From: gi...@msn.com
To: squ...@treenet.co.nz
Subject: RE: [squid-users] Peering squid multiple instances.
Date: Wed, 24 Mar 2010 07:12:15 +
Dear Amos,
Thank you for your response and better design tips. However i am not able to
comprehend
GIGO . wrote:
Dear Amos,
Thank you for your response and better design tips. However i am not able to comprehend it well (due to lack of expereince and knowledge both however at current). So i request you to elaborate it a bit more. Your guidance would be a real valuable.
Question 1:
You
Could this mean that there is a problem with the web site or their network?
Or is it some kind of configuration issue on our squid proxy or our network?
Regards
Umesh
On 23 March 2010 16:20, Zeller, Jan jan.zel...@id.unibe.ch wrote:
hmm seems not to work properly :
behind proxy :
$ httping
Hi all
I'm trying to set up squid as a adblocking proxy by using privoxy
as a parent.
Unfortunately squid doesn't seem to want to access the parent privoxy.
The authentication works, its simply accessing the parent that's not
doing what it should.
Any help would be appreciated.
via off
Hi,
I am using Squid3S25 on Suse SLES 10, 64 bit, squid_radius_auth-1.10.
When I try squid_radius_auth with a user bob with password secret with the
command
squid_radius_auth -h x.x.x.x -w shared_secret1
I can see that the password secret of a user seems to be garbage:
[files] users: Matched
micky...@gmx.de wrote:
Hi,
I am using Squid3S25 on Suse SLES 10, 64 bit, squid_radius_auth-1.10.
When I try squid_radius_auth with a user bob with password secret with the
command
squid_radius_auth -h x.x.x.x -w shared_secret1
I can see that the password secret of a user seems to be
Thx for the quick reply.
Do you know if there is a timeline for adjusting the RADIUS module for
squid/64? Or is there no priority for this?
Micky
Original-Nachricht
Datum: Thu, 25 Mar 2010 01:09:34 +1300
Von: Amos Jeffries squ...@treenet.co.nz
An:
Amos Jeffries wrote:
Some factums worth knowing:
* 3.0 does not support sslBump or any other form of HTTPS
man-in-middle attacks. 3.1 is required for that.
* sslBump in 3.1 requires that the client machines all have a CA
certificate installed to make them trust the proxy for decryption.
micky...@gmx.de wrote:
Thx for the quick reply.
Do you know if there is a timeline for adjusting the RADIUS module for
squid/64? Or is there no priority for this?
There is no plans for RADIUS in Squid.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
Current
Leonardo Carneiro - Veltrac wrote:
Amos Jeffries wrote:
Some factums worth knowing:
* 3.0 does not support sslBump or any other form of HTTPS
man-in-middle attacks. 3.1 is required for that.
* sslBump in 3.1 requires that the client machines all have a CA
certificate installed to make
micky...@gmx.de wrote:
Thx for the quick reply.
Do you know if there is a timeline for adjusting the RADIUS module for
squid/64? Or is there no priority for this?
There is no plans for RADIUS in Squid.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
Current
Hi,
I'm trying to set up two squid siblings in front of lighttpd as reverse
proxies and have a question about some behavior I'm seeing.
Squid versions are 2.7.STABLE7-1~bpo50+1 from the debian backports
repository.
My goal is to create a setup with two cache siblings and one origin
server
Zitat von Amos Jeffries squ...@treenet.co.nz:
Leonardo Carneiro - Veltrac wrote:
Amos Jeffries wrote:
Some factums worth knowing:
* 3.0 does not support sslBump or any other form of HTTPS
man-in-middle attacks. 3.1 is required for that.
* sslBump in 3.1 requires that the client machines
I know it's bad form to reply to your own post, but I found a partial
explanation.
from
http://linuxdevcenter.com/pub/a/linux/2001/09/17/squidpeering.html?page=2
FALSE HITS: (ICP only) Because ICP does not communicate request headers
(only the URI is presented in an ICP query), it is possible
I want to do the security hardening of my Squid Server with Iptables. I intend
to have no rule on outbond traffic however ibound traffic would be restricted.
please guide what are the minimum ports that are required to be open on
iptables.
Following is what i thought:
Allow all incoming
On Mar 24, 2010, at 1:37 AM, Amos Jeffries wrote:
From what I understand of your requirements you don't actually need DG or
anything but Squid alone. Squid can log in any format you choose to
configure. If there is anything it does not yet log we'd be interested in
hearing about that.
DG
Is there anyway to map single url's to multiple store url's based on a cookie?
Lets say I have a user cookie and I want to implement caching for logged in
users.
I there anyway in squid I can append the cookie to the cached url? (in squid
not on the client side url).
I've looked at doing
I switched to htcp, but I'm still getting false hits (504).
On Wed, 2010-03-24 at 15:10 +0100, Taylan Develioglu wrote:
I know it's bad form to reply to your own post, but I found a partial
explanation.
from
http://linuxdevcenter.com/pub/a/linux/2001/09/17/squidpeering.html?page=2
FALSE
Hello,
Is there a way to get two squid caches used as reverse proxy to have an
consistent cache?
