On mån, 2008-11-03 at 16:57 +0800, Bin Liu wrote:
Hi,
I'm going to deploy multiple squid servers in a ISP for HTTP traffic
caching. I'm now considering using WCCP for load balancing and TPROXY
for fully transparent interception.
Here is the problem. As far as I know, Cisco WCCP module
On mån, 2008-11-03 at 09:25 -0200, Luciano Cassemiro wrote:
http_access deny our_networks users forbidden_sites !directors
This line requests authentication as the last acl on the line is
authentication related (directors).
Rewrite it to
http_acccess deny out_networks !directors
On tis, 2008-11-04 at 19:49 +0100, Sergio Marchi wrote:
cache_peer myparentproxy1.dipvvf.it parent 3128 3130 sourcehash
round-robin no-query
Don't mix round-robin and sourcehash. Not sure what will happen in such
confusing setup.
But you should indeed use no-query if you use sourcehash or
On tis, 2008-11-04 at 18:02 +1100, Rod Taylor wrote:
My squid is running on a machine that is set to local time in both
software and hardware. Squid shows GMT in all error messages and uses
GMT in the ACLs. How do I set Squid to use local time not GMT. Squid is
the only program to do this...
Hi,
We want to go to below website which contains streaming vedio. When We
get there all the images. But We will NOT get streaming vedio. If We
bypass squid, We get streamig Vedio.
http://uticctv.mine.nu/index.htm
The above site has a user name and password. I can Not give it you.
sorry for it.
On tis, 2008-11-04 at 01:58 -0800, Retaliator wrote:
on the squid log i see
TCP_MISS/404 0 CONNECT SERVERNAME.SUBDOMAIN.beeper.co.il:443 - DIRECT/- -
servername and subdomain are smt else i changed.
From this it looks like yout Squid can not resolve te requested hostname
into an IP.
Check
On tis, 2008-11-04 at 22:37 +0530, Arun Srinivasan wrote:
Yes. I could see the connections go over lo interface. However, it is
not getting handled by the stack.
Public addresses can not talk to loopback addresses (127.X). This is an
intentional security restriction in the TCP/IP stack.
Also
Arun Srinivasan wrote:
Thanks for the response.
- does the client IP have access to use the hidden peer proxy?
Yes. To ensure this I tried it out with an 'nc' utility instead of peer proxy.
- do the connections between peers go over lo interface? I'm not sure
what the special kernel behavior
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It worked!
Thanks so much for your help.
Henrik Nordstrom escreveu:
On mån, 2008-11-03 at 09:25 -0200, Luciano Cassemiro wrote:
http_access deny our_networks users forbidden_sites !directors
This line requests authentication as the last acl
Retaliator wrote:
Hello,
i found out after few months i have problems with clients using office 2007
against exchange 2007.
if proxy is enabled out of office and more issues wont work becasue squid
blocks them, the autodiscover service is a part of exchange 2007, if you
remove the proxy it
Hi All,
My configuration is Ubuntu-iptables-squid2.6/Transparent Proxy. I
block gmail to all employees in my company. My problem is, squid does
not block https://gmail.com. And does not even log https://gmail.com !
I didn't knew this until I've seen one of our employe browsing gmail!
I did add
nitesh naik wrote:
Hi All,
Issues was with Disk I/O. I have used null cache dir and squid
response is much faster now.
cache_dir null /empty
Thanks everyone for your help.
Regards
Nitesh
Oh dear, I can't believe I overlooked this.
cache_dir aufs (linux) or diskd (FreeBSD) is likely to
On tis, 2008-11-04 at 14:22 -0300, Rodrigo de Oliveira Gomes wrote:
Cache Manager Error
target 192.168.47.89:3128 not allowed in cachemgr.conf
__
cachemgr.conf:
localhost
192.168.47.89:3128
Am I doing
Hi Folks,
I have a problem accessing an SSL site through my Squid setup, IE just spins
its blue circle forever, and doesn't seem to ever actually time out. The same
site works when going direct. I have tried multiple browsers to eliminate the
browser as the issue.
Any help is appreciated,
Thanks for your reply.
The redirection in both directions must match for this to work. See the
wiki for a configuration example
http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY
The configuration example does not mention the scenario that one
router talks to *MULTIPLE*
On ons, 2008-11-05 at 17:57 +0530, sohan krishi wrote:
My configuration is Ubuntu-iptables-squid2.6/Transparent Proxy. I
block gmail to all employees in my company. My problem is, squid does
not block https://gmail.com. And does not even log https://gmail.com !
I didn't knew this until I've
Most likely a window scaling issue. There is still very many broken
firewalls out there..
Squid FAQ System Wierdness - Linux - Some sites load extremely slowly or not at
all:
http://wiki.squid-cache.org/SquidFaq/SystemWeirdnesses#head-4920199b311ce7d20b9a0d85723fd5d0dfc9bc84
Regards
Henrik
On
I figured it out to a point:
I had this config, which worked on another setup:
#Samba PDC Auth
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
#auth_param ntlm max_challenge_reuses 0
#auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm children 40
Hi,
We want to go to below website which contains streaming vedio. When We
get there all the images. But We will NOT get streaming vedio. If We
bypass squid, We get streamig Vedio.
http://uticctv.mine.nu/index.htm
The above site has a user name and password. I can Not give it you.
sorry
I figured it out to a point:
I had this config, which worked on another setup:
#Samba PDC Auth
auth_param ntlm program /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp
#auth_param ntlm max_challenge_reuses 0
#auth_param ntlm max_challenge_lifetime 2 minutes
auth_param ntlm children
20 matches
Mail list logo
