Thanks for your reply.
> Date: Fri, 28 Nov 2008 16:19:36 +1300
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> CC: [EMAIL PROTECTED]; squid-users@squid-cache.org
> Subject: Re: [squid-users] Can squid acted as a application SSL proxy
>
> 李春 wrote:
>> Thanks for you help.
>> But I am sorry yo
yes i found the problem,
it's because Server A ( squid ) use round-robin Parent to server B
that have HAVP and squid in one machine :(
thx for the support and info
On Fri, Nov 28, 2008 at 10:25 AM, Amos Jeffries <[EMAIL PROTECTED]> wrote:
> ░▒▓ ɹɐzǝupɐɥʞ ɐzɹıɯ ▓▒░ wrote:
>>
>> hi all
>> i have pr
Thanks Christos,
Found my error in spelling mistake for downloads instead of download.
but how come eicar.com and eicar.com.txt dint had any problem. Problem was
only for compress files i guess coz i requires to download and scan
One more question
Is it possible to scan (download) any https requ
2008/9/29 Amos Jeffries <[EMAIL PROTECTED]>:
> Squid-2 has issues with handling of very large individual files being
> somewhat slow.
Only if you have an insanely large cache_mem and
maximum_object_size_in_memory setting. Very large individual files on
disk are handled just as efficiently across
Gah, they way they work is really quite simple.
* ufs does the disk io at the time the request happens. It used to try
using select/poll on the disk fds from what I can gather in the deep,
deep dark history of CVS but that was probably so the disk io happened
in the next IO loop so recursion was a
Wilson Hernandez - MSD, S. A. wrote:
Yes. I did run squid -z and it created all the directories.
Paul Bertain wrote:
Hi Wilson,
Did you run "squid -z" after changing your settings? For themto take
effect, I believe you need to run "squid -a" again.
Paul
On Nov 28, 2008, at 15:53, "Wilso
░▒▓ ɹɐzǝupɐɥʞ ɐzɹıɯ ▓▒░ wrote:
hi all
i have problem here
server A 192.168.222.111 squid port 2210
server B 192.168.222.100 squid port 2012
when i put this line on Server A on the first line
cache_peer 192.168.222.100 parent 2012 0 no-query no-digest default
and i put this line at server B
Fir
李春 wrote:
> Thanks for you help.
> But I am sorry you may mistook my meaning entirely.
> I do not need the http proxy and cache functionality of squid.
> I just wander that if the squid can receive the client SSL connetion( or
> packages)
> , decode it and tranfer the data with no SSL to the serve
Mariel Sebedio wrote:
Hello, I have a squid-2.6.STABLE16-2.fc8 on RHEL 5.1
I need to access a this video on Macromedia-Flash but my squid
configuration does not permit.
This is de url:
http://wireless.agilent.com/vcentral/viewvideo.aspx?vid=349
When I test de page whitout squid this acces
Matus UHLAR - fantomas wrote:
On 26.11.08 10:57, [EMAIL PROTECTED] wrote:
Please set up your mailer to wrap lines below 80 characters per line.
I have a proxy-to-proxy setup (without ICP) and it is working wonderfully
with the exception of cases whereby IE users attempt to connect to a
remote
Ressa wrote:
Hi,
I was wondering can I made the squid log their activities to the
database server (such as MySQL or something) and is there any tools can
provide information from those database.
Thanks
't would be a rarity. Especially as Squid does not natively support
database logging an
Koopmann, Jan-Peter wrote:
Hi,
we are using squid as reverse proxy for Outlook RPC over HTTPS without
any problems. Today some iPhone users/customers wanted to use Exchange
ActiveSync as well so I decided to "simply" allow
/Microsoft-Server-ActiveSync/* as well and hoped all is well. Far from
it
Lluis Ribes wrote:
Hi,
I've finally resolve my problem. I compiled the version 3 STABLE10 with
--with-filedescriptors=8192 and --prefix=/opt/squid. After this, I shutdown
down Squid, I ran "make install" and squid was installed in the same Debian
default location (/opt/squid/), but only the bina
Thanks for you help.
But I am sorry you may mistook my meaning entirely.
I do not need the http proxy and cache functionality of squid.
