If the connection is to port 443, I don't think so.
Tesla
From: Adaíl Oliveira [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [squid-users] BLock Http Tunnel
Date: Wed, 12 Feb 2003 10:11:37 -
There is anyway to block httptunnel in a squid proxy server?
Thanks.
Adaíl Oliveira
Making something like this would render browsing useless for cache users.
Port restrictions has no definitive effect here. For as long as there is any
allowed port for CONNECT, they can tunnel through that port.
Tesla
From: Federico Lombardo [EMAIL PROTECTED]
To: Adaíl Oliveira [EMAIL
This one definitely deserves an entry in squid FAQs in capital letters!
Tesla
From: Harald Flory [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [squid-users] Squid bug? IE bug? or ?
Date: Wed, 12 Feb 2003 13:57:36 +0100 (MET)
Michael Cloutier wrote:
all of my users with any version of IE
all you need to do is to identify the servers and then block
them,
This means that they already abused the proxy. A solution prior to this
happenning would be very nice.
Tesla
_
Protect your PC - get McAfee.com VirusScan Online
NCSA.
This was a year ago. Did not try recently. Removing authentication fixed the
problems for us then. Performance degradation was really huge.
Tesla
From: Robert Collins [EMAIL PROTECTED]
To: Tesla 13 [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: [squid-users] Squid stops answering
Are you sure your web server is handling the hits?
Also when apache logs 408's, there is sometimes DOS attacks in progress to
the web server like a worm, bounce attack, etc... and it is spawning too
many children. Can you try to isolate the problem?
You can check any external site instead of
I did the same yesterday :)
Can any developer look into this and verify if it works as expected and if
there is any performance effect?
Also, doesn't useragent need to be escaped like usernames or cleaned off
from garbage characters?
Tesla
From: Justin Albstmeijer [EMAIL PROTECTED]
What happened to daily tarballs? Latest is from last week.
Tesla
_
MSN 8 with e-mail virus protection service: 2 months FREE*
http://join.msn.com/?page=features/virus
No paid software is necessary to do something like that.
I use a small perl script and cron for the same purpose. Access log is
scanned regularly and if a user is over a configurable certain limit, he
gets added to delay pools.
Tesla
From: Mark Pleasance [EMAIL PROTECTED]
To: [EMAIL
Hello,
Issuing squid -k reconfigure or sending HUP signal to squid increases number
of open files. It looks like a new /etc/hosts is being opened each time
SIGHUP is sent without releasing the old one. 2.5-STABLE on a Redhat 8.0
Any ideas?
Tesla
Didn't know I was fishing!
Thanks, this fixes it.
I also want to mention that your patch for making proxy_auth work with
tcp_outgoing is fine till now (don't remember bug number).
Tesla
On Sat, 2003-02-08 at 13:11, Tesla 13 wrote:
Hello,
Issuing squid -k reconfigure or sending HUP signal
Normal internet proxy.
The client is a normal browser that I have no control of. That is why
username authentication was preferred.
Thanks!
Tesla
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Tesla 13 [EMAIL PROTECTED],Squid Users
[EMAIL PROTECTED]
Subject: [squid-users] Re: Date: Fri
You already mentioned them earlier in your access log -- 219.106.192.133,
218.222.245.221 -- Asia-Pacific Network IPs. Look at the first item in your
access log lines which is the user's IP address.
If you want to block from the source, the following should work if you have
internal IP
1) is it possible to config squid NOT to set this header at all?
I think
header_access X-Forwarded-For deny all
should do.
You can remove it from the source if you feel inclined so. Just do a grep
-r.
Don't have answers to other questions.
Tesla
This should do:
acl user1ip src 192.168.0.10
acl user1destination dstdomain www.mysite.com
http_access allow user1ip user1destination
http_access deny all
If there are a lot of domains, you can put them in a file one at a line.
Then use something like this:
acl user1destination dstdomain
Hello Folks,
Did anyone get deny_info working properly on 3.0 builds (I used
squid-3.0-DEVEL-20030118)?
With me, squid exists with the following error:
2003/01/25 10:56:18| assertion failed: errorpage.cc:131: info info-id
== i info-page_name
squid won't run when deny info line is present.
16 matches
Mail list logo
