..ah sorry but I have solved my problem with:
acl goodword url_regex "/etc/squid/goodword.txt"
...
http_access allow goodword
thanks.
--
Salvatore.
Hi, I have use squid-2.5.STABLE3 with redirect to squidguard, my
configuration deny access to web site with a specified word (sex, games etc)
with these rules:
acl mp3 url_regex "/etc/squid/myword.txt"
.
http_access deny mp3
...and then I use blacklist in squidguard.conf:
..
destination bl_prox
"Henrik Nordstrom" wrote:
should be deny.. you want to deny Squid from asking the Squidguard
redirector...
..ah sorry but I wanted to mean 'deny' but I have mistaken to write, however
now with the tag 'redirector_access' works fine !!
still thanks.
--
Salvatore.
"Henrik Nordstrom" wrote:
squidguard is applied to every request, unless bypassed with
redirector_access.
..if I have understood for to resolve my problem I must configure squid in
this mode:
acl noredir dstdomain .mydomain.com
redirector_access allow noredir
acl ...
acl...
..
http_access a
cess allow local_net
http_access allow localhost
http_access deny all
I don't view in any case the swf file ?? ... the blacklist is loaded before
acl 'goodsite' ??
still thanks.
--
Salvatore.
- Original Message -
From: "Henrik Nordstrom" <[EMAIL PROTE
"Henrik Nordstrom" wrote:
This indicates the web server (or a parent proxy) denied access to the
requested resource.
The access was allowed by your Squid.
..sorry but I don't understood, because only without squid I have view
correctly this web site ?? because squid not loaded the swf file
"Roger" wrote:
Where in squid.conf is the http_access listed? Is it prior to the deny
for the 'movie' acl?
I think the 'allow' should be before the deny.
..the sequence is:
http_access allow windowsupdate
http_access allow manager sasab
http_access allow manager localhost
http_access deny man
Hi, I have a problem with file .swf then I don't view in web page but only
when the proxy is active.
I use:
squid-2.5.STABLE3-2
squidguard-1.2.0-2
.. in log file I have:
10.0.0.11 - - [10/Feb/2006:14:25:25 +0100] "GET
http://www.mywebsite.com/Movie/example.swf HTTP/1.0" 403 4135
TCP_NEGATIVE
Salvatore.
- Original Message -
From: "Christoph Haas" <[EMAIL PROTECTED]>
To:
Sent: Monday, December 05, 2005 8:31 PM
Subject: Re: [squid-users] Merge of acl
On Monday 05 December 2005 16:47, sasa wrote:
- permit always http access only two ip addresses of my LAN (10.0.0
Hi, I have necessity of:
- permit always http access only two ip addresses of my LAN (10.0.0.1 and
10.0.0.2)
- from 13:00 to 14:00 permit all ip addresses of my LAN to http access
- permit always all ip addresses of my LAN to use mail (port 25 and 110)
..but as I make to merge more acls ??
I t
Are you using your proxy transparently?
Tim Rainier
"sasa" <[EMAIL PROTECTED]> wrote on 11/30/2005 01:08:27 PM:
Hi, I have a problem with access to software like Winmx ed Emule.
My squid.conf is:
http_port 10.0.0.121:3128
acl QUERY urlpath_regex cgi-bin \?
no_ca
Hi, I have a problem with access to software like Winmx ed Emule.
My squid.conf is:
http_port 10.0.0.121:3128
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl windowsupdate dstdomain .windowsupdate.microsoft.com
no_cache deny windowsupdate
acl all src 0.0.0.0/0.0.0.0
acl manager proto c
eb server in DMZ
-Original Message-
From: sasa [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 23, 2005 5:48 AM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] Error tcp_negative on web server in DMZ
Hi,
also with:
acl internalsite dstdomain www.mysite.com
no_cache deny internalsit
Hi,
this problem is present only request at my server http and windows update,
for all other sites it's all ok, and this problem is present on all my
machine.
Thanks.
--
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Wednesday
Hi, I have tried with another cache directory (and then squid -z) but the
result isn't changed, how this is possible ?
thanks again.
--
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, November 23, 2005 3:47 PM
Subj
again.
--
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, November 23, 2005 1:48 PM
Subject: Re: [squid-users] Error tcp_negative on web server in DMZ
Hi,
the same configuration with old proxy server machine is ok but w
Hi,
the same configuration with old proxy server machine is ok but with new
machine (always the same version of Fedora, Squid and SquidGuard) not
functionally !!
thanks again.
--
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Tues
..sorry but I have forget in squid.conf:
redirect_program /usr/bin/squidGuard
..thanks again.
