dear all
i have squid machine , i want set every user who use my squid machine
get some info like picture in header or popup like anonymizer .
who do that in squid
thx
-sonjaya-
dear all
i have squid machine , i want set every user who use my squid machine
get some info like picture in header or popup like anonymizer .
who do that in squid
thx
--sonjaya--
Hi Henrik,
n2h2 content filter is the product we are using - I believe the actual
product line name is Bess.
it can work with squid as the n2h2 people have written a redirector for
squid but (by n2h2s own admission) it doesnt work very well. It doesnt do
user or group based filtering and it c
On Thu, 23 Sep 2004 [EMAIL PROTECTED] wrote:
- they could just go direct - we are using the upstream peer to do content
filtering as the particular content filter software we were forced to use
uses a proprietry Cisco IFP protocol to communicate with caches :(
May I ask which content filter softwar
Through some help from this list i figured out how to do something similar
just last night.
In squid 3.0 there is the cache_peer option login=PROXYPASS - this option
converts proxy-authorization to http-authorization and then passes it to
the nominated cache_peer.
So what we do is make everyo
I use sockscap from NEC/Permeo technologies with a socks5 server,
socks is nice for those kind of applications, Permeo also have another
product which has a heap more functionality but is based on socks5
which you may also find usefull for what you are attempting.
Check out www.permeo.com or www.s
Thanks, Adam
somebody knows, some proxy that support RDP?
Thanks!
Lucky
--- Adam Aube <[EMAIL PROTECTED]> escribió:
> lucas baresi wrote:
>
> > Squid is able to proxy RDP protocol?
>
> No. Squid is an HTTP proxy only.
>
> Adam
>
>
>
__
On 22.09 15:42, Martyn Bright wrote:
> I would like to be able to use a web page on my Apache server to validate a
> users id and password, and then redirect them on to another external site
> via a copy of Squid installed on the same machine. I have seen numerous
> references to this as a possibi
On Wed, 22 Sep 2004, Przemek Czerkas wrote:
I found out that what client actually download is burst of up to
maximum * (DL_SPEED) / (DL_SPEED - restore)
Correct, when the bucket is larger than the download speed of the client.
Regards
Henrik
There was a patch, just mentioned recently, that was posted here about a
month ago. We had it created for us to do the following:
In reverse proxy (accelerated mode):
User wants to hit internal webserver.
Browser sends the user to the proxy which uses a redirector that sends them
to a webpage. T
I've been using Squid up to 2.4 in roughly the same configuration for 5
years with nary a problem. I updated to 2.5-STABLE5 in May, and recently to
STABLE6 and am having occasional authentication problems ( 6 times in 5
months ).
Several times a day I gather passwd files from various servers an
> On Wed, 22 Sep 2004, Mustafa ERGUC wrote:
>
> > delay_parameters 1 4000/12000 what does this mean?
>
> That there will be a bucket size of 12000 bytes and each second 4000 bytes
> is added to this bucket.
>
> Or in other words, the clients of this pool can download bursts of up to
> 12000 byt
Hello there,
Have you verified it is not the ICAP server software which is failing?
I've just re-installed my "old" .STABLE5 ICAP version which worked fine.
Will have a look at this one. If it works, I'll let you know, then it
must be a bug in the ICAP patch.
Florian
On Wed, 22 Sep 2004, Florian Effenberger wrote:
recently, I experience a lot of problems with the ICAP patch. From time to
time, clients receive the Squid error page telling that ICAP is unavailable.
The ICAP server is ISS Proventia Web Filter.
Have you verified it is not the ICAP server software
On Wed, 22 Sep 2004, Alex Sharaz wrote:
Is there any way I can perform the authentication scheme over a secure
connection
Pick one (or two):
* Use of Digest authentication.
* Use of NTLM authentication.
* SSL encryption of the client<->proxy traffic. Requires a client wich
supports SSL encryption
On Wed, 22 Sep 2004, Mustafa ERGUC wrote:
delay_parameters 1 4000/12000 what does this mean?
