This works. Thanks, Andreas.
Horst
"Andreas
Petter
Hi,
I'm using http_reply_access acls to restricht access to certain MIME-types.
There are some situations where a site sends an "empty" MIME-Type (showing
as "-" in access.log ), e.g when sending an http-redirect.
How can I match these in an acl?
Horst
Disclaimer
Diese E-Mail kann vertrauliche
Theo,
glad I could help :-)
I think in your first config the -D parameter to squid_auth_ldap was
missing.
The LDAP helper needs this bind DN in order to bind to the directory in
order to find out if the supplied user DN exists. If the supplied user DN
exists, the helper binds to the directory wi
Strange, indeed. In my config I have the -D, -w, -s, -h parameters first
and then the searchfilter (-f). You might try this.
Also I think there should be a blank between the "-f" and the actual
filter. Dont know if this is required, though.
>external_acl_type ldap %LOGIN /usr/libexec/squid_ldap_
Can someone pls explain the difference between
auth_param basic credentialsttl 2 hours
and
authenticate_ttl 1 hour
Regards
Horst
Disclaimer
Diese E-Mail kann vertrauliche und/oder rechtlich geschützte Informationen
enthalten. Wenn Sie nicht der beabsichtigte Empfänger sind oder diese E-Mail
You cannot use NTLM-authentication through squid.
See http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.14
"CHARREAU Anthony"
In your acl-config the "authorizedusers" acl is maybe not evaluated since
the others (allowed_hosts, our_networks) match first (see below)?
http_access allow allowed_hosts
http_access allow our_networks
http_access allow all authorizedusers
What are you trying to achieve with thes acls? Do you w
Send all request to your antivirus-proxy and turn of scanning for the mime
types you do not want scanned in your AV-software
[EMAIL PROTECTED]
Are you sure this is a squid problem ? I had the same effect with IE and
squid, but it turned out that squid used an Interscan Viruswall as parents
proxy and it was a configuration isssue on the viruswall, not squid.
(The viruswall has a "trickle" option that sends some Bytes to the client
while i
Configuration Nr. 1 is the more secure option since all http traffic is
scanned by the viruswall (which also scans for stuff like javascript
"malware").
Of course this affects performance, or rather the way users experience
their download. In order to scan a file (say a .zip-archive), the viruswal
What is the content of your acl file??
Hement Gopal
<
In order to make squid read the list from afile you should enclose the
filename in double quotes:
acl porn1 url_regex "/usr/local/squid/etc/porn1"
Otherwise squid will not read the urls from the file but match the filename
itself
You should also probably use "url_regex -i" (csase insensitiv
Thanks Henrik,
this seems to work. What exactly do you mean with "quite well (but not
100%)"?
Would you consider this workaround fit for use in a production environment
(about 1000 users)?
Regards
Horst
Hi,
I'm using squid-2.5.STABLE5-20040419 and OpenLDAP 2.1.29 an RedHat
Professional WS.
I want to restrict access to certain MIME-Types on a per-user(Group)-level.
The basic idea is to have a group of users that are allowed to access html,
images css, javascript only and another group ("admins")
I had this problem with https sites even without authentication. Only
occured with IE6, other browsers ot older IE worked fine. Following
settings from the FAQ helped:
According to Joao Coutinho, this simple solution also corrects the problem:
Go to Tools/Internet
Go to Options/Advance
rs other than the parent proxy))
i.A. Dipl. Math. Horst Mundt
Professional Communication
___
arxes Network Communication Consulting AG
Tel.: +49 221 96486 - 156
Fax: + 49 221 96486 - 202
Email: [EMA
16 matches
Mail list logo