--
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, November 22, 2005 1:12 PM
Subject: [squid-users] Error tcp_negative on web ser
Hi, I use squid on Fedora Core 1:
squid-2.5.STABLE3-2
squidguard-1.2.0-2
.. my squid.conf is:
http_port 10.0.0.121:3128
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl windowsupdate dstdomain .windowsupdate.microsoft.com
no_cache deny windowsupdate
acl all src 0.0.0.0/0.0.0.0
acl man
Hi, on Fedora Core I have installed squid-2.5.STABLE3 and all it's ok, but
sometimes I have a problem with internal dns and squid.
On machine fw/proxy I have configured the ip address of internal dns server and
in squid.conf I don'u use dns_nameserver, in fact I have:
#Default:
# none
# dns_nam
Hi,
the problem is in SeLinux protection, in fact if disable this protetion for
squid demon all to start with success and this situation is present on all fc3.
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To: "Squid Users"
Sent:
Hi,
.. can I to try other or there isn't a solution ??
still thanks.
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To: "Henrik Nordstrom" <[EMAIL PROTECTED]>
Cc: "Squid Users"
Sent: Monday, May 30, 2005 11:57 AM
"Henrik Nordstrom" wrote:
> > I have installed squid and squidguard from rpm file, pheraps this is a
> > problem ??
>
> Which RPM on what distribution?
squidguard-1.2.0-2.1.fc3.rf.i386.rpm for Fedora Core 3
> Then /usr/sbin/squid is not a valid squid binary, or not for your OS.
..also squid
"Khawar Nehal" wrote:
> Everything is set to squid and the squid account is not available.
>
> Do adduser squid
.. the user 'squid' is already present, in fact in /etc/passwd there is:
squid:x:23:23::/var/spool/squid:/sbin/nologin
..how can I make ?? delete and create again the user 'squid' ?
"squidrunner support" wrote:
> To help you out on this, just start your squid binary
> as,
>
> ./squid -NCd10
..but I have installed with rpm file
> What you are getting out there.
>
> 1. You have configured cache_effective_user and
> cache_effective_group as squid
yes
> 2. Change all perm
"Henrik Nordstrom" wrote:
> Nothing more? If not something is wrong with your binary. Reinstall Squid.
I have installed squid and squidguard from rpm file, pheraps this is a problem
??
> What about
>
> /usr/sbin/squid -v
..nothing.
thanks.
Salvatore.
"PF" wrote:
> Nothing much would be known if you send a mail that squid is not starting.
> Reply back with the error that you're getting so that we know what's the
> actual problem is
..you have reason but I try to give to all the information that can be useful
to understand my problem, unfo
"Henrik Nordstrom" wrote:
> What error(s) do you see?
>
>/usr/local/squid/sbin/squid -DNYCd3
#/usr/sbin/squid -DNYCd3
Abortito
Salvatore.
"squidrunner support" wrote:
> You are changed squid.conf to root but changed
> permission of binary to another squid:squid??
..now I have:
[EMAIL PROTECTED] ~]# ls -l /etc/squid/
totale 604
-rw-r- 1 root squid367 16 mag 21:59 cachemgr.conf
lrwxrwxrwx 1 root root 22 20 mag 17:40 i
"PF" wrote:
> Do you know where the blacklist's, the logs directory and squidGuard.conf
> is located? All the directories need to be owned by squid
>
> So just chown -R squid:squid directory
>
[EMAIL PROTECTED] ~]# ls -l /etc/squid/squidguard.conf
-rw-r--r-- 1 root root 2569 23 mag 15:24 /etc/
"PF" wrote:
> Are all the squidGuard files including the log directory, squidGuard.conf
> and the blacklist files owned by the user squid? If you've used the
> defaults to install squidGuard, it would have got installed at
> /local/squidGuard
>
> chown squid:squid -R /local/squidGuard
...I have
Hi, sorry but pheraps now I have created a confusion with many test, now the
situation is the following:
[EMAIL PROTECTED] ~]# /etc/init.d/squid start
Avvio di squid: [FALLITO]
[EMAIL PROTECTED] ~]# ls -l /usr/sbin/squid
-rwxr-xr-x 1 root root 646564 16
"squidrunner support" wrote:
> What is your cache_effective_user and
> cache_effective_group in squid.conf configuration?
..in the squid.conf I have the default parameter, therefore :
# cache_effective_user squid
# cache_effective_group squid
.. still thanks.
Salvatore.
Hi, I have made a test on another machine but always with fc3 and same version
of squid and squidguard and I have had the same problem !!.
thanks.
