hello
Just downloaded the blacklist, how do i use it, want to block users from
browsing porn sites,
rgds,
frank
Hi !
you can use squidGuard to block the internet access to porn, violence,
and so on, site...
Luca
-Messaggio originale-
Da: Frank Chibesakunda [mailto:[EMAIL PROTECTED]
Inviato: mercoledì 18 giugno 2003 15.39
A: Ralf Hildebrandt; [EMAIL PROTECTED]
Oggetto: [squid-users]
Hi all
I have Squid2.5s1 running as a transparent proxy on my linux box R.H-7.3
The next hop from the squid box is my router.
I never have problems for a month or so. But once a month it starts to shoot
packets at such a rate that I cannot ping my route.
Seems like a non-squid issue.So I
On Thursday 19 June 2003 04.27, Tan, Kian Tiong wrote:
Is there any concerns on configuring the following??:
client_persistent_connections off
server_persistent_connections off
Only performance concerns.
Regards
Henrik
--
Donations welcome if you consider my Free Squid support helpful.
On Thursday 19 June 2003 08.29, Mahesh Kudva wrote:
Seems like a non-squid issue.So I ran packet sniffer viz: iptraf
and ethereal. Both showed packets from port 3128 which is squid. I
tried restarting the server, but enede up with the same result.
Maybe you have someone on the internet using
Dear all,
I'm running Squid Cache on Linux with wccp support. Everything is going to
be working fine. Now I need MIBs to get WCCP statistics for Squid and
Router. Can someone let me know. I will thankful for your kind of help.
--
Best Regs,
Masood Ahmad Shah
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I'm trying to use squid to accellerate a webserver.
I changed the httpd_accel_host and port numbers, and set it so it was only
accelerating a single host.
Every time I try and pull a page down, I get a 403 error on that page, and no
record of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Alex:
|I have a FreeBSD box, running Squid 2.5 STABLE 3.
|I installed NetSNMP, and compiled squid with SNMP suport.
|
|I configure squid.conf to accept SNMP calls, but when I try to
snmpwalk,
| I get:
| Jun 18 15:29:53 cache_server
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I'm trying to use squid to accellerate a webserver.
I changed the httpd_accel_host and port numbers, and set it so it was only
accelerating a single host.
Every time I try and pull a page down, I get a 403 error on that page, and
no
You can always keep a local checkout of the cvs tree and keep it updated
on a nightly/weekly basis. However, our recommendation is to use the
nightly snapshots rather than CVS checkouts. Also keep in mind that the
snapshots has undergone considerably less testing than stable versions
and sometimes
tor 2003-06-19 klockan 09.25 skrev Ahmad Masood Shah:
I'm running Squid Cache on Linux with wccp support. Everything is going to
be working fine. Now I need MIBs to get WCCP statistics for Squid and
Router. Can someone let me know. I will thankful for your kind of help.
Squid does not have
tor 2003-06-19 klockan 10.59 skrev Aqil:
--- Henrik Nordstrom [EMAIL PROTECTED] a écrit :
On Wednesday 18 June 2003 10.41, Aqil wrote:
Yes, the user database already exists. It's a flat
text database.
On what format?
userid,cleartextpassword
This format is not supported by
I have 4 caches. 2 caches at the HQ and 2 caches at a branch office.
Here's the peer info for each of the caches.
hq-1:
cache_peer hq-2 sibling 3128 3130
hq-2:
cache_peer hq-1 sibling 3128 3130
branch-1:
cache_peer hq-1 parent 3128 3130
cache_peer hq-2 parent 3128 3130
cache_peer branch-2
I have a Squid accelrator box on a DMZ which i wish to forward all http
requests to an internal Exchange server. Can i use the following obviously
amended to reflect my network?
acl INSIDE_IP dst 1.2.3.0/24
always_direct allow INSIDE_IP
never_direct allow all
Will this work or I am I looking
Just following up on this. I have not been able to solve this. I have
tried changing the cache time to lower values and the site caches for
the specified time. I start bringing the times up greater than 4 hours
and caching becomes irratic. I have it specified for 2 day as of right
now. It
I have an accelerator box on a DMZ which I wish to forward all http and
https requests to an internal Exchange box. Do I need to define the
following in my conf file obviously appended to suit my network?
acl INSIDE_IP dst 1.2.3.0/24
always_direct allow INSIDE_IP
never_direct allow all
Sorry
On Thursday 19 June 2003 15.05, Eric Wieling wrote:
When a request comes into a BRANCH cache, the cache queries it's
sibling and both parents at HQ. Do the parents then query each
other (since they are siblings)? If so, does anyone have ideas on
the best way to prevent these duplicate
On Thursday 19 June 2003 16.14, Jason Moreton wrote:
I have an accelerator box on a DMZ which I wish to forward all http
and https requests to an internal Exchange box. Do I need to
define the following in my conf file obviously appended to suit my
network?