I just wander that if the squid can receive the client SSL connetion( or
packages)
, decode it and tranfer the data with no SSL to the server as a transparent
l
Yes. I did run squid -z and it created all the directories.
Paul Bertain wrote:
Hi Wilson,
Did you run "squid -z" after changing your settings? For themto take
effect, I believe you need to run "squid -a" again.
Paul
On Nov 28, 2008, at 15:53, "Wilson Hernandez - MSD, S. A."
<[EMAIL PRO
Hi Wilson,
Did you run "squid -z" after changing your settings? For themto take
effect, I believe you need to run "squid -a" again.
Paul
On Nov 28, 2008, at 15:53, "Wilson Hernandez - MSD, S. A."
<[EMAIL PROTECTED]> wrote:
Hello;
I currently have a network with about 30 users and my
Hello;
I currently have a network with about 30 users and my swap space tends
to fill up quite quickly. I increased the swap three weeks ago from:
#cache_dir ufs /var/log/squid/cache 5000 16 256 to
cache_dir ufs /var/log/squid/cache 1 255 255
Now, I'm getting the same warning:
2008/11/27
B. Cook wrote:
On Nov 22, 2008, at 7:30 AM, Amos Jeffries wrote:
8< -- snip -- >8
That said BSD family of systems get more out of diskd than aufs in
current Squid.
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10
Current Beta Squid 3.1.0.2
Hello,
Sorry to both
Hi Remy,
OK so squid use the ICAP server and probably the squid part of your
configuration is OK.
Please look on both squid logs and icap server logs for error messages.
Should exist something in the logs which explains the reason of the error.
Also look in your c-icap configuration. For e
You might try squid_kerb_auth which uses Negotiate/Kerberos instead of NTLM
or Negotiate/NTLM.
Markus
"Matias Chris" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Henrik,
I have tried LDAP authentication in the past and stop using it becouse
of the passwords being sent in clear
Thanks Christos,
after purging it form squid cache it work fine able to scan.
But now another problem when I try to download a zip virus file
http://www.eicar.org/download/eicar_com.zip
ERROR in the browser
The following error was encountered while trying to retrieve the URL:
http://www.eicar.org
OK this is when your are using the icap-client.What about when you are
using squid3?
- Are you seeing any log entries in c-icap log files? Just to see if
squid contacts the icap server...
- Do you see any error message in squid3 cache.log file? Maybe for a
reason squid can not access the ic
Test sample output
/usr/local/c_icap/bin# /usr/local/c_icap/bin/icap-client -f
/home/remy/Desktop/eicar.com.txt -s
"srv_clamav?allow204=on&force=on&sizelimit=off&mode=simple"
ICAP server:localhost, ip:127.0.0.1, port:1344
VIRUS FOUND
You try to upload/download a file that contain the viru
[EMAIL PROTECTED] wrote:
Hi Christos,
I think I have not made my self clear
first of all I don't have icap_class and icap_access in my squid.conf file
since you said
Your configuration should also contain something like the following:
icap_class class_avi service_avi
icap_access class_
Henrik,
I have tried LDAP authentication in the past and stop using it becouse
of the passwords being sent in clear text. I read about TLS but then I
would need my DC to be a CA and that is not feasible at the moment. So
Im testing NTLMSSP now, but is not being very stable and also read
that is no
Chris,
Thanks, that pretty much cleared my doubt.
On Wed, Nov 26, 2008 at 6:33 PM, Chris Robertson <[EMAIL PROTECTED]> wrote:
> Matias Chris wrote:
>>
>> Hello All,
>>
>> Im currently in the process of changing the way we authenticate users
>> from LDAP to NTLMSSP. Now we are in test phase and w
Matus UHLAR - fantomas wrote:
On 26.11.08 17:58, Tom Williams wrote:
Ok, I'm adding SSL support to my Squid 3 reverse proxy configuration.
Here are the configuration directives:
http_port 8085 accel defaultsite=www.mydomain.com vhost
https_port 4433 accel cert=/etc/ssl/cert/www_mydomain_com
Hi Christos,
I think I have not made my self clear
first of all I don't have icap_class and icap_access in my squid.conf file
since you said
>>> Your configuration should also contain something like the following:
>>>
>>>icap_class class_avi service_avi
>>>icap_access class_avi allow all
Is that per-flow, or in total?