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Monday, May 23, 2005 2:04 PM
Subject:
Hi, I use squid 2.5-stable 3 on fc1 (with redirect to squidguard), on some web
site it isn't possible to visualize some images with link towards other
addresses, for example:
www.gazzetta.it
.. in access.log:
10.0.0.15 - - [24/May/2005:16:57:20 +0200] "GET
http://www.gazzetta.it/gazzetta/new
Hi, sorry for my insistence but there isn't solution for my problem ??
still thanks.
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To:
Sent: Thursday, May 19, 2005 12:13 PM
Subject: [squid-users] Permission denied on squidguard
Hi, I u
Hi, I use Fedora Core 3 with:
squid-2.5.STABLE6
squidguard-1.2.0-2.1
..when:
[EMAIL PROTECTED] ~]# /etc/rc.d/init.d/squid start
Avvio di squid: /etc/rc.d/init.d/squid: line 53: 3932 Abortito
$SQUID $SQUID_OPTS >>/var/log/squid/squid.out 2>&1
"Matus UHLAR - fantomas" wrote:
> You must allow manager from the machine where cachemgr.cgi runs, not where
> you connect to cachemgr.cgi - if you want to restrict requests for
> cachemgr.cgi, you must do that on httpd level.
..many thanks !! now it's all ok !!
still thanks.
Salvatore.
Hi, I have need of your aid about the use of black list, I have tried to use
those downloaded from squidguard site and from squidblock but without
happening, first does not bring back many Italians sites (.it) and second the
modernized creed is not a lot.
Thanks.
Salvatore.
"Matus UHLAR - fantomas" wrote:
> Aha... did you allow manager from 10.0.0.254 ?
..no, I would want to enable the management from address 10.0.0.15 (ip of my
machine in the lan), while 10.0.0.254 are inner IP address of the machine with
fw/squid. I have configured squid in this mode:
acl mana
"Matus UHLAR - fantomas" wrote:
> if you only listen on 127.0.0.1, you (and the cachenmgr) can't connect to
> 10.0.0.254 because squid is not listening there. You have to connect to
> 127.0.0.1 with cachemgr, which will only work if cachemgr runs on the same
> machine as squid (iirc it does)
.. I
.. there is a few news for my problem ??
still thanks.
Salvatore.
- Original Message -
From: "sasa" <[EMAIL PROTECTED]>
To: "Squid Users"
Sent: Friday, April 22, 2005 1:02 AM
Subject: Re: [squid-users] Cache isn't used
"Matus UHLAR - fant
"Matus UHLAR - fantomas" wrote:
> yes, unless you want to use this squid as a sibling for other squid
..I have tried with in squid.conf:
http_port 127.0.0.1:3128
and in httpd.conf:
listen 127.0.0.1:80
..but when on the firewall/proxy box in the browser I use:
http://127.0.0.1/cgi-bin/cachemg
I have a problem with https (http redirect to https web site), the error
message is:
The requested URL could not be retrieved
While trying to retrieve the URL:
The following error was encountered:
Unable to determine IP address from host name for http
The dnsserver returned:
Server Failure
"Henrik Nordstrom" wrote:
> No, you also need the http_port where your clients should contact Squid.
.. yes, in fact in my browser the proxy configuration is:
10.0.0.1:3128
..but in this mode the browser it does not use squid cache.
still thanks.
Salvatore.
"Matus UHLAR - fantomas" wrote:
> Only for your local machine. And I do not see any reason to use ICP then
..therefore you say to use in squid.conf only:
http_port 127.0.0.1:3128
..only this ??
still thanks.
Salvatore.
"Henrik Nordstrom" wrote:
> Then you need to enter 10.0.0.1 as server and 3128 as port, and also to
> modify your squid.conf to allow 10.0.0.1 as cache manager.
..therefore if I have understood well I must to use in squid.conf:
http_port 10.0.0.1:3128
icp_port 10.0.0.1:3130
or ..
> Alternati
"Henrik Nordstrom" write:
> Then the address + port combination is not correct. See http_port in your
> squid.conf
.. in squid.conf I have:
http_port 10.0.0.1:3128
and in httpd.conf I have:
listen 10.0.0.1:80
.. and I have tried with also:
listen localhost:80
..where is the error ??
..sti
"Henrik Nordstrom" wrote:
> Then enter localhost as the server address and the suggested default rules
> will be fine.
I am sorry for disturbance again but also with in httpd.conf use 'localhost'
the result on firewall/proxy machine:
Cache Manager Error
connect: (111) Connection refused
..sti
"Henrik Nordstrom" wrote:
> These needs to be based on where you run cachemgr.cgi, not which station
> you run the browser at.
