On Monday 18 August 2003 04.07, [EMAIL PROTECTED] wrote:
Anyone know of anything out there that allows Squid to interface
with Kerberos?
PAM should work for Basic authentication.
Regards
Henrik
--
Donations welcome if you consider my Free Squid support helpful.
-4.8-RELEASE FreeBSD 4.8-RELEASE #0:
-
-./configure --enable-delay-pools --enable-snmp
-
-make
-delay_pools.cc:265: sorry, not implemented: object size exceeds normal
limit for virtual function table implementation, recompile all source and
use -fhuge-objects
-
Where to put this
On Monday 18 August 2003 09.56, Yuriy Kuznetsov wrote:
-4.8-RELEASE FreeBSD 4.8-RELEASE #0:
-
-./configure --enable-delay-pools --enable-snmp
-
-make
-delay_pools.cc:265: sorry, not implemented: object size exceeds
normal limit for virtual function table implementation, recompile
Hi,
I receved message in log file : /var/log/messeges
WARNING! Your cache is running out of filedescriptors
What does it mean ?
Help me , please .
Hi,
What OS do you have?
F.E. In Linux, you can increase number of file descriptors by executing
two below listed commands before starting and compiling squid.
Btw, 8192 is high enough, you can try beginning, let's say from 4096.
ulimit -HSn 8192
echo 1024 65000
hiall ,
we have configured squid proxy with a cache
of 100 GB.
i want to preserve all the cache
objects for atleast one year.
irrespective of its sizewhat is the
value i
hello,
I want to restrict the squid cache I have to the users of my network, and I
dont want somebody on Internet use it.
How can I do ?
Thanks
Franklin LECOINTRE
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.509 / Virus
Hi,
I guess you have to play with 'refresh-_pattern'
refresh_pattern -i ^ftp: 518400 999% 518400
cache_replacement_policy lru
Regards,
Yuri Fominov
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, August 18, 2003 16:49
To: [EMAIL
you can do it ba http_access and acls in squid.conf
Best Regards.
Ehsan Lesani
- Original Message -
From: franklin LECOINTRE
To: [EMAIL PROTECTED]
Sent: Monday, August 18, 2003 4:31 PM
Subject: [squid-users] dont want to share the cache
hello,
I want to restrict the squid
Hello,
today I added the line:
forwarded_off
in my squid.conf file but I when I go to http://devel.squid-cache.org/cgi-bin/test I
still see my ip address after HTTP_X_FORWARDED_FOR instead of unknown. Is this a known
bug? How can I disable this header?
thanks,
Markus Wagner
Hello again,
I have wb_group configured here, but I´m still getting some strange
problems.
I can browse with a user in the group Internet, but if I remove this
user from the group, the user still can browse.
I configure ttl=60 (1 minute) to test, but nothing happens. It only
works if
Hi Markus,
At 14.32 18/08/2003, Wagner Markus wrote:
Hello,
today I added the line:
forwarded_off
in my squid.conf file but I when I go to
http://devel.squid-cache.org/cgi-bin/test I still see my ip address after
HTTP_X_FORWARDED_FOR instead of unknown. Is this a known bug? How can I
disable
today I added the line:
forwarded_off
in my squid.conf file but I when I go to
http://devel.squid-cache.org/cgi-bin/test I still see my ip
address after HTTP_X_FORWARDED_FOR instead of unknown. Is this a
known bug? How can I disable this header?
Maybe a Typo?
The option should read
no - it was a typo in my mail (but it is ok in the subject of the mail and in the conf
file)
Well - I am using now:
header_access X-Forwarded-For deny all
I also will open a Bug as Guido suggested
Markus
-Ursprüngliche Nachricht-
Von: Hermann Strassner [mailto:[EMAIL PROTECTED]
I am having problems with my acl, I have the following set:
all Client Address 10.10.1.0/0.0.0.0 allow
manager URL Protocol cache_object deny
localhost Client Address 10.10.1.1/255.255.255.255
127.0.0.1/255.255.255.255 allow
but for some reason others out side the network can use the
In my http request windows this URL appears
https://a248.e.akamai.net/v4.windowsupdate.microsoft.com/getmanifest.asp
into cache.log:
2003/08/18 16:15:12| aclMatchAcl: checking 'acl avir url_regex -i symantec
windowsupdate'
2003/08/18 16:15:12| aclMatchRegex: checking
I think i've read all the information in squid's FAQ and
user's guide but i would like to know if there is a way
to block:
- Kazaa
- Yahoo Messenger
- Aol Messenger
- msn messenger
Check the mailing list archives.
I know that blocking the messenger programs has been
discussed a few times
On Monday 18 August 2003 15.40, Lucas de C. Zechim wrote:
I have a squid-2.5-STABLE3 proxy runing in GNU/Linux Slackware 9.0,
kernel 2.4.21. Is possible auth the users of another GNU/Linux
machine in this proxy? (NOTE: The other GNU/Linux machine is
Slackware 9.0, kernel 2.4.21)
Yes. How to
Squid without authentication running well. But when authenticated,
the pop-up asking Username password always shows up even with
IE 6.0. Something else I missed ?
