On 9/21/13 1:21 PM, Chris Bennett wrote:
This is simpler to fix since Squid can do anything DG can (just
differently) you can drop the DG component entirely and just use
Squid access controls.
Can Squid do weighted phraselists through it's ACL features? That's
one of the major features of DG.
On 24.08.2012 23:03, Rafael Gomes wrote:
How Rafael!
To handle huge list of domain or url, squid is a good option? Or I
really need use SquidGuard for this?
Why not to try ICAP complement servers designed specifically for content
filtering? Like those on http://www.squid-cache.org/Misc/icap
vi /usr/local/bin/rewrite.php
01 #!/usr/bin/php
02 10 if ( strpos($temp[0], "google.com") !== false && strpos($temp[0],
"q=") !== false ) {
11 $output = $temp[0] . "&safe=strict\n";
12 }
13 echo $output;
14 } ?>
chmod +x /usr/local/bin/rewrite.ph
Hi,
May be this is of any help? (it uses centos 6 and ad 2008 and samba NOT
mskutils)
http://www.howtoforge.com/web-filtering-on-squid-3-with-quintolabs-content-security-1.4-and-windows-active-directory-integration
On 24.06.2012 15:06, Navas wrote:
One more thing I am using Samba, I could no
QuintoLabs is happy to announce availability of Hot Fix 2 for QuintoLabs
Content Security 2.0 for Squid Proxy Server. This release contains the
following improvements:
1. Installation on Ubuntu 12.04 now runs correctly.
2. Better handling of user names with dashes and dots in
rep
On 4/4/2012 12:52 PM, Eliezer Croitoru wrote:
On 04/04/2012 13:07, JC Putter wrote:
Jasper,
Sorry to jump in here as the email was addressed to Amos,
We run a configuration very similar to what you want, we use NTLM auth
with squid and dansguardian,
Client> dansguardian> Squid> internet
and
Hi Jasper,
Why not to enable the authentication for all (possibly single sign on),
group them into groups and use external acl to separate access rights?
In this case they no one will get authentication popups and blocked
sites will be clearly indicated with "Cache access denied message"?
S
On 3/23/2012 9:04 AM, JC Putter wrote:
Hi,
We are using squid with Kerberos authentication (AD). What is a good content
filter to use these days? Dansguardian seems to lack Kerberos support. Is
squidguard development is active?
:) my bit of salt is qlproxy
Maybe this is of any help:
http://www.howtoforge.com/web-filtering-on-squid-3-with-quintolabs-content-security-1.4-and-windows-active-directory-integration
Best regards,
sich
On 3/11/2012 1:50 PM, Benjamin E. Nichols wrote:
Well you could begin by enabling squids built in blacklisting feature
and then add all known torrent tracker domains to the blacklist, that
would be a good start
And then I think you can use another blacklisting method based on regex
to block *to
I use "squidGuard" with its database p.e. for porn and/or proxies. It's
simple to use it under "squid".
Also if you believe ICAP is the way to follow I'd recomment qlproxy (as
ICAP companion server for Squid).
Best regards,
sich
I need something free.
try qlproxy - can be chained with C-ICAP antivirus but this will
probably slow things down :(
best regards
sich
250 users is not large for Squid. Any of the production releases should
be able to handle that many without causing much of a CPU bump on modern
hardware. I think you can start with one Squid process and expand to
more if you find it stressing the machines. More likely you will need
more DansGua
?
full blown though for your needs...
best regards,
sichent
On 1/4/2012 3:00 PM, Christian Kasper wrote:
Hmmm,
I mean, i want to vscan the ssl traffic and maybe
avoid download of special filetypes in the same step.
I want to use dansguardian to solve this problem.
Momentary my Client connect to dansquardian, then to squid - sslbumps
to clamav. All http T
On 12/19/2011 9:00 AM, Josef Karliak wrote:
Hi there,
We may plan to active authorization for users to the internet against
Windows AD, running on Windows server 2008R2. I'm running squid on
opensuse 11.4 64-bit. I've found some how-to, many of them solve it by
ntlm-auth (not in opensuse, but the
Hello Roman,
I would dare to propose qlproxy from quintolabs, although it is not yet
open source but completely free with community support.
It uses ICAP to plug into Squid.
Best regards,
sich
On 11/29/2011 5:21 PM, Roman Gelfand wrote:
Can somebody recommend an opensource content filtering
Hello Squid Users!
QuintoLabs Content Security 1.4.2 is released today November 21st, 2011.
This release includes revised and greatly updated reports module. There
are now for different groups of reports (blocked modules, users, IP
addresses and domains). Reports are created in real time altho
Hallo,
SELinux enabled?