An example would be a file that contains abcd - I request the file, get balanced to squid1 which
caches the file du to the expire header for one hour. Then the file gets changed to contain abcde.
Hello All,
I have followed this configuration, but when I try and access the website
from outside my network
All I get is the default page of the apache on the machine where the Squid
proxy is installed
Here is the link:
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
On Wed, 24 Mar 2010 11:04:03 -0400, Ken Struys k...@struys.ca wrote:
Is there anyway to map single url's to multiple store url's based on a
cookie?
Lets say I have a user cookie and I want to implement caching for logged
in users.
I there anyway in squid I can append the cookie to the
On Wed, 24 Mar 2010 14:11:46 +, GIGO . gi...@msn.com wrote:
I want to do the security hardening of my Squid Server with Iptables. I
intend to have no rule on outbond traffic however ibound traffic would
be
restricted. please guide what are the minimum ports that are required to
be
open on
On Wed, 24 Mar 2010 17:44:27 +0100, Georg Höllrigl
georg.hoellr...@xidras.com wrote:
Hello,
Is there a way to get two squid caches used as reverse proxy to have an
consistent cache?
An example would be a file that contains abcd - I request the file,
get
balanced to squid1 which
caches
How did you create the keytab ?
Markus
Nick Cairncross nick.cairncr...@condenast.co.uk wrote in message
news:c7ce8144.1d5e1%nick.cairncr...@condenast.co.uk...
Hi,
I'm concerned by a problem with my HTTP.keytab 'expiring'. My test base have
reported a problem to me that they are prompted
What is squid proxying?
Usually the normal behaviour is exactly what you are getting since squid
normally proxies Apache on 80.
Browser == Squid on 80==proxied to Apache on port 81.
If Squid is not proxying Apache, then it looks like you have Apache
running on 80.
If you are trying to
HI squids,
I did realize that in latest snapshoot 3.1 has pinger disabled. I wonder to
know what for pinger is?
TIA
LD
Hello List.
I have an acl blocking a batch of ip addresses banned from using the internet
and have others that can use the internet without problems. Now, I would like
to filter the web content to those users that use the internet. I would like to
block sexual content and stuff like that that
Le Mercredi 24 Mars 2010 18:30:49, Landy Landy a écrit :
Hello List.
I have an acl blocking a batch of ip addresses banned from using the
internet and have others that can use the internet without problems. Now,
I would like to filter the web content to those users that use the
internet. I
Thanks in advanced for your help.
go to Dansguardian or SquidGuard
I've read about these two utilities but, the problem is filtering the content
for specific ip addresses.
On Wed, 24 Mar 2010 19:48:27 -0400, Ron Wheeler
rwhee...@artifact-software.com wrote:
What is squid proxying?
Usually the normal behaviour is exactly what you are getting since squid
normally proxies Apache on 80.
Browser == Squid on 80==proxied to Apache on port 81.
If Squid is not
On Mar 24, 2010, at 8:30 PM, Landy Landy wrote:
Hello List.
I have an acl blocking a batch of ip addresses banned from using the
internet and have others that can use the internet without problems.
Now, I would like to filter the web content to those users that use
the internet. I would
On Wed, 24 Mar 2010 18:28:53 -0600, Luis Daniel Lucio Quiroz
luis.daniel.lu...@gmail.com wrote:
HI squids,
I did realize that in latest snapshoot 3.1 has pinger disabled. I
wonder
to
know what for pinger is?
Squid uses it to securely do ICMP to measure distance to the possible
source
Using the redhat package on CentOS 5x64, sarg faults and can't generate
all of the files needed for the view.
This worked on the older version in the main repo, is there something known
to change to allow sarg to work or is the issue unexpected?
Thanks!
jlc
Hello there,
Thanks for the reply Ron and Amos
Maybe my original e-mail wasn't clear a bit confusing I am sorry if I
confused you
I have squid running on Machine A with let's say local ip 192.168.1.4
the backend server is running on machine B and ip address 192.168.1.3
Now, instead of
a...@gmail wrote:
Hello there,
Thanks for the reply Ron and Amos
Maybe my original e-mail wasn't clear a bit confusing I am sorry if I
confused you
I have squid running on Machine A with let's say local ip 192.168.1.4
the backend server is running on machine B and ip address 192.168.1.3
Hi,
I have the same situation with users on my site, they download many BIG files
and then cancel them, eventhough I set some delay pools so they get bured, but
the big files are kept by squid and the HD is getting full.
Is there any solution to solve it, thru SQUID?.
Carlos
--- El sáb,
Hi,
I have written script which redirects my squid to local
apache.It works fine for FOLLOWING SCRIPT
#!c:/perl/bin/perl.exe
$|=1;
while () {
s...@http://www.az@http://117.195.4.252@;
print;
}
But whenever I use this script
#!c:/perl/bin/perl.exe
$|=1;
while
purpose:
To authenticate squid users through active directory before allowing them
access to internet.
Compile Options:
./configure --prefix=/usr --localstatedir=/var --libexecdir=${prefix}/lib/squid
--srcdir=. --datadir=${prefix}/shares/squid --sysconfdir=/etc/squid3
38 matches
Mail list logo