28 August 2003 23.06, Arias, Sebastian Alejandro - (Ext
Arg) wrote:
> I'm using the squid_ldap_aut
I'm using the squid_ldap_auth that became with the squid 3 at my
installation of squid 2.5 ... The script works fine at the shell prompt, but
when I tried to authenticate through the squid with the browser pop-up It
didn't works fine ... but I could see traffic flowing between my LDAP Server
and th
Hello,
I'm using now the squid_ldap_auth that became with the SQUID 3
version ... This script works fine in my shell prompt, but when I tryied to
made the authentication over squid it didn't works and it sends me a
WARNING: basicauthenticator #3 (FD 9) exited message ...
Could you help me
The script its a loop, it never finish ... it send an ERR or OK mess and
wait for another answer ...
It waits for: username pass (user pass) like the squid_auth_ldap ... mmm yes
it can auth one at time ...
I'm write my own script because I'have some problems with the built-in
helper ...
(The scr
Hello,
I writed my own ldap auth script under perl, my script gives ERR or
OK after the authentication proccess was finished ...
When I run the squid under a bash shell it works fine, but if I try
to use the same script under squid (at the auth_param)
I received every tim
Hello,
I receive ERR messages at every time that I try to autenticate users
with the squid_auth_ldap script.
I tried with:
./squid_auth_ldap -S 192.168.1.12 -D
"CN=username,OU=ITS,OU=Sistemas,OU=Cuentas de
usuario,dc=ar,dc=attla,dc=corp" -s "dc=ar,dc=attla,dc=corp" -w pas
Hi !
I am using squid_ldap_auth helper to authenticate.
I need squid to query the helper again to any user that has been inactive for a period
of time, let's say 20 minutes.
Thanks !!
On 08 Jul 2003 14:25:56 +0200
Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
> tis 2003-07-08 klockan 14.07 sk
Where did you specify the username?
Suppose i have two users , Tom and John and i want to have a 2-limit for Tom and a
1-limit for John.
Thanks !
On 04 Jul 2003 11:38:58 +1000
Robert Collins <[EMAIL PROTECTED]> wrote:
> On Fri, 2003-07-04 at 03:11, Alejandro Javier Pomeraniec wrot
Hi !!
How can i make user credentials to expire on a specified time ?
I've tried credentialsttl with no result.
Thanks !
Hi !
Is it possible to use max_user_ip with differents values depending on the user that
logs into the system?
Thanks !
I have set up an external ldap authentication and i want to limit the number of
differents ip the user can log in from.
Does anybody know how to use max_user_ip?
I have this acl in squid.conf
acl password proxy_auth REQUIRED
and i have these lines too
http_access allow password
http_access de
90 matches
Mail list logo