Without allow-miss, I get the error:
*Valid document was not found in the cache and only-if-cached directive
was specified.*
Strangely, doing the same on ProxyC causes an Access Denied error...
Rgds
[p]
Amos Jeffries wrote:
Pandu E Poluan wrote:
Okay, some experimentations I made:
I
Pandu E Poluan wrote:
Without allow-miss, I get the error:
*Valid document was not found in the cache and only-if-cached directive
was specified.*
Okay, bet use it then. Should be safe enough in your setup.
Amos
Strangely, doing the same on ProxyC causes an Access Denied error...
Rgds
Ah... I found out the problem (as to Access Denied)...
Somehow I've forgotten to include ProxyC in an http_access statement in
ProxyA...
All is well now...
Thanks for your kind assistance, Amos! :-)
Rgds
[p]
Amos Jeffries wrote:
Pandu E Poluan wrote:
Without allow-miss, I get the error:
HI All,
I am trying to use squid 2.7 in FreeBSD machine. But there is no option
available --enable-ipfw-transparent for configure the squid in
transparent mode. How can we enable transparent mode when configuring
squid?.
Regards
Vivek
--enable-removal-policies='heap lru'
Does that mean only heap LRU method supported, or lru and all three
heap xxx methods?
Thanks.
[p]
--
*Pandu E Poluan*
*Panin Sekuritas*
IT Manager / Operations Audit
Phone : +62-21-515-3055 ext 135
Fax : +62-21-515-3061
Mobile :
Hi, all
Now, I evaluate the squid3.1.0.6 + tproxy4 environment like the
following network.
(1) (2)
| |
+--+ | ++|+-+
|WWW +---+ ||++ WWW |
|Client|.2 |
At our company we have a complex setup.
external URL internal URL
www.example.com/ - www.example.com
www.example.com/subdir - www.example2.com
www.webserver.com - www.example.com/webserver
www.server.com:1800 - www.server.com:1800
Could someone help me, i
HI All,
I am trying to use squid 2.7 in FreeBSD machine. But there is no option
available --enable-ipfw-transparent for configure the squid in
transparent mode. How can we enable transparent mode when configuring
squid?.
Regards
Vivek
Before you compile, do make config!
My question is simple.
Based on the instarutions given by
http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdIpfw we
should use --enable-ipfw-transparent this option when configuration
squid.
But the above option not available in squid 2.7. Is there any
alternative for that?
Sorry for the somewhat large delay in replying to you, I have been on
longish term sick.
However I've just returned and have sussed this out.
Firstly I added the following rules to squid.conf.
acl swan src 123.45.0.0/16 # The campus subnet, which was
already defined in squid.conf
.
Hi!
Currently we are testing the new squid version 3.1.0.6. generally the squid is
working fine, but we have a problem with authenticating users with ident.
cut of squid.conf:
http_port 3128
ident_lookup_access allow all
acl CONNECT method CONNECT
acl all src all
acl permit_userident
Hi,
Squid rewrites the host header as follows:
GET http://194.137.237.63/uutiset/ HTTP/1.1\r\n
Host: www.hs.fi\r\n
-
GET /uutiset/ HTTP/1.0\r\n
Host: 194.137.237.63\r\n
Why is that? How to pass on the original Host header in this case?
Thanks,
- Juha
You can try --enable-removal-policies=heap,lru..
Thus, you will have given all support.
add to squid.conf
cache_replacement_policy heap GDSF
Regards..
--
Mehmet CELIK
Date: Wed, 8 Apr 2009 17:22:41 +0700
From: pandu_pol...@paninsekuritas.co.id
To: squid-users@squid-cache.org
Subject:
Hi Amos,
I resolved the issue with the following line in my proxy.pac file:
if (dnsDomainIs(host, \'wbetest2.bloomberg.com)) { return
proxy:3128; }
I used the page at
http://jcurnow.home.comcast.net/~jcurnow/WritingEffectivePACFiles.html
(mentioned in the proxy.pac entry in wikipedia)
Hello,
For several years now I've used Squid with Winbind to silently
authenticate users to Active Directory which has worked wonderfully. The
one thing I've always had to do though is configure the user proxy
settings to manually point to the proxy in order for it to silently
authenticate.