acl INSIDE_IP dst 1.2.3.0/24
On Thursday 19 June 2003 16.13, AJ Lemke wrote:
Just following up on this. I have not been able to solve this. I
have tried changing the cache time to lower values and the site
caches for the specified time. I start bringing the times up
greater than 4 hours and caching becomes irratic. I
I have just installed squid 2.5STABLE1 on Redhat 9. I used the RPM
included with the Redhat distro. Everything worked fine with the
default config file. When I changed the config file to require
authentication I used the instructions at this URL:
http://www.squid-cache.org/Doc/FAQ/FAQ-23.html
On Thursday 19 June 2003 17.50, Jayson Johnson wrote:
Does anyone have a suggestion on which log analyzer to use? We
want to track where our users go. We have around 3000 users.
Our main goal is to be able to run a report on a specific range of
users biased on there ip address?
There is
What do the auth_param lines in squid.conf look like?
How did you create the username:password file? Is it readable by the UID
Squid runs as?
How is the browser configured? Were you running a transparent proxy before
you turned authentication on?
Adam
-Original Message-
From: Fred
On Thu, 19 Jun 2003, Adam Aube wrote:
What do the auth_param lines in squid.conf look like?
How did you create the username:password file? Is it readable by the UID
Squid runs as?
How is the browser configured? Were you running a transparent proxy before
you turned authentication on?
Here is my situation:
We need to be able to have different users (as identified by ident)
appear to be coming from different source ips.
Here is our current approach:
acl ipone ident user1
acl iptwo ident user2
tcp_outgoing_address 192.168.1.1 ipone
tcp_outgoing_address 192.168.1.2 iptwo
I understand that you configured Squid based on the FAQ - however, the FAQ
you referred to does not have an exact section on how to configure
ncsa_auth. That is why I asked what the auth_param lines were.
Somehow I managed to miss you stating that you tested ncsa_auth from the
command line, so
Here is the Refresh Pattern
# www.someUrl.org 1 month
refresh_pattern -i www\.someUrl3\.org 43200 20% 1440
ignore-reload
refresh_pattern -i someUrl3\.org 43200 20% 1440
ignore-reload
I have the logfile I have grepped out the www.someurl.com so only that
record is
I made sure that the password file is owned by the user squid runs as
and is readable by that user.
Prior to this installation of squid there was no transparent proxy. The
browsers were not configured for proxying at all until I configured them
to work with this install of squid. Further, I
Hello,
I have run into a little trouble. I have a box with
squid and dansguardian on it, and am having trouble
with the NTLM authentification. I have already
contacted the dansguardian mailing list and they said
the NTLM is not supported by dansgaurdain, but they
said a workaround would be to
The only other suggestion I have is to use ps to make sure the ncsa_auth
helpers are running.
Beyond that I'm out of ideas - the config looks good. Hopefully one of the
experts on this mailing list can give you some better advice.
Adam
-Original Message-
From: Fred Evans [mailto:[EMAIL
Tried that already, thanks for trying ;-)
On Thu, 2003-06-19 at 10:16, Adam Aube wrote:
The only other suggestion I have is to use ps to make sure the ncsa_auth
helpers are running.
Beyond that I'm out of ideas - the config looks good. Hopefully one of the
experts on this mailing list can
Hi Henrik,
Just wanted to confirm, is ICAP already inbuilt into squid-2.5.STABLE3, thus
i need no patch, only just to enable the --enable-icap-support option
cause i have seen on the website squid-2.5.STABLE1 which has an accompanying
patch, but thought better to use the STABLE3?
if by chance u
From: Fred Evans [mailto:[EMAIL PROTECTED]
I made sure that the password file is owned by the user squid runs as
and is readable by that user.
Prior to this installation of squid there was no transparent proxy. The
browsers were not configured for proxying at all until I configured them
to
Hi everybody,
Here is the situation:
I have a Squid 2.4.6 proxy running on Linux RH 7.2. Clients are Windows
machines (98 and 2k).
The access to Internet is only authorized if people are authenticated
against a LDAP directory.
To do this, I have an ACL saying:
acl auth_user proxy_auth REQUIRED
We do it to work around stupid programs that don't understand proxy
authentication. It's very straightforward:
- Assume that acl LocalNet are the IP addresses allowed to use proxy
- Create an acl NoAuth with dst or dstdomain targets that will not require
authentication
- Setup http_access like
Please extract a few lines of your access.log according to the
requirements outlined below.
