> I don't know if the compressed and archived *.gz log files are supposed
> to be erased some time. Anyway, I'd like to make sure they are kept at
> least for one full year.
>
> Where is this defined ?
>
It's the logrotate system. Look in /etc/logrotate.conf and
/etc/logrotate.d/ and 'man
Hi,
I have Squid running on several CentOS proxy servers. Here's what the
Squid log file directory looks like on my own server:
access.log
access.log-20180311.gz
access.log-20180319.gz
access.log-20180429.gz
access.log-20180506.gz
access.log-20180514.gz
cache.log
cache.log-20180416.gz
Le 14/03/2018 à 14:40, m.r...@5-cent.us a écrit :
> Stupid questions:
>0. Does http://nestor.microlinux.lan/avertissement.html exist?
>1. What are its ownership and group?
>2. Can Apache access that directory and file?
>
> mark
Problem solved.
Le 14/03/2018 à 14:40, m.r...@5-cent.us a écrit :
> Stupid questions:
>0. Does http://nestor.microlinux.lan/avertissement.html exist?
>1. What are its ownership and group?
>2. Can Apache access that directory and file?
>
> mark
OK, I found the solution. Apparently I have to use a
Le 14/03/2018 à 14:40, m.r...@5-cent.us a écrit :
> Stupid questions:
>0. Does http://nestor.microlinux.lan/avertissement.html exist?
>1. What are its ownership and group?
>2. Can Apache access that directory and file?
>
> mark
Yes, the page exists, and it can be opened from any
Nicolas Kovacs wrote:
> Hi,
>
> I've been working with Squid + SquidGuard for a few years, though only
> on Slackware. I'm currently transferring my proxy expertise to CentOS 7,
> and right now I'm having a little problem with that.
>
> Squid works perfectly so far as a transparent HTTP + HTTPS
Hi,
I've been working with Squid + SquidGuard for a few years, though only
on Slackware. I'm currently transferring my proxy expertise to CentOS 7,
and right now I'm having a little problem with that.
Squid works perfectly so far as a transparent HTTP + HTTPS cache proxy.
The next step is to
Le 12/03/2018 à 10:37, Nux! a écrit :
> Another idea - but this gets complicated and with that, prone to
> faults - use a simple shell script to resolve the desired domains and
> keep their IPs in an ipset, then use the ipset in your firewall
> rules, this way you can keep your iptables rules
and simply add or remove IPs
from the ipset.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
- Original Message -
> From: "Nicolas Kovacs" <i...@microlinux.fr>
> To: "CentOS mailing list" <centos@centos.org>
> Sent: Sunday, 11 Ma
On Sun, March 11, 2018 7:09 am, Leon Fauster wrote:
> Am 11.03.2018 um 11:53 schrieb Nicolas Kovacs :
>>
>> I've experimented some more, and I have a partial success. Here, I'm
>> redirecting all HTTPS traffic *except* the one that goes to my bank:
>>
>> iptables -A PREROUTING
Le 11/03/2018 à 13:09, Leon Fauster a écrit :
> It is not a good practice to place domain names into iptables rules. Define
> a custom table, place this table into your rule list (to stick at the right
> place) and feed that table with the resolved domain names. This can be
> altered
> while
Am 11.03.2018 um 11:53 schrieb Nicolas Kovacs :
>
> I've experimented some more, and I have a partial success. Here, I'm
> redirecting all HTTPS traffic *except* the one that goes to my bank:
>
> iptables -A PREROUTING -t nat -i $IFACE_LAN -p tcp ! -d
>
Le 11/03/2018 à 11:01, Nicolas Kovacs a écrit :
> So here's what I want to do, in plain words:
>
> 1. Redirect all HTTP traffic (port 80) to port 3128. So far so good.
>
> 2. Redirect all HTTPS traffic (port 443) to port 3129. Equally OK.
>
> AND...
>
> 3. DO NOT REDIRECT traffic that goes to
Hi,
I'm currently facing a quite tricky problem. Here goes.
