Hi,Lists,
I plan to use acl isp-xxx dst to define tons of route prefix over
27,000 items. Does it reasonable?
Regards
Simon
Hi,
Does squid send client and server IPs and ports to c-icap when sending
request or response to it?
Regards,
MSH
On 21/08/2014 7:16 p.m., k simon wrote:
Hi,Lists,
I plan to use acl isp-xxx dst to define tons of route prefix over
27,000 items. Does it reasonable?
Squid should be able to handle it, but its probably best to aggregate
the ranges first to minimize the work necessary per-request.
Squid
On 21/08/2014 7:48 p.m., m.shahverdi wrote:
Hi,
Does squid send client and server IPs and ports to c-icap when sending
request or response to it?
Why would those be relevant? ICAP is for content filtering, not packet
routing.
Squid-3.2 and later send custom annotation headers with whatever
Thanks, Amos.
Simon
于 14-8-21 16:19, Amos Jeffries 写道:
On 21/08/2014 7:16 p.m., k simon wrote:
Hi,Lists,
I plan to use acl isp-xxx dst to define tons of route prefix over
27,000 items. Does it reasonable?
Squid should be able to handle it, but its probably best to aggregate
the ranges
Hi!
Please, help.
I've been using squid 3.3.11 on FreeBSD 10 for a year.
I have AD and kerberos authentification. Squid checks DenyInternet
group membership through kerberos_ldap_group. My domain example.org
has subdomains like south.example.org, west.example.org, etc. All
users use
Group name in config is OCS-DenyInternet-G of course.
2014-08-21 14:48 GMT+04:00 Pavel Timofeev tim...@gmail.com:
Hi!
Please, help.
I've been using squid 3.3.11 on FreeBSD 10 for a year.
I have AD and kerberos authentification. Squid checks DenyInternet
group membership through
Hello,
Due to DMARC policy of several domains some mail is blocked (see an
example below).
I suppose maillist software ( ezmlm ) needs some tuning, it must
forward email to list with own sender address ( @squid-cache.org ).
An example:
That's how squid's 3.4.6 helper works with usern...@example.org
kerberos_ldap_group.cc(372): pid=45620 :2014/08/21 14:27:30|
kerberos_ldap_group: INFO: Got User: username Domain: EXAMPLE.ORG
support_member.cc(55): pid=45620 :2014/08/21 14:27:30|
kerberos_ldap_group: DEBUG: User domain loop:
Hello Jatin,
May be this (for ICAP not for eCap) describes your issue -
http://docs.diladele.com/faq/squid.html#why-i-see-cannot-connect-to-site-using-https-browser-message-instead-of-usual-site-is-blocked
Raf
From: Jatin Bhasin jbhasi...@gmail.com
Sent:
Hi,
I have just update to the latest version, and the results are clear:
cat /var/log/squid/access.log | awk '{print $4}' | sort | uniq -c | sort -rn
486561 TCP_MISS/200
89612 TCP_MISS/304
52123 TCP_MEM_HIT/200
40408 TCP_MISS/206
36267 TCP_MISS/302
20904 TCP_MISS/204
12246
You are very right Antony!
1. are all the youtube videos which go over-limit HTTPS connections?
Yes!
2. can the client go over-limit with any other URL provided it's HTTPS?
Yes!
So... is there any thing to do in order to limit the bandwidth of clients
downloading/viewing videos over htpps?
On 21/08/2014 11:56 p.m., Délsio Cabá wrote:
Hi,
I have just update to the latest version, and the results are clear:
cat /var/log/squid/access.log | awk '{print $4}' | sort | uniq -c | sort -rn
486561 TCP_MISS/200
89612 TCP_MISS/304
52123 TCP_MEM_HIT/200
40408 TCP_MISS/206
Don't kill the messenger :) I agree, but had to remove forwarded for and via or
I faced blocking and weirdness with several of the services I use. I won't name
names cause I don't really want to pursue the debate.
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
On 22/08/2014 12:24 a.m., fpap wrote:
You are very right Antony!
1. are all the youtube videos which go over-limit HTTPS connections?
Yes!
2. can the client go over-limit with any other URL provided it's HTTPS?
Yes!
So... is there any thing to do in order to limit the bandwidth of
Amos Jeffries wrote
On 22/08/2014 12:24 a.m., fpap wrote:
You are very right Antony!
1. are all the youtube videos which go over-limit HTTPS connections?
Yes!
2. can the client go over-limit with any other URL provided it's HTTPS?
Yes!
So... is there any thing to do in order to limit
Hi All,
I have squid_kerb_auth working and authenticating via my key tab file.
However, when trying to lock it down to users that are in a group in AD,
I¹m seeing a weird issue.
I put my sanitized output here: http://pastebin.com/wGc3RC0h
But basically if I use this ./squid_kerb_ldap -d -g
This appears to be a client (192.168.0.125) connecting to what it thinks
is a regular forward-proxy port:
http_port 3128
or
http_port 192.168.0.1:3128
Like i said the clients get the ip and port thru dhcp, thats correct
behaivour in my eyes.
This above shows Squid receiving various
On Thu, 2014-08-21 at 15:02 +0400, Oleg Motienko wrote:
Hello,
Due to DMARC policy of several domains some mail is blocked (see an
example below).
I suppose maillist software ( ezmlm ) needs some tuning, it must
forward email to list with own sender address ( @squid-cache.org ).
I
Hi Scott,
So from what see in your first log you have a user MYSUER with a
domain/realm MYDOMAIN, but squid belongs to SUBDOMAIN.DOMAIN.COM.
squid_kerb_ldap tries to authenticate to the domain MYDOMAIN using the
keytab but does not find any entry for MYDOMAIN in the keytab. Then
Hello,
Yes, that is the same scenario what I have been experiencing but when
I call function (x-blockVirgin()) from my ecap adapter then
squid does print the access denied page which is one of my squid
error pages. So as I see that squid does complete the SSL handshake
and then paints the
Hello,
I wanted to block a particular website based on CONNECT request
because I am not bumping (decrypting) the site. But now I have
realised that if I do not dump the site then there is no way I can
paint a custom message on the browser.
So, can somebody suggest me if there is a way to pass a
22 matches
Mail list logo