What were the results of the wbinfo tests from the Squid FAQ?
Adam
On Monday 18 August 2003 15.31, Alex Carlos Braga Antão wrote:
What really means the negative_ttl on the external_acl
How long to remember negative lookups, i.e. a user not being member of
a group in case of group lookups.
Regards
Henrik
--
Donations welcome if you consider my Free
On Monday 18 August 2003 15.06, Alex Carlos Braga Antão wrote:
I configure ttl=60 (1 minute) to test, but nothing happens. It
only works if I restart SAMBA.
Then the problem is somewhere in Samba. Most likely winbind has cached
the group memberships, not querying the domain again.
How
Hello all,
I'm attempting to setup a httpd_accel squid server to allow users from
the internet to access one of our intranet servers. Must have secure
access via ssl and the users must authenticate their userid and password
with our ldap server. I have ssl mode reverse proxy working but
On Monday 18 August 2003 18.40, [EMAIL PROTECTED] wrote:
Hello all,
I'm attempting to setup a httpd_accel squid server to allow
users from the internet to access one of our intranet servers.
Must have secure access via ssl and the users must authenticate
their userid and password with
I had previously said to use Ipfw or ipchains to create a rule that
drops packets destined for the port, or restrict in the linux firewall
instead of at the service level.
Isn't it better to have data dropped from the network layer (layer 3
filtered) rather than let an independent service manage
Currently, I am having a problem I can not resolve at this point though. I
have tried looking everywhere
for information on this particular squid report issue. I am using SARG for
these reports.
I do not always get these errors.
There is a cron job every night and sometimes I get reports that
On Thu, Aug 14, 2003 at 10:58:47PM +0200, Henrik Nordstrom wrote:
1. You need to set the ulimit to the highest value you want your Squid
binary to support while you compile your Squid.
did that.
2. Before starting Squid you need to set the hard ulimit to the number you
want this Squid to
Where do I find the wb_group helpers to squid work with Samba 3.0 ?
Since I did not find anything about my cache that is not being refresh, I´d
like to test with Samba 3.0, but the last test I did, I got some problems,
and somebody said here to use the helpers to samba 3.0, and I did not found
On Monday 18 August 2003 19.57, Brian Hechinger wrote:
On Thu, Aug 14, 2003 at 10:58:47PM +0200, Henrik Nordstrom wrote:
1. You need to set the ulimit to the highest value you want your
Squid binary to support while you compile your Squid.
did that.
And what did configure report while you
On Monday 18 August 2003 19.39, Roger Joseph wrote:
Isn't it better to have data dropped from the network layer (layer
3 filtered) rather than let an independent service manage it's
access.
It is, but it never hurts to have additional checks in place.
Regards
Henrik
--
Donations welcome
On Mon, Aug 18, 2003 at 08:23:26PM +0200, Henrik Nordstrom wrote:
And what did configure report while you built your Squid?
(see include/autoconf.h if you do not have the configure output
available).
/* Maximum number of open filedescriptors */
#define SQUID_MAXFD 8192
which is what i
On Monday 18 August 2003 20.02, Alex Carlos Braga Antão wrote:
Where do I find the wb_group helpers to squid work with Samba 3.0?
The wbinfo based helper should work I think
(helpers/external/wbinfo_group).
The wb_auth and wb_ntlm_auth are both replaced by the Samba ntlm_auth
helper in
Why url_regex check only host part when there https request?
Is this bug or I must change url_regex to urlpath_regex?
HTTPS is HTTP wrapped in SSL. Squid only sees the SSL part
of the conversation - a request to given hostname on a
certain port, using the CONNECT method, and then the encrypted
I'm trying to access www.radioshack.com behind Squid-2.5STABLE2.
The very first page I get java authentication prompt
That looks like a standard IE login prompt, not a Java login
prompt.
Without going through squid, I won't see this. Is this a bug?
Probably just a misconfiguration. What (if
On Monday 18 August 2003 20.28, Brian Hechinger wrote:
which is what i set it to. however, it still seems to be getting
limited to 512 max.
[EMAIL PROTECTED] sudo pfiles 6681
6681: (squid) -D
Current rlimit: 512 file descriptors
Seem to me you did not set the hard ulimit before you
On Mon, Aug 18, 2003 at 08:47:14PM +0200, Henrik Nordstrom wrote:
[EMAIL PROTECTED] sudo pfiles 6681
6681: (squid) -D
Current rlimit: 512 file descriptors
Seem to me you did not set the hard ulimit before you started Squid.
i set the hard limit before i start squid. i set the hard
I'm having a bit of trouble putting it all together. I seem to be able to get 1
cache_peer working ok without using cache_peer access and acls, but getting two to
work is proving difficult. Here are the relevant config lines:
httpd_accel_host virtual
httpd_accel_port 0
On Mon, Aug 18, 2003 at 08:47:14PM +0200, Henrik Nordstrom wrote:
[EMAIL PROTECTED] sudo pfiles 6681
6681: (squid) -D
Current rlimit: 512 file descriptors
Seem to me you did not set the hard ulimit before you started Squid.
problem solved. there was a 'ulimit -n 512' in the
Well- I seemed to have answered my own question- by changing the acl's to use
dstdomain instead of dst, things are working...