I have setup Squid as a transparent HTTP+HTTPS proxy in my local
network. All web traffic gets handed over to Squid by an iptables script
on the server. Here's the relevant section in /etc/squid/squid.conf:
Hello Nicolas,
On Wed, 28 Feb 2018 23:38:19 +0100 Nicolas Kovacs wrote:
> Le 28/02/2018 à 22:32, Itamar Reis Peixoto a écrit :
> > I recommend everyone in France to spend their money on a school with
> > free internet.
>
> I'm not sure I understand. Our students sure
Le 08/03/2018 à 19:09, Leon Fauster a écrit :
> Just to rephrase my implicit question: Does your setup works for the
> combination Chrome browser and google.com?
>
> Or in general, what are the limits of your described setup. Just
> curious ...
Works perfectly.
Am 08.03.2018 um 18:07 schrieb Nicolas Kovacs :
>
> Guys. This is the CentOS mailing list, a place to discuss technical
> questions... such as web content filtering.
Just to rephrase my implicit question: Does your setup works for the
combination Chrome browser and
Le 08/03/2018 à 17:15, hw a écrit :
> But you aren´t broadcasting messages, or are you?
>
> If they mean something like "make data accessible", the only way to
> be compliant with such a law is by not providing public access. How
> do you distinguish between things that are contrary to basic
Nicolas Kovacs wrote:
Le 08/03/2018 à 11:30, hw a écrit :
The government says you must use squidguard to filter something?
The law in France (Code Pénal, article 227-24) states that a public
network is not allowed to broadcast messages containing violence,
pornography or any content contrary
On 03/08/18 06:09, Nicolas Kovacs wrote:
Le 08/03/2018 à 11:30, hw a écrit :
The government says you must use squidguard to filter something?
The law in France (Code Pénal, article 227-24) states that a public
network is not allowed to broadcast messages containing violence,
pornography or
Le 08/03/2018 à 11:30, hw a écrit :
> The government says you must use squidguard to filter something?
The law in France (Code Pénal, article 227-24) states that a public
network is not allowed to broadcast messages containing violence,
pornography or any content contrary to basic human dignity,
Nicolas Kovacs wrote:
Le 06/03/2018 à 18:48, hw a écrit :
And how do you get a list of IPs from which data could be retrieved
which the students are not supposed to see?
How is this done anyway, does the government give out a list of URLs
or IPs which you are required to block? If not, what
Le 06/03/2018 à 18:48, hw a écrit :
> And how do you get a list of IPs from which data could be retrieved
> which the students are not supposed to see?
>
> How is this done anyway, does the government give out a list of URLs
> or IPs which you are required to block? If not, what if you overlook
Valeri Galtsev wrote:
On 03/05/18 08:34, Bill Gee wrote:
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of
Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS filtering ? Any suggestions,
advice, caveats, do's and don'ts ?
After a
Wouldn't filtering the DNS be more practical?
On 5 March 2018 at 18:57, Leon Fauster wrote:
>
> > Am 05.03.2018 um 15:34 schrieb Bill Gee :
> >
> >
> > On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
> >> Am 05.03.2018 um 13:04
of you do transparent HTTPS filtering ? Any suggestions, advice,
caveats, do's and don'ts ?
Cheers from the snowy South of France,
Niki
I made a video on doing this yesterday on Debian. If you skip the part
about the Debian install and use the CentOS Squid 3.5 packages from the
binary package
> Am 05.03.2018 um 15:34 schrieb Bill Gee :
>
>
> On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
>> Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
>>> Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to
On 03/05/18 10:21, Nicolas Kovacs wrote:
Le 05/03/2018 à 16:30, Valeri Galtsev a écrit :
Sorry, I missed the beginning of this thread. This sounds to me like
running one's own Certification Authority. I did that a while ago for
over a decade. However, these days one may consider
Le 05/03/2018 à 16:30, Valeri Galtsev a écrit :
> Sorry, I missed the beginning of this thread. This sounds to me like
> running one's own Certification Authority. I did that a while ago for
> over a decade. However, these days one may consider
>
> https://letsencrypt.org/
>
> - you will have to
On 03/05/18 08:34, Bill Gee wrote:
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS
On 03/05/18 07:23, Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS filtering ? Any suggestions,
advice, caveats, do's and
The certificate should have *CA:true* set for act a CA for dynamic signing
certificates by Squid.