Regards
Henrik
On Thursday 19 June 2003 19.03, AJ Lemke wrote:
Here is the Refresh Pattern
# www.someUrl.org 1 month
refresh_pattern -iwww\.someUrl3\.org 43200 20% 1440
ignore-reload
On Thursday 19 June 2003 19.25, Chijioke Kalu wrote:
Just wanted to confirm, is ICAP already inbuilt into
squid-2.5.STABLE3, thus i need no patch, only just to enable the
--enable-icap-support option
No.
cause i have seen on the website squid-2.5.STABLE1 which has an
accompanying patch,
On Thursday 19 June 2003 19.04, Fred Evans wrote:
I made sure that the password file is owned by the user squid runs
as and is readable by that user.
Prior to this installation of squid there was no transparent proxy.
The browsers were not configured for proxying at all until I
configured
On Thursday 19 June 2003 19.08, glen hyland wrote:
cache. Does anyone know how to get two instances of
squid running on one box??
The easiest way is to install two Squids with different --prefix=, and
then set up their squid.conf to use different ports (don't forget the
icp port if
I think this is a known bug. Check the bugzilla database.
Regards
Henrik
On Thursday 19 June 2003 18.52, Josh Rasey wrote:
Here is my situation:
We need to be able to have different users (as identified by ident)
appear to be coming from different source ips.
Here is our current approach:
Thanks for the reply Henrik.
I checked Bugzilla, and I did find an instance similar to this, but they
were using proxy-auth not ident, but the symptoms are quite similar.
-Josh
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 19, 2003 2:42 PM
To:
squid -k parse returns no errors
The total of my acl and http_access:
acl users proxy_auth REQUIRED
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl CONNECT method CONNECT
http_access allow all users
I'm guessing that the authenticate_program has been changed to
auth_param or vice versa. My version returns a parse error when using
authenticate_program and the default conf file uses the auth_param
syntax.
On Thu, 2003-06-19 at 11:09, Chris Berry wrote:
From: Fred Evans [mailto:[EMAIL
Hi Henrik,
Just wanted to confirm, is ICAP already inbuilt into
squid-2.5.STABLE3, thus
i need no patch, only just to enable the --enable-icap-support
option
cause i have seen on the website squid-2.5.STABLE1 which has an
accompanying
patch, but thought better to use the STABLE3?
if by chance u
Hello all,
I have recently installed SquidNT (2.5STABLE3) on a Win2000 server.
Everything works just fine, exepct a few days my main router interconnecting
branch offices started to go down in random pattern.
INTERNET---W2000+SQUID---SWICH---*LAN
|
Ok. Then register another bug report for this issue.
Regards
Henrik
On Thursday 19 June 2003 22.21, Josh Rasey wrote:
Thanks for the reply Henrik.
I checked Bugzilla, and I did find an instance similar to this, but
they were using proxy-auth not ident, but the symptoms are quite
similar.
On Thursday 19 June 2003 22.26, Fred Evans wrote:
http_access allow all users
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
And you remembered to restart (or
On Thursday 19 June 2003 22.29, Fred Evans wrote:
I'm guessing that the authenticate_program has been changed to
auth_param or vice versa. My version returns a parse error when
using authenticate_program and the default conf file uses the
auth_param syntax.
auth_param is Squid-2.5 syntax
On Thursday 19 June 2003 23.24, Andrius Kr wrote:
If someone from remote LAN starts to browser network Squid
floods ROUTER1 with a high volume TCP packets (1 in 5 seconds)
sized ~62 bytes. Router is old Motorola Vanguard hardware router
and from such spike its TCP/IP stack is killed,
Thanks for the advice, indeed there is an acl definition for all, which I
failed to put in the email.
acl all 0.0.0.0/0.0.0.0
- Original Message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Fred Evans [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, June 19, 2003 3:39 PM
Hi everyone,
I have been tasked with a project to grant web access to some laptop
clients.
I have some wireless clients some of them have permission to surf the
internet others don't. All web requests on port 80 are redirected by
iptables to the Squid proxy server, can I use Freeradius to
Personal experience says sarg will do the trick for u if u want a detailed
output of who went where :--)
Best Regards, Asante Sana, Med venlig hilsen
Rahul T. Kartha
IT Coordinator
NCC-Aarsleff Joint Venture TANZANIA
P.O.Box 252, Morogoro
Tanzania
Tel, reception: +255 (0)23 260 1196 / 1345
51 matches
Mail list logo