That there will be a bucket size of 12000 bytes and each second 4000 bytes
is added to this bucket.
Or in other words, the clients of this pool can download bursts of up to
12000 bytes without getting li
On Wed, 22 Sep 2004, Mueller, Thomas wrote:
Thanks for your fast answer.
I found the problem:
I'm running SuSE Proxy Suite and the suite is listening on port 21.
The suite shouldn't establish a connection directly to the Internet, because
I want to have a next proxy (Viruswall) which scans all the
Hello there,
recently, I experience a lot of problems with the ICAP patch. From time
to time, clients receive the Squid error page telling that ICAP is
unavailable. The ICAP server is ISS Proventia Web Filter.
Here is what the log file says:
2004/09/22 07:35:11| Ready to serve requests.
2004/09/
Gareth Evans wrote:
> Adam Aube wrote:
>> Gareth Evans wrote:
>>> I've setup Squid-2.5.Stable4 using ncsa_auth and created a new password
>>> file using htpasswd.
>>> When I try to visit any web-sites I get the login box as expected but it
>>> doesn't accept my username or password.
>>> I've t
Hi Adam,
Thanks for your quick reply.
The Squid user has full access to the password file.
Cheers,
Gareth.
>
>
> -Original Message-
> From: Adam Aube <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Date: Wed, 22 Sep 2004 10:32:00 -0400
> Subject: [squid-users] Re: ncsa_auth reject
>
>
Chaps,
I'm currently using a basic auth scheme on our squid caches that uses a
radius authentication module
From the squid FAQ
"NOTE: The name and password are encoded using ``base64'' (See section 11.1
of RFC 2616). However, base64 is a binary-to-text encoding only, it does
NOT encrypt the inf
I would like to be able to use a web page on my Apache server to validate a
users id and password, and then redirect them on to another external site
via a copy of Squid installed on the same machine. I have seen numerous
references to this as a possibility, but can anyone give me confirmation
tha
Gareth Evans wrote:
> I've setup Squid-2.5.Stable4 using ncsa_auth and created a new password
> file using htpasswd.
> When I try to visit any web-sites I get the login box as expected but it
> doesn't accept my username or password.
> I've tried echoing my username and password to ncsa_auth fro
I'am using delay_pools but I really does not understand assigned parameters
using delay_parameters
for example
delay_pools 1
delay_class 1 1
delay parameters 1 4000/4000 I undestood that the first 4000 is given
bw to bucket what is second 4000 and if I did
delay_parameters 1 4000/12000
Thanks for your fast answer.
I found the problem:
I'm running SuSE Proxy Suite and the suite is listening on port 21.
The suite shouldn't establish a connection directly to the Internet, because
I want to have a next proxy (Viruswall) which scans all the http and ftp
traffic.
Is it possible to te
On Wed, 22 Sep 2004, Mueller, Thomas wrote:
I'm trying to get an ftp connection via SmartFTP and "http connection
tunnel" and receive this error (CONNECT Command is enabled) :
"IP" "User" - [22/Sep/2004:14:51:15 +0200] "CONNECT
oracle-ftp.oracle.com:21 HTTP/1.1" 0 226 TCP_
On Wed, 22 Sep 2004, Martyn Bright wrote:
Interestingly, I have been tasked with evaluating a number of different
proxies on both Windows and Linux. To date, the only one that has exhibited
this https/auth/domain name stripping problem has been Squid. Does that
mean that the others are effectivel
On Wed, 22 Sep 2004, Michael Smirnov wrote:
I think about a patch for Squid, which will make it
write a record after every N bytes of downloaded data (or every N minutes)
in every session.
There was such patch posted not long ago, probably on the squid-dev list..
Regards
Henrik
On Wed, 22 Sep 2004, Eduardo Naiderman wrote:
Thanks, it worked fine, my only new problem is the security in the
authentication. Setting client_persistent_connections off, the user and
password is passing in plain text.