Most probably, Let's Encrypt will ignore this constraint in CSR.
2018-03-05 12:33 GMT-03:00 Chris Adams :
> Once upon a time, Valeri Galtsev said:
> >
Once upon a time, Valeri Galtsev said:
> https://letsencrypt.org/
>
> - you will have to run web server to have certificate signed by
> them
Not necessarily - we do most of our Let's Encrypt validation with DNS
rather than HTTP.
--
Chris Adams
On 03/05/18 06:34, Nicolas Kovacs wrote:
Le 05/03/2018 à 13:30, Nux! a écrit :
You could probably just drop your CA cert in the filesystem and run a
couple of commands to get it imported, rather than having to import
the CA in the browsers individually. You could probably deliver it
via
Starting with version 3.5 of Squid, was introduced a new feature named
"*SslBump
Peek and Splice*".
With this functionality, Squid is able to intercept HTTPS traffic
transparently (with exceptions, of course).
This manner, Squid, with spike, is able to logging HTTPS traffic and apply
directives
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
> Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
> > Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
> >> So far, I've only been able to filter HTTP.
> >>
> >> Do any of you do transparent HTTPS filtering ? Any
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
>
> Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
>> So far, I've only been able to filter HTTP.
>>
>> Do any of you do transparent HTTPS filtering ? Any suggestions,
>> advice, caveats, do's and don'ts ?
>
> After a week of
Le 05/03/2018 à 13:30, Nux! a écrit :
> You could probably just drop your CA cert in the filesystem and run a
> couple of commands to get it imported, rather than having to import
> the CA in the browsers individually. You could probably deliver it
> via yum/rpm or better yet, ansible or even some
.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
- Original Message -
> From: "Nicolas Kovacs" <i...@microlinux.fr>
> To: "CentOS mailing list" <centos@centos.org>
> Sent: Monday, 5 March, 2018 12:04:59
> Subject: Re: [Cent
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
> So far, I've only been able to filter HTTP.
>
> Do any of you do transparent HTTPS filtering ? Any suggestions,
> advice, caveats, do's and don'ts ?
After a week of trial and error, transparent HTTPS filtering works
perfectly. I wrote a detailed
On Wed, Feb 28, 2018 at 06:43:50PM -0300, Marcelo Ricardo Leitner wrote:
> On Wed, Feb 28, 2018 at 10:23:31PM +0100, Nicolas Kovacs wrote:
> > Hi,
> >
> > I've been running Squid successfully on CentOS 7 (and before that on 6
> > and 5), and it's always been running nicely. I've been using it
Le 28/02/2018 à 22:43, Marcelo Ricardo Leitner a écrit :
> I did some experiments ~2 weeks ago. It worked, but I still need to
> work on the certificates. Squid will re-issue certificates for those
> connections that it intercepts, and if the browser doesn't recognize
> the CA, it's going to
Le 28/02/2018 à 22:32, Itamar Reis Peixoto a écrit :
> I recommend everyone in France to spend their money on a school with
> free internet.
I'm not sure I understand. Our students sure don't pay for accessing the
Internet.
>
> please tell us the name of your school's.
https://www.scholae.fr/
On Wed, Feb 28, 2018 at 10:23:31PM +0100, Nicolas Kovacs wrote:
> Hi,
>
> I've been running Squid successfully on CentOS 7 (and before that on 6
> and 5), and it's always been running nicely. I've been using it mostly
> as a transparent proxy filter in school networks.