Amos Jeffries skrev:
Um, the config you showed simplifies down to:
allow localhost access anywhere.
deny anything else. Period.
I think you want:
#
# If we want to block certain sites.
#
# acl blockedsites dstdomain .aftonbladet.se.
acl blockedsites dstdomain .squid-cache.org
Amos Jeffries-2 wrote:
'error messages' in web terminology means something completely different
which can be 'kept'.
I assume you mean where doe sit send the startup error output? That is
usually sent to syslog by Debian/Ubuntu during init process and then
when squid is going to the
Dear Squid users,
I was wondering if the following can be accomplished in squid:
Say, a user starts using the proxy
1 he is not logged, so he gets redirected to a webpage over https
2 the webpage authenticates him, and sets a cookie in his browser
3 he is then redirected to the original url he
Using latest stable squid2.7.6
Using Squid as a reverse proxy.
Got a setup of Squid -- web server -- java
site works fine in normal HTTP port 80.
Need to enable SSL for the site also.
so I added
https_port x.x.x.x:443 cert=/site_name.com.cert key=/site_name.com.key
vhost
and
cache_peer
ons 2009-04-08 klockan 05:15 -0400 skrev Vivek:
I am trying to use squid 2.7 in FreeBSD machine. But there is no option
available --enable-ipfw-transparent for configure the squid in
transparent mode. How can we enable transparent mode when configuring
squid?.
As far as I can understand
Jason wrote:
Amos,
Thanks for answering.
Amos Jeffries wrote:
Jason wrote:
Everyone,
I have compiled squid 3.1.6 from source on amd64 Debian 5.0 with
NP: please use the correct version numbering: 3.1.0.6.
there will probably be a 3.1.6 at some point in the future and
hopefully this
Hi, all
Now, I evaluate the squid3.1.0.6 + tproxy4 environment like the
following network.
(1) (2)
| |
+--+ | ++|+-+
|WWW +---+ ||++ WWW |
Sorry for the somewhat large delay in replying to you, I have been on
longish term sick.
However I've just returned and have sussed this out.
Firstly I added the following rules to squid.conf.
acl swan src 123.45.0.0/16 # The campus subnet, which was
already defined in squid.conf
Dear Squid users,
I was wondering if the following can be accomplished in squid:
Say, a user starts using the proxy
1 he is not logged, so he gets redirected to a webpage over https
2 the webpage authenticates him, and sets a cookie in his browser
3 he is then redirected to the original
Amos Jeffries-2 wrote:
'error messages' in web terminology means something completely different
which can be 'kept'.
I assume you mean where doe sit send the startup error output? That is
usually sent to syslog by Debian/Ubuntu during init process and then
when squid is going to the
Using latest stable squid2.7.6
Using Squid as a reverse proxy.
Got a setup of Squid -- web server -- java
site works fine in normal HTTP port 80.
Need to enable SSL for the site also.
so I added
https_port x.x.x.x:443 cert=/site_name.com.cert key=/site_name.com.key
vhost
and
Hi, Amos
HTTPS encrypted traffic cannot be intercepted.
Yes, I know that. but, in this case, not transparent.
(1) (2)
| |
+--+ | ++|+-+
|WWW +---+ ||++ WWW
I need help understanding what the following cache.log information
means? Please.
2009/04/09 00:35:08| The request GET
http://unified1.abstract.net:80/tc/fms/513901874/mygroup/FSC_unified1_Administrator
is ALLOWED, because it matched 'FMS'
2009/04/09 00:35:08| peerSourceHashSelectParent:
28 matches
Mail list logo