.. sorry but pheraps I don't understand !, cachemgr.cgi it's executed on
firwall/proxy machine, the permission on cachemgr.cgi are:
-rwxr-xr-x root root
..still thank
"Henrik Nordstrom" wrote:
> See your squid.conf for the manager acls.
.. I have controlled more times the acl but I do not succeed to find the
problem, now in squid.conf I have:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl sasab src 10.0.0.15/255.255.255.255
acl localhost src
"Henrik Nordstrom" wrote:
> http://www.squid-cache.org/Doc/FAQ/FAQ-9.html
I have read FAQ and option for cachemgr in squid.conf.default but I still have
problems, I have copied "cachemgr.cgi" from "/usr/lib/squid/" to
"/var/www/cgi-bin", and then in squid.conf I have inserted:
acl manager prot
"Henrik Nordstrom" wrote:
> Are you using authentication? Then try disable
> client_persistent_connections to workaround broken MSIE browsers having
> this symptom..
.. no I don't use a authentication, if I have understood you well me councils
to use:
client_persistent_connections off
it i
"Elsen Marc" wrote:
>Check : cachemg -> General runtime information.
>
> Look for 'Internal Data Structures' ; what is the value
> for 'on-disk objects' ?
.. I am sorry for my banal question but how I can to use cachemgr.cgi for to
have an information about proxy cache ?? :-(
still thanks.
"Bin Liu" wrote:
> > .. I use transparent proxy, this is a problem ??
> Yes, this IS a problem.
.. now I have configured the browser with IP address of the proxy server and
with port 3128 and there are not more problems in the access to the protocol
https !!, but now I ask if I can maintain thi
"Henrik Nordstrom" wrote:
> https is seen as CONNECT in the access log.
.. but also like CONNECT there isn't nothing
> Your browser must be configured to use the proxy.
.. I use transparent proxy, this is a problem ??
still thanks.
Salvatore.
"Elsen Marc" wrote:
> If you think, that may be an issue, then try with
>a singe site (e.g) :
>
> https://www.swiss.com/
>
>Verify access log.
.. when for first time I have tried to connect web site not are successful
while the second time, has opened the relative certificate window and is
ionid=4fe3%3A425b8626%3A9dd5b862fade372?
HTTP/1.1" 200 3268 TCP_MISS:DIRECT
.. why it does not appear nothing about https ??
still thanks.
Salvatore.
- Original Message -----
From: "Henrik Nordstrom" <[EMAIL PROTECTED]>
To: "sasa" <[EMAIL PROTECTED]
Hi, in my configuration the cache isn't never used.
In squid.conf:
cache_dir ufs /var/spool/squid 100 16 256
.. the dir cache exist and:
[EMAIL PROTECTED] root]# ls -l /var/spool/squid
totale 68
drwxr-xr-x 258 squidsquid4096 11 apr 23:28 00
drwxr-xr-x 258 squidsquid4096
"Henrik Nordstrom" wrote:
> Works here using mozilla and squid 2.5.STABLE9+patches on Linux-2.4.
.. but with Squid 2.5 stable3 and IE 6 isn't possible to have same result such
with mozilla and squid 2.5.STABLE9+patches ??
thanks.
Salvatore.
Hi, when I have a problem with the following web site:
www.bol.it
..after when I try to connect a 'login page' (the link is on head page) I do
not succeed to visualize the web page and I have:
The Page cannot be displayed
.. and then in access.log there isn't an information about this !!
I sq
Hi, when from pc on my lan I try:
http://www.mysite.com
I received:
ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: http://www.mysite.com/
The following error was encountered:
Connection Failed
The system returned:
(111) Connection refusedThe remote host or netw
"Elsen Marc" wrote:
> Perhaps not relevant to your config, but
> interesting knowledge stuff :
>
> http://www.squid-cache.org/Doc/FAQ/FAQ-11.html#ss11.54
.. I have read this FAQ but I have not resolved my problem, this solution is
valid also for 'transparent proxy' ?
.. in my situation:
C:\Docu
Hi, I use Squid 2.5 stable3 (transparent proxy) and I have a problem with
Windows Update (0xc80003fa or 0x80072EE2 or other) from windows xp and
windows2000.
I have read all the threads where he speaks himself about this problem but they
are not successful to resolve the problem.