>
> So far, I've only been
On 2018-02-28 06:23 PM, Nicolas Kovacs wrote:
Hi,
I've been running Squid successfully on CentOS 7 (and before that on 6
and 5), and it's always been running nicely. I've been using it mostly
as a transparent proxy filter in school networks.
So far, I've only been able to filter HTTP.
Do any
Hi,
I've been running Squid successfully on CentOS 7 (and before that on 6
and 5), and it's always been running nicely. I've been using it mostly
as a transparent proxy filter in school networks.
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS filtering ? Any
Hi Everyone,
I'm trying to get squid + wccp on a Centos 7 box working with a Cisco
router. I've done this before several times using Centos 6 and
iptables, but never on Centos 7 with firewalld.
I've searched far and wide for clear, concise instructions on how to do
what I want in Centos 7. I've
for SSL inception, SSLBump is required:
http://wiki.squid-cache.org/Features/SslBump
This a bit complex to setup. SSL inception is not really good idea to
implement.. I think it will not work with upstream proxy also.
--
Eero
2016-10-29 22:37 GMT+03:00 paul.greene.va
I should have mentioned - this is squid 3.3 running on Centos 7 .
On 10/29/2016 3:37 PM, paul.greene.va wrote:
I'm having issues getting squid to send traffic through a specific
upstream gateway.
I need for a MS WSUS server and a Symantec Endpoint Protection Manager
to get through a
I'm having issues getting squid to send traffic through a specific
upstream gateway.
I need for a MS WSUS server and a Symantec Endpoint Protection Manager
to get through a squid proxy to get out to Microsoft and Symantec
respectively to get MS patches and Symantec DAT files.
The traffic
Hi,
I'm installing a Squid instance for a large (ish) group of users. In the
past I've had to increase the number of available file descriptors for the
Squid process in order to avoid hitting the limits (and disrupting the
service).
It seems that the packaged Squid for CentOS 7 has a hardcoded
Hey There,
I think it would be better asked at squid-users list:
- http://www.squid-cache.org/Support/mailing-lists.html#squid-users
- squid-us...@lists.squid-cache.org
Eliezer Croitoru
On 04/02/2016 15:24, C. L. Martinez wrote:
Hi all,
I am trying to configure squid as a interception
On Thu 4.Feb'16 at 20:24:58 +0200, Eero Volotinen wrote:
> check out sslbump documentation:
> http://wiki.squid-cache.org/Features/SslBump
>
> --
> Eero
>
I have changed my ssl-bump options to "ssl_bump server-first all" only, but
nothing ... It doesn't works.
Any more idea??
--
Greetings,
On Thu, Feb 4, 2016 at 5:36 PM, Tris Hoar wrote:
> On 04/02/2016 13:24, C. L. Martinez wrote:
>>
>> Hi all,
>>
>> I am trying to configure squid as a interception HTTPS proxy under
>> CentOS 7. At every https request, I am receiving a certificate error.
>>
>> My current
Hi all,
I am trying to configure squid as a interception HTTPS proxy under CentOS 7.
At every https request, I am receiving a certificate error.
My current config for squid is:
# My localnet
acl localnet src 172.22.55.0/28
acl localnet src 172.22.58.0/29
acl SSL_ports port 443
acl
On 04/02/2016 13:24, C. L. Martinez wrote:
Hi all,
I am trying to configure squid as a interception HTTPS proxy under CentOS 7.
At every https request, I am receiving a certificate error.
My current config for squid is:
# My localnet
acl localnet src 172.22.55.0/28
acl localnet src
check out sslbump documentation:
http://wiki.squid-cache.org/Features/SslBump
--
Eero
2016-02-04 15:24 GMT+02:00 C. L. Martinez :
> Hi all,
>
> I am trying to configure squid as a interception HTTPS proxy under CentOS
> 7. At every https request, I am receiving a
Hey Niki,
On 07/03/2015 08:37, Niki Kovacs wrote:
The LAN server here already has Iptables configured to redirect HTTP
traffic to 3128 transparently.
Which doesn't actually good.
You should route traffic to the proxy and on the proxy redirect into a
intercept port which should be defined.