Best regards,
sich
On 10/21/2011 12:50 PM, Adam Binks wrote:
Hi,
I hope somebody can help :)
CentOS 5.5 (2.6.18-194.el5)
Squid Cache: Version 2.6.STABLE21
SquidGuard: 1.4 Sleepycat Software: Berkeley DB 4.3.29
I have installed squid& squidGuard (as above) and I am ha
qlproxy is good in ERASING banners :)
best regards
sich
On 10/14/2011 11:31 AM, senthil kumar wrote:
Hello Team,
In our office we have about 100 users using transparent proxy.
Can anyone recommend the best strategy to add banners, advertisements
in the web pages users browse?
I think it can
Hello :)!
...
Is there any documents on eCAP program?
...
i recommend building the sample, compiling squid with it and trying to
do some simple things... it should be enough to get the idea :)
best regards,
sich
Hello Squid users,
Here is the info about new release of QuintoLabs Content Security which
may be interesting to some Squid users who use or plan to use ICAP in
their deployments.
FYI
QuintoLabs Content Security is an ICAP daemon/URL rewriter that
integrates with existing Squid Proxy Serve
On 8/29/2011 5:39 PM, alexus wrote:
as simple/dumb way of filtering, can i filter domains for certain keywords?
how would I implement this into my squid.conf right away?
the QuintoLabs Content Security (ICAP) does it:
- by domain name
- by category (categories are updated regularly)
- by banne
On 8/27/2011 10:33 PM, alexus wrote:
is there a blacklist of URLs/IPs that contains say an adults sites? I
need to be able to feed that into my squid, people abusing it with
surfing porn! i dont have anything against porn but not through my
proxy (especially when I gotta pay for traffic)
Hi al
On 6/23/2011 7:15 AM, roots...@mail.ru wrote:
Hello all!
I am trying to set up redirects from denied domains to our local web-server
page. Redirect works, but he don't show pictures from new website, don't use js
scripts from new site and etc
For first time I used such redirector:
You may al
SKIPPED Unfortunately
some of these students figured out how to disable proxy which was set
on these computers, since on OSes we use there is no way how to
prevent them to do so. Last line of "defense" remains DNS which system
prevents them to change.
my two cents
transparent squid + ICAP, ECAP
Hello Squid group users!
Thought this may be interesting to some Squid users who use or plan to
use ICAP in their deployments.
Best regards,
sich
---
QuintoLabs released the next version of Content Security 1.3 for Squid
Proxy Server. This version adds several new featur
Setup: Gentoo linux OS on squid and privoxy home lan server
Squid-3.1.12
privoxy-3.0.17
I'm not running an html server, just trying to use squid and privoxy
for my own browsing.
Why not to use ICAP or URL rewriter functionality built into Squid to
achieve the same results a
+ ICAP compliant policy for
qlproxy... seems not a very easy thing to do...
So how does Squid + Dansguarian work with SELinux on CentOS 5.6?
Best regards,
sichent
> the main problem with a proxy server is the RealTime of it and a VM
> as proxy can work in almost RT response time and in many case will
> be enough.
> but it's not a solution for a RT server on an ISP class or
> ENTERPRISE CLASS.
Well you probably right but... in these kinds of environments t
Well, thanks for the pointer, But as far as I can see there, it's a
installer, how did you generate the binary?
Well we got the binaries from Acme Consulting (link from squid web site)
they seem to have quite thorough instructions on how to built the
sources
I'm surprised no one has b
On 4/25/2011 9:26 PM, Yucong Sun (叶雨飞) wrote:
Hi there,
Is there any effort now to port 3.1 to windows?
I know there's one for 2.7, and be struggling to get it compile on
vs2010 and win7 sdk.
But it is so complicated and horribly broken by new CRT security
features (which can be fixed by addin
Well the Wix MSI toolset is GPL so here is the link:
http://squidwindowsmsi.sourceforge.net/
For now it includes the latest 2.7... and let me take a look at the bugs
to see if I may put some efforts in it... (kind of overloaded at the
daily job though... :( ).
best regards
sich
This is a
Hello leute,
I have created a MSI installation package builing instructions and
sourceforge project to wrap the latest windows build from Squid/Acme
Consulting into MSI suitable for deployment on Windows...
not sure how may folks out there are interested. Shall I post the link
here or it wil
On 3/8/2011 6:10 PM, bwright wrote:
It does do true content filtering... I was going to start looking into the
details (like if it can get users/groups from A.D. or squid)
but then I noticed it cost $$$ (and I would prefer avoid spending $$$ on the
project).
--
View this message in context:
easily used.
Best regards,
sich
On 25/11/10 09:00, sichent wrote:
Hello Dan,
I am now playing with a sample e-cap module for my own needs and would
be happy to provide a solution for you (otherwise I would need to think
out a problem myself :) . If you are interested please describe the
regards,
sichent
1. Is there another way to rewrite the domain (Location header) in
301/302 redirects? (My guess is no, but creative solutions would be
appreciated)
2. Does anyone have an existing patch for 3.1.x to add the
location_rewrite_program features to 3.1.x branch that they would be
37 matches
Mail list logo