This is always the case when using basic authentication, no matter what
the
On Weds 22 Sep 2004, Henrik Nordstrom wrote:
>
> On Tue, 21 Sep 2004, Eduardo Naiderman wrote:
>
> > I'm using squid/2.5.STABLE3 with authentication and I'm having some
> > poblems when I use a https link in a mail or in a Word Document. I've
> > debug in my PC with Ethereal and Windows is not
Dear list,
my configuration is:
Version is Squid 2 Stable 3, system is SuSE 6.4
Problem:
Internal Proxy forwarded to next proxy:
cache_peer "IP_Adress" parent 8080 7 no-query
acl all src 0.0.0.0/0.0.0.0
never_direct allow all
I'm trying to get a
Thanks, it worked fine, my only new problem is the security in the authentication.
Setting client_persistent_connections off, the user and password is passing in plain
text.
Do you know how can I solve both problems at the same time?
Thanks,
Eduardo
>>> Henrik Nordstrom <[EMAIL PROTECTE
Hi all,
I've setup Squid-2.5.Stable4 using ncsa_auth and created a new password file using
htpasswd.
When I try to visit any web-sites I get the login box as expected but it doesn't
accept my
username or password. The access.log file makes the following entry for every attempt:
1095855758
We have a accounting/billing system, based on Squid on FreeBSD 4.x/5.x.
Squid writes its access.log to a "named pipe" (created by command "mkfifo").
A separate daemon reads data from this pipe, and communicates with the database,
decreaseing users' limits after they download something.
However, we
Hi Folks,
Just have some questions about delay_pools here.
I have a DSL line here width 1000 users on it. HTTP-access need to be
shaped and our proxy is squid-2.5-STABLE-6.
All users needs to be shaped at the same speed. What I want to slow
down are HTTP-downloads. When no users are on the intern
dansguardian can be used for virus scanning,
squid-vscan is also another good tool, but these
helpers adversly effect the browsing speed and cache
engine purpose. For scaning certain words, you have to
write some kind of parser in perl or what so ever
which can parse the HTTP content for specific s
Hi everybody,
I see these messages in the gateway router all the time Normally these
messages should come only when the Cache Engines are discovered by the
router for the fist time.
gw-7206>sho log
.Sep 15 12:53:07: %WCCP-1-CACHELOST: Web Cache 0.0.0.142 lost
.Sep 15 12:53:20: %WCCP-5-CACHEFOUN
On Wed, 22 Sep 2004, Hannes Schmidt wrote:
Unfortunately it's not. If it were static, I could simply use IP-based
filtering on the website and I wouldn't need to involve the proxy at all,
right?
I thougt you wanted to handle different local users differently..
If all you need is to identify traffic
Henrik Nordstrom wrote:
> On Tue, 21 Sep 2004, Hannes Schmidt wrote:
>
>>> You also have the X-Forwarded-For header which can be used by the
>>> site to identify your users by IP.
>>
>> Our local IPs are from the 192.168.X.Y range, so this solution might
>> be a little unreliable.
>
> I assume y
On Wed, 22 Sep 2004, Li Wei wrote:
However, in this case, they can access Internet via the Squid except MSN
I got the following logs from the access.log.
095832661.396 8 192.167.49.86 TCP_DENIED/407 2207 POST http://gateway.messl
1095832664.77612 192.167.49.86 TCP_DENIED/407 2207 POST http
On Wed, 22 Sep 2004, [ISO-8859-1] "Jürgen Fischer" wrote:
Or your can use the NTLM authentication proxy to make the proxy
authenticate using NTLM to the web server and Client
That means, the User is not authenticated with his Windows-Client User, but
the Proxy uses one User and Password for all con
hi, masters
I was going to make others log on MSN through my Squid server.
The Squid server is installed at my side, and others' PC are located within another
different subnet. The routing between the two subnet is via a router, and
accessible.
However, in this case, they can access Internet via
42 matches
Mail list logo