Hi,
I recently migrated my office's server from Slackware64 14.1 to CentOS
7. Right now I'm in the process of configuring the Squid web proxy. I
edited the default /etc/squid/squid.conf, and here's what I have so far:
--8--
#
2015-03-06 12:29 GMT-06:00 Niki Kovacs i...@microlinux.fr:
I recently migrated my office's server from Slackware64 14.1 to CentOS 7.
Right now I'm in the process of configuring the Squid web proxy. I edited
the default /etc/squid/squid.conf, and here's what I have so far:
Le 06/03/2015 21:08, Les Mikesell a écrit :
The rpm should have configured logrotate:
rpm -q --list squid |grep logrotate
will show where the config file lands.
OK
The rpm should have created the squid user and group:
rpm -q --scripts squid
will show what it ran to do that.
OK
Take a look at:
http://wiki.squid-cache.org/KnowledgeBase/RedHat
Eliezer
On 06/12/2014 09:38 AM, Götz Reinicke - IT Koordinator wrote:
Hi,
I checked the old config again and cant find any misconfiguration and
did not get any more feedback.
On a centos 6.x system I installed as suggested
Am 11.06.14 17:57, schrieb Arun Khan:
On Wed, Jun 11, 2014 at 7:18 PM, Götz Reinicke - IT Koordinator
goetz.reini...@filmakademie.de wrote:
Am 11.06.14 15:43, schrieb Arun Khan:
CentOS version?
old one 5.10
Squid version?
squid-2.6.STABLE21-6.el5
FWIW, Squid2 supports http 1.0 and
Hi,
I'm a bit confused regarding the connection of a Mac OS X system to the
app store by the app store client.
Squid is configured using ncsa_auth and I can access https and http
websites without a problem.
But the app store app is not logging in. I do get
== /var/log/squid/cache.log ==
On 06/11/14 07:45, Götz Reinicke - IT Koordinator wrote:
Hi,
I'm a bit confused regarding the connection of a Mac OS X system to the
app store by the app store client.
Hi,
I'm a bit confused as to why you're posting a Mac OSX question, and one
that I assume deals with the Apple app
Am 11.06.14 14:02, schrieb mark:
On 06/11/14 07:45, Götz Reinicke - IT Koordinator wrote:
Hi,
I'm a bit confused regarding the connection of a Mac OS X system to the
app store by the app store client.
Hi,
I'm a bit confused as to why you're posting a Mac OSX question, and one
that
Am 11.06.14 15:43, schrieb Arun Khan:
On Wed, Jun 11, 2014 at 5:15 PM, Götz Reinicke - IT Koordinator
goetz.reini...@filmakademie.de wrote:
I'm a bit confused regarding the connection of a Mac OS X system to the
app store by the app store client.
Squid is configured using ncsa_auth and I can
On Wed, Jun 11, 2014 at 5:15 PM, Götz Reinicke - IT Koordinator
goetz.reini...@filmakademie.de wrote:
I'm a bit confused regarding the connection of a Mac OS X system to the
app store by the app store client.
Squid is configured using ncsa_auth and I can access https and http
websites without
On Wed, Jun 11, 2014 at 7:18 PM, Götz Reinicke - IT Koordinator
goetz.reini...@filmakademie.de wrote:
Am 11.06.14 15:43, schrieb Arun Khan:
CentOS version?
old one 5.10
Squid version?
squid-2.6.STABLE21-6.el5
FWIW, Squid2 supports http 1.0 and Squid3 supports http1.1.
My team faced
From: ankush grover ankushcen...@gmail.com
We are trying to cache some files from apple.com like .dmg, .pkg,
.ipa etc.. so that local clients can fetch the data from the cache.
The problem we are facing is that we have download restrictions for
every client to 25 MB during work hours
Thanks Les. I will test your suggestion only thing I need to unable is
sending the original source IP to the parent proxy and not the squid child
proxy ip otherwise all the clients connected to child proxy will have
unlimited download limit.
