which options do you have configured for the auth helper?
Something like:
auth_param negotiate program
/usr/local/libexec/squid/negotiate_kerberos_auth -s GSS_C_NO_NAME -i
Best regards
Klaus
Am Freitag, dem 18.11.2022 um 10:54 +0800 schrieb Михаил:
> Hi David,
>
> Thanks for your advice but
look at your cache.log, after squid is starting, there you can see, how
much filedescriptors are available:
2021/08/31 17:14:36.870 kid1| With 1024 file descriptors available
Maybe there is a file like /etc/default/squid:
SQUID_MAXFD=1024
Regards
Klaus
Am Dienstag, dem 31.08.2021 um 18:10
http://www.squid-cache.org/Doc/config/tcp_outgoing_address/
Simply use for any connection:
tcp_outgoing_address 10.1.0.2 all
Regards
Klaus
Am Sonntag, den 11.04.2021, 17:58 -0400 schrieb Cary Lewis:
> I want to be able to bypass a vpn while using a web browser, so I
> need to be able to
. The config reference says here:
It is currently not possible to apply more than one adaptation
service at the same vectoring point to the same HTTP transaction.
What a shame :)
Klaus
Am Sonntag, den 04.04.2021, 23:29 -0400 schrieb Alex Rousskov:
> On 3/31/21 10:02 AM, Klaus Brandl wr
Klaus Brandl:
> yes, then i get:
>
> 2021/04/01 10:23:53 kid1| Adaptation support is on
> 2021/04/01 10:23:53.421 kid3| ERROR: ERROR: Unknown adaptation name
> pool1 in adaptation chain 'checks'
> 2021/04/01 10:23:53.421 kid4| 93,2| src/adaptation/Config.cc(224)
> FinalizeEach: I
2021/04/01 10:23:53 kid2| Adaptation support is on
2021/04/01 10:23:53.421 kid3| ERROR: ERROR: Unknown adaptation name
pool2 in adaptation chain 'checks'
(and so on...)
Klaus
Am Donnerstag, den 01.04.2021, 20:22 +1300 schrieb Amos Jeffries:
> On 1/04/21 3:02 am, Klaus Brandl wrote:
>
Hi,
is there a way to use more adaptation sets(for redundancy) combined in
an adaptation chain?
What we need is something like this:
icap_service b1 reqmod_precache ...
icap_service b2 reqmod_precache ...
icap_service b3 reqmod_precache ...
icap_service b4 reqmod_precache ...
icap_service m1
The acl for the url must be of type url_regex, or something else:
acl allowedurl url_regex "url.txt"
Regards
Klaus
Am Dienstag, den 23.02.2021, 18:09 + schrieb Arjun K:
> Hi Team
>
> Could you please let me know how to define an acl so that a specific
> set of IPs can access alone a
some similar problem here...
What type of acl do you use for the group selection? Could you please
post the related config lines?
Remember, the client caches also the group informations, i have to
logout/login to let this take effect.
(check with "whoami /groups")
Regards
Klaus
Am Mittwoch,
gt; Can you please clear out what was done to resolve this issue?
>
> Thanks,
> Eliezer
>
>
> Eliezer Croitoru
> Tech Support
> Mobile: +972-5-28704261
> Email: ngtech1...@gmail.com
>
> -Original Message-
> From: squid-users On
> Behalf Of
> > But i think, we have a caching problem here, i found out, that the
> > group
> > informations are only updated on a squid reconfigure.
> >
> > And also the acl note group ... seems to be cached as long as squid
> > is
> > restarted completely. I removed the configured group from the user,
>
tried to add the option "no-netdb-exchange" on your cache_peer line?
On Wednesday 29 July 2020 11:50:20 Contato - KONNTROL wrote:
> Hello Amos/Klaus/Fantomas,
> Thanks for your help.
>
> I have searched for the "via off" and "via on" - The directive was not
> present on the config file but I am
On Thursday 30 July 2020 00:24:52 Amos Jeffries wrote:
> On 29/07/20 11:58 pm, Klaus Brandl wrote:
> > On Wednesday 29 July 2020 23:03:43 Amos Jeffries wrote:
> >> On 29/07/20 8:29 pm, Klaus Brandl wrote:
> >>> Setting an other "visible_hostname" ma
On Wednesday 29 July 2020 23:03:43 Amos Jeffries wrote:
> On 29/07/20 8:29 pm, Klaus Brandl wrote:
> > Setting an other "visible_hostname" may also help.
>
> Why do you think the hostname has any relation to the problem?
because we had also a forwarding loop by connec
On Wednesday 29 July 2020 14:50:11 Amos Jeffries wrote:
> On 29/07/20 1:07 pm, Contato - KONNTROL wrote:
> > Hello Everyone,
> > Greetings.
> >
> > Background:
> > OS - FreeBSD 12.1
> > SQUID ver 4.10
> > OpenSSL 1.0.2u
> >
> > I am trying to use SQUID in front of E2Guardian (content filter)
n out and in again
> or use klist purge ?
>
>
> Markus
>
> "Amos Jeffries" wrote in message
> news:704e36b3-4cd8-611c-0643-231c02045...@treenet.co.nz...
>
> On 25/07/20 2:48 am, Klaus Brandl wrote:
> > sorry, i did not found this script, and th
sorry, i did not found this script, and the binary is not available on our
product, because i'm no developer...
But i think, we have a caching problem here, i found out, that the group
informations are only updated on a squid reconfigure.
And also the acl note group ... seems to be cached as
. Then we have no loadbalancing,
but a fallback solution, what is more important on our systems.
On Friday 24 July 2020 09:53:03 Brett Lymn wrote:
> On Thu, Jul 23, 2020 at 06:07:39PM +0200, Klaus Brandl wrote:
> > But if anyone knows a solution, i will spread my ears :)
>
> What we do is:
Hi Gabriel,
same problem here on our HA systems.
I think, this is caused by kerberos overall, the tickets are always bound to
the hosts realname and address, look at "klist" on your client, and only
exactly this name could be used as proxy entry.
But if anyone knows a solution, i will spread
On Thursday 23 July 2020 00:16:45 Amos Jeffries wrote:
> On 22/07/20 8:59 pm, Klaus Brandl wrote:
> > but i have compared the encoded string from the auth helper with the
> > string at the Proxy-Authentication header from the client with tcpdump,
> > and it's exactly the
On Tuesday 21 July 2020 14:21:46 Alex Rousskov wrote:
> On 7/21/20 10:41 AM, Klaus Brandl wrote:
> > we have a problem with the squid kerberos auth helper and the note acl
> > matching to user groups in an active directory.
> > First the user was in one group, which was config
Hi there,
we have a problem with the squid kerberos auth helper and the note acl
matching to user groups in an active directory.
First the user was in one group, which was configured via the groupSid base64
string as a note acl, and this was working very well.
Then there was added a new group
22 matches
Mail list logo