This problem i
Hi, also I have the same problem, if in sqid.conf use:
dns_nameservers external_ip_dns
... all it's ok, if instead use the internal DNS server (that's present in
resolv.conf) then I have problems, also I use fc1 and the version of squid is:
Squid 2.5 stable3
..for this reason had opened the t
Hi, I use Squid 2.5 stable3 on Fedora Core 1 and I have a problem with name
resolution.
If I disable squid I haven't a problem with all web sites, but when I enable
squid (transparent proxy) I view all web sites for only few minutes after which
I don't view nobody web sites ! why ??
I use on the
Hi, I use squid and squidguard .. my question is if possible with
webmin+webalizer (or only webmin or only webalizer or another software) to have
a report in html format what say me for every ip address in the my lan which
sites have been visit.
Thanks.
Salvatore.
"Henrik Nordstrom" wrote:
> Try the following workaround
>
> header_access Accept-Encoding deny all
.. unfortunately only disabled the following parameters:
#header_access User-Agent deny all
#header_access Via deny all
#header_replace User-Agent Mozilla/4.0 (Windows NT)
... it's possible to v
"sasa" wrote:
>Hi, I have a problem with same web sites, in particular on a web site in the
>access.log:
...sorry for my question, the problema was in User-Agent.
thanks.
Salvatore.
Hi, I have a problem with same web sites, in particular on a web site in the
access.log:
111769715.777425 10.0.0.15 TCP_MISS/200 1145 GET
http://it.ingrammicro.com/corporate/corporate.jsp - DIRECT/63.101.150.50
text/html
769716.381432 10.0.0.15 TCP_MISS/200 804 GET
http://it.ingrammi
"Elsen Marc" wrote:
> What do you mean by "don't pass for squid" ?
..because with proxy active I don't succeed one web site correctly
> Note that always_direct relates to whether or not
> cache peers are used.
..sorry, I had understood what with always_direct I could by-pass the proxy
server
I have the necessity to don't pass for squid (squid-2.5.STABLE3-2 with
squidguard) the request towards a one web site and for this reason I have used
'always_direct'
acl external-servers dstdomain www.xxx.com
always_direct allow external-servers
... but he does not work fine, I have read the a
"sasa" wrote:
>I think that the problem is present before to insert user/password, whitout
>Proxy I view the web page with >toolbar, this toolbar (Home, Chi Siamo, News
>etc) is on the top page, with Proxy I don't view the toolbar
>(same result without Proxy but
"Matus UHLAR - fantomas" wrote:
> 1. when you are asking new question, post a new mail, do not reply any
> other mail. It breaks threading.
...sorry for my distraction.
> that looks like javascript error. However it's hard to find out the
> problem without login/password...
I think that the pr
Hi, when I use a squid I do not succeed to visualize correctly one web page
with .jsp (same result with Internet Explore and Firefox last version), error
is:
Errore: Event non รจ definito
Codice 0
URL:it.ingrammicro.com/IT/corporate/jsp/navbar/c_headernavbar.jsp?printMarkup=n
Errore: 'window.doc
"sasa" wrote:
>#/usr/sbin/squid -NCd1
>...
>2005/03/09 18:31:35| Completed Validation Procedure
>2005/03/09 18:31:35| Validated 0 Entries
>2005/03/09 18:31:35| store_swap_size = 0k
>2005/03/09 18:31:36| storeLateRelease: released 0 objects
>
>.. and then no
"sasa" wrote:
>#/usr/sbin/squid -NCd1
>...
>2005/03/09 18:31:35| Completed Validation Procedure
>2005/03/09 18:31:35| Validated 0 Entries
>2005/03/09 18:31:35| store_swap_size = 0k
>2005/03/09 18:31:36| storeLateRelease: released 0 objects
>
>.. and then n
Hi, I use Squid from few time and my question perhaps is banal (squid STABLE3
on Fedora Core1), when I excute:
#/usr/sbin/squid -NCd1
...
2005/03/09 18:31:35| Completed Validation Procedure
2005/03/09 18:31:35| Validated 0 Entries
2005/03/09 18:31:35| store_swap_size = 0k
2005/03/09 18:31:3
Hi and thanks for your support ..
> - Try to start squid manually, using the binary (.../squid)
>- Check cache.log
..from log I have viewed the problem is in the parameter "visible hostname"
Still thanks.
Salvatore.
Hi, I have installed Squid on FC with .rpm., but when I try to start Squid I
have the following error:
[EMAIL PROTECTED] root]# /etc/init.d/squid start
init_cache_dir /var/spool/squid... /etc/init.d/squid: line 162: 1936 Abortito
$SQUID -z -F -D 2>/dev/null
Avvio di squid: /etc/i
80 matches
Mail list logo