John,
Delay pools will not work in my case.. Thanks
Any update on this? We are stuck and need help..
Thanks Regards
Ankush
On Wed, Oct 3, 2012 at 9:20 AM, ankush grover ankushcen...@gmail.comwrote:
Hi Friends,
Same question has been asked on the Squid mailing list but so far no reply
on the mailing list so posting it here also.
We are
On Sat, Oct 6, 2012 at 4:56 AM, ankush grover ankushcen...@gmail.com wrote:
Any update on this? We are stuck and need help..
Can you add a second squid instance configured so the one near the
clients caches but does not apply restrictions and the upstream parent
applies the restrictions but
Hi Friends,
Same question has been asked on the Squid mailing list but so far no reply
on the mailing list so posting it here also.
We are trying to cache some files from apple.com like .dmg, .pkg,
.ipa etc.. so that local clients can fetch the data from the cache.
The problem we are facing is
Please verify you resolv.conf
João Rodrigues
On Sat, Jan 21, 2012 at 10:33 PM, Hüvely Balázs balazs.huv...@gmail.comwrote:
Greetings,
I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is
working fine with the default config.
After I decided to use it as a transparent
Greetings,
I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is
working fine with the default config.
After I decided to use it as a transparent proxy, I added two lines to
config: http_proxy 10.0.5.1:3128 transparent, always_direct allow all
http_port 10.0.5.1:3128
The default config won't cache large files. And yum will try to use
different mirrors every time.
Aha. I thought I had it set for no file limit, but I guess using different
mirrors is what is confounding me.
So squid will cache a specific file from a specific site, I guess? And
even if
On Mon, Dec 19, 2011 at 12:39 PM, Alan McKay alan.mc...@gmail.com wrote:
The default config won't cache large files. And yum will try to use
different mirrors every time.
Aha. I thought I had it set for no file limit, but I guess using different
mirrors is what is confounding me.
So
Yes, the default setup really goes out of its way to defeat any
standard caching proxies and make the mirrors do extra work, although
once you accumulate the copies from 5 or 6 sources everything will
work like you expect. That used to bother me but now the mirrors seem
to be insanely fast
On Mon, Dec 19, 2011 at 1:47 PM, Alan McKay alan.mc...@gmail.com wrote:
Yes, the default setup really goes out of its way to defeat any
standard caching proxies and make the mirrors do extra work, although
once you accumulate the copies from 5 or 6 sources everything will
work like you
I have successfully installed Squid 3 on Centos 5.7; and after I follow the
guide:-
https://dvas0004.wordpress.com/2011/03/22/squid-transparent-ssl-interception/.
Now I have the following two lines in my squid.conf:-
http_port Internal_IP:8080 transparent
https_port Internal_IP:3128 ssl-bump
Fawzy Ibrhim writes:
I have Centos 5.7 AMD64; is there a way to have Squid 3 with SSLBump feature
in Centos 5.7? I appreciate any help on that?
3.1? Try this one - http://www.jur-linux.org/rpms/el-updates/5.4/SRPMS/
I'm using the 3.1.15 version here (w/o SSLBump), and it's been working
I have Centos 5.7 AMD64; is there a way to have Squid 3 with SSLBump feature in
Centos 5.7? I appreciate any help on that?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Hi all,
i have problem, after uprade CentOS 5.5 to 5.6, Logrotate don't work
on two proxy servers. I have installed :
squid-2.6.STABLE21-6.el5
logrotate-3.7.4-9.el5_5.2
On first server , squid logs never rotated, config is here
cat /etc/logrotate.d/squid
/var/log/squid/access.log {
weekly
Thks,
It's clear now for me, i have a lot of figths with SELinux, but i need
to learn more, so i don't want deactivate it, allow squit to search
home_root_t seems to be good, so i try to make the correct thinks and
prepare a partition outside the home dir for squid.
