[squid-users] request_body_max_size

2011-04-05 Thread Norman Noah 
hi,

can anybody show me an example for some domain limit file size?

let say global download limit is 100MB

domain for dell.com more than 100MB > 400MB limit. (for downloading drivers)

what about time based download ?

acl working time MTWHF 08:00-17:00


how to do this ?

i'm using squid 2.6 STABLE 21



acl moredownload dstdomain .dell.com

reply_body_max_size 104857600 allow all

[squid-users] Creating multiple delay pools

2007-10-03 Thread Norman Noah 
hi

can anybody help me ..

 i want to create another delay pool from these 2 class

my current config is

# delay pool
delay_pools 2

#direct bandwitdhfull access to websites
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow fast
delay_access 1 deny all

# delay
#restrict bandwidth for all others
delay_class 2 3
delay_parameters 2 -1/-1 3276800/8192000 24576/655360
#  400kbs/1000kb3kbs/80kb
delay_access 2 allow all morning
delay_access 2 allow all afternoon

i want to set another delay pool for another segment

for wireless segment

can anybody help me ?

Re: [squid-users] Block all Web Proxies with squid.

2007-09-04 Thread Norman Noah 
Well if u want to block proxy you can get the list from

www.proxy.org.

they have the updated list of all running proxies..

y must u allow https not to go through squid ?

in my environment all internet access must go through squid.

[squid-users] Blocking Freegate

2007-08-31 Thread Norman Noah 
Is there a way for me to block freegate tunneling?

I try to check their useragent. And it uses IE.

Try to block the IPs but there are more than 200 ips ...

the patterns that freegate is using is

http://68.83.184.158/bpzkpubr/foU8i/X_d5v2hT/cqPjrkf/Pl--k/IicH/obm/mHjD6agNG/WN

http://220.129.1.153/ejfyk/fcrACw/i9whR4/M5J/qyL/oSDM/o4_HM0Tz90/le5/NkbUrNSEe/0

http://68.83.184.158/pmmsgnc/eO-K/8li/KaM01SN/0hUsmC_/yceyL

and etc.

Currently i'm blocking all these IPs. Since they are not using https
connect method.

Re: [squid-users] per-acl error messages not working

2007-07-25 Thread Norman Noah 

As far as i know error msg should put below after all rules ...

Re: [squid-users] Squid and Windows Update

2007-06-21 Thread Norman Noah 

We implement windows update through proxy without delay pool and
there's no problem at all.

acl fast dstdom_regex download.windowsupdate.com update.microsoft.com
acl fast dstdom_regex download.microsoft.com ds.microsoft.com

#direct bandwitdhfull access to websites
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow fast
delay_access 1 deny all

[squid-users] allowing ftp access

2007-05-27 Thread Norman Noah 

Good day to all readers,

I have a problem in my network before this i'm allowing ftp without
proxy but yahoo mesengger is using that port to connect. so we block
port 21 on our firewall. but the problem is at proxy server that we
block numericall ips using method CONNECT since skype is using that
method. skype have hundreds of ips.

how can i allow ftp to connect since after succesfully connect to the
ftp server the ftp client request ips to list file.

example like this
(ftp client log)
[R] PASV
[R] 227 Entering Passive Mode (203,223,150,153,130,243)
[R] Opening data connection via Proxy

this is my squid config (in order)
..
ftp_user [EMAIL PROTECTED]
ftp_list_width 64
ftp_passive on
..
acl Safe_ports port 21  # ftp
acl CONNECT method CONNECT
acl FTP proto FTP

http_access allow FTP
http_reply_access allow FTP
...
#skype
acl numeric_IPs url_regex ^[0-9]+.[0-9]+.[0-9]+.[0-9]+
.
# allow direct ftp
always_direct allow FTP
.
http_access deny numeric_IPS
...

we are using proxy 2.5 stable 11