D
-Original Message-
From: David Gibson
Sent: Mon 8/18/2003 3:12 PM
To: Henrik Nordstrom; [EMAIL PROTECTED]
Cc:
Subject:RE: [squid-users]
Can't get my network users to access squid. My acl's configuration looks
like this:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 111.129.69.45/255.255.255.255
acl net src 11.129.69.0/24
acl redlocal src
Hi -
I don't quite get what squid is about - yet -
but would be grateful for advice on most basic
conf required for allowing a PC to gain web access
through a Sun with an ISDN dial up connection with
squid installed:
- I have a Solaris machine with ISDN dial-up to
Internet.(now too old to use
On Monday 18 August 2003 21.12, David Gibson wrote:
acl owa dst [ip host1]/255.255.255.255
cache_peer_access host1.mydomain.com allow owa
You shoult not use dst type acls here but dstdomain acls listing all
the different domain names which should be sent to this server.
If you use dst type
On Monday 18 August 2003 22.20, Sergio Alonso wrote:
Can't get my network users to access squid. My acl's configuration
looks like this:
Configuration looks fine.
What do you get in access.log? And have you restarted Squid after
making the configuration changes?
Regards
Henrik
On Tuesday 19 August 2003 00.18, Jim Flowers wrote:
I can get the query to the ftp server on the originhost using
either a redirector rewriting http:// to ftp:// (and even
ftp://...:21) or by using a protocol=ftp option for the cache_peer
directive and it responds but it doesn't like the
On Friday 15 August 2003 00.24, Norman Zhang wrote:
Hi,
I'm trying to access www.radioshack.com behind Squid-2.5STABLE2.
The very first page I get java authentication prompt
Firewall: Unknown Site
Realm: ntlm
Scheme:
Username:
Password:
Probbably the server is using NTLM authentication
On Sunday 17 August 2003 14.51, Nont Banditwong wrote:
I've deployed Linux squid box as web cache using WCCP v2 but
it can be used only one cache (I have 2 cache) both squid box is
all the same and can be used if another one is closed (squid
service).
The router is supposed to allocate web
On Tuesday 19 August 2003 00.46, Kevin Nolan wrote:
I don't quite get what squid is about - yet -
but would be grateful for advice on most basic
conf required for allowing a PC to gain web access
through a Sun with an ISDN dial up connection with
squid installed:
See QUICKSTART.
- I want
I'm using Windows NT4 Domain. Any suggestion ?
Regards,
Arief K
If You have a Windows 2000 domain check the following:
- If Pre Windows 2000 compatibility was selected at AD installation time
- In the Machine Local security Policy and in Domain Security Policy,
security options, check Network
Thanks for your response all.
In regards to the form of load balancing, this is what I got froma
dig
;; ANSWER SECTION:
www.national.com.au.469 IN CNAME www.bal.national.com.au.
www.bal.national.com.au. 10 IN A 203.57.241.101
www.bal.national.com.au. 10 IN
I did winbinfo -t and winbind -a domain\\username%password. It seems okay.
Still can't figure out what I've been missing here.
Is these steps still required before joining domain (using Samba 2.2.8a) ?
- cp nsswitch/libnss_winbind.so /lib
- chmod 755 /lib/libnss_winbind.so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello guys,
I'm sorry for putting this question on the list because it's related to
squidGuard more than squid I think. Or both.
1. Can windowsupdate.microsoft.com be denied rather than redirected?
2. Can squid's ACL and squidGuard's work together?
Dear Henrik,
I 'm missing understand in redirect script. The root cuase of my
problem is /etc/hosts that missing . Now, It work well
Regards and Thanks
Niti : )
-Original Message-
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Saturday, August 16, 2003 4:17 PM
To:
- Original Message -
From: Adam Aube [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, August 18, 2003 11:42 PM
Subject: RE: [squid-users] Blocking Kazaa, msn messenger...
As for Kazaa, I know it's been discussed, but I don't think
a definite solution was determined.
for kazaa,
Re: I've deployed Linux squid box as web cache using WCCP v2 but
Re: it can be used only one cache (I have 2 cache) both squid box is
Re: all the same and can be used if another one is closed (squid
Re: service).
Re:
Re: The router is supposed to allocate web space to both caches
Re:
Hi,
I'm using Redhat 8.0 + Squid2.5.STABLE1 + Samba2.2.8a ( winbind ) in my
testing network.
Sometimes IE will prompt authentiation window again anad again after I enter
username and password.
It's very annoying. After checking access.log and cache.log , I found the
system is asking
for more
54 matches
Mail list logo