A lot of thks for your
Hi Tsuyoshi,
The /home/squid dir have the user_u:object_r:squid_cache_t
The /home dir have the system_u:object_r:home_root_t
This seems that only can be achieved via audit2allow?
A lot of thks for your fast reply.
Regards.
El 01/02/11 02:29, Tsuyoshi Nagata escribió:
Hi Mrcos
(2011/02/01
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/31/2011 08:29 PM, Tsuyoshi Nagata wrote:
Hi Mrcos
(2011/02/01 0:31), Marcos Lois Bermúdez wrote:
semanage fcontext -a -t squid_cache_t '/home/squid(/.*)?'
i check the files and are in the good context:
drwxr-xr-x squid squid
Hi.
I'm trying to setup squid with SELinux, the problem i encounter is taht
i want to add another directory for cache, in this system we have a home
partition with huge space, i create a squid dir and add the path with
semanage:
semanage fcontext -a -t squid_cache_t '/home/squid(/.*)?'
i
Hi Mrcos
(2011/02/01 0:31), Marcos Lois Bermúdez wrote:
semanage fcontext -a -t squid_cache_t '/home/squid(/.*)?'
i check the files and are in the good context:
drwxr-xr-x squid squid user_u:object_r:squid_cache_t.
** drwxr-xr-x squid squid system_u:object_r:home_root_t ..
drwxr-x---
I need to know the meaning of this line in my squid access log
1295267166.311 1069 10.6.50.123 TCP_MISS/200 16623 GET
http://www.mycom.com/sendNews.php? - DIRECT/71.6.196.18 text/html
Thx
___
CentOS mailing list
CentOS@centos.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
madu...@gmail.com said the following on 17/01/11 18:44:
I need to know the meaning of this line in my squid access log
1295267166.311 1069 10.6.50.123 TCP_MISS/200 16623 GET
http://www.mycom.com/sendNews.php? - DIRECT/71.6.196.18 text/html
The
Hi,
Need some help for step by step to configure my squid integrate with Active
Directory at my college.
Could you please help me?
Thank you.
Rgds,
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Wahyu Darmawan wrote:
Hi,
Need some help for step by step to configure my squid integrate with
Active Directory at my college.
Could you please help me?
Thank you.
Rgds,
Integrate how? What's your desired end state?
-- Corey / KB1JWQ
___
On Tue, Nov 3, 2009 at 4:35 PM, Corey Chandler li...@sequestered.netwrote:
Wahyu Darmawan wrote:
Hi,
Need some help for step by step to configure my squid integrate with
Active Directory at my college.
Could you please help me?
Thank you.
Rgds,
Integrate how? What's your
Wahyu Darmawan wrote:
On Tue, Nov 3, 2009 at 4:35 PM, Corey Chandler li...@sequestered.net
mailto:li...@sequestered.net wrote:
Wahyu Darmawan wrote:
Hi,
Need some help for step by step to configure my squid integrate with
Active Directory at my college.
Could you
What kind of help you need?
在2009-11-03,Wahyu Darmawan wahyu.darma...@gmail.com 写道:
Hi,
Need some help for step by step to configure my squid integrate with Active
Directory at my college.
Could you please help me?
Thank you.
Rgds,
___
CentOS
Wahyu Darmawan wrote:
Hi,
Need some help for step by step to configure my squid integrate with
Active Directory at my college.
Could you please help me?
Thank you.
The squid website explains that clearly .. which part don't you
undersand ?
The squid website explains that clearly .. which part don't you
undersand ? http://wiki.squid-cache.org/ConfigExamples/#Authentication
I'll just add that the ntlm helper won't work under Windows 7/Windows Server
2008 R2.
If you are starting from scratch, set up Kerb Auth as that will work with
Hi all,
Good Day for all,
I need Help to Setup Squid proxy as a Gateway Server.
The Idea is to use the (Server and Gateway) configured with Squid to run
using AUTH_Pam or AUTH_ncsa , but additionally we need to filter some access
via group, following the standard filter group used
Filter Group 1
1 - 100 of 134 matches
Mail list logo