Adrian
2008/11/24 Ken DBA <[EMAIL PROTECTED]>:
> Hello,
>
> I was just finding the flow capacity for Squid is too limited.
> It's even hard to reach an upper limit of 150 MBits.
>
> How can I improve the flow capacity for Squid in the reverse-proxy mode?
> Thanks
On 26.11.08 10:57, [EMAIL PROTECTED] wrote:
Please set up your mailer to wrap lines below 80 characters per line.
> I have a proxy-to-proxy setup (without ICP) and it is working wonderfully
> with the exception of cases whereby IE users attempt to connect to a
> remote Citrix server. The odd thi
On 27.11.08 09:45, 李春 wrote:
Please configure your mailer to wrap lines below 80 characters per line.
> I have a client/server application program and want to add SSL module to
> it to secure the data transferring on the network. I wander that if I can
> use the squid as a SSL proxy between clien
On 27.11.08 15:02, Joar Jegleim wrote:
> I've been debugging a problem with a soap app (cognos planning) which
> brakes when being run through our squid 3.0 proxy .
> After tcpdumping the whole session and investigating with wireshark it
> seems to me that the following happens
> 1. client perform
On 27.11.08 14:13, Ken DBA wrote:
> We have some web servers for videos playing (the FLV format,like youtube).
> Could we deploy squid to act as a reverse-proxy for this application?
> What's the recommend configure for squid? Thanks.
configure it a standard reverse proxy. Avoid any techniques to
This is the basic function ability in the NTLM negotiation mechanism.
Ignore it, all logs that support NTLM authentication show two denied
requests off hand, than the connect.
HTH
-Original Message-
From: Tom Porch [mailto:[EMAIL PROTECTED]
Sent: 27 November 2008 14:24
To: squid-users@sq
On 26.11.08 17:58, Tom Williams wrote:
> Ok, I'm adding SSL support to my Squid 3 reverse proxy configuration.
>
> Here are the configuration directives:
>
> http_port 8085 accel defaultsite=www.mydomain.com vhost
> https_port 4433 accel cert=/etc/ssl/cert/www_mydomain_com.crt
> key=/etc/ssl/pri
Hi all
I've got 2.7 on a Windows box and have configured it for NTLM authentication so
I get the username logged.
However I get TCP_MISS and TCP_DENIED logged even though access is allowed to
the web sites requested.
Is there a quick fix to get it correctly logging the requests?
Thanks
Tom
Hi,
I've been debugging a problem with a soap app (cognos planning) which
brakes when being run through our squid 3.0 proxy .
>From what I've gathered so far, according to one of the developers of
the cognos appplication : "We use a lot of xml/soap communication which
is chunked"
And according
> Hi Christos,
>
> I used icap_class and icap_access but I get this
>
> 2008/11/27 17:07:44| Processing Configuration
> File: /etc/squid/squid.conf (depth 0)
> 2008/11/27 17:07:44| WARNING: 'icap_class' is depricated. Use
> 'adaptation_service_set' instead
> 2008/11/27 17:07:44| WARNING: 'icap_acc
> I used icap_class and icap_access but I get this
>
> 2008/11/27 17:07:44| Processing Configuration
> File: /etc/squid/squid.conf (depth 0)
> 2008/11/27 17:07:44| WARNING: 'icap_class' is depricated. Use
> 'adaptation_service_set' instead
> 2008/11/27 17:07:44| WARNING: 'icap_access' is depricat
Hi Christos,
I used icap_class and icap_access but I get this
2008/11/27 17:07:44| Processing Configuration
File: /etc/squid/squid.conf (depth 0)
2008/11/27 17:07:44| WARNING: 'icap_class' is depricated. Use
'adaptation_service_set' instead
2008/11/27 17:07:44| WARNING: 'icap_access' is depricat
Hi,
I've finally resolve my problem. I compiled the version 3 STABLE10 with
--with-filedescriptors=8192 and --prefix=/opt/squid. After this, I shutdown
down Squid, I ran "make install" and squid was installed in the same Debian
default location (/opt/squid/), but only the binary: my config file do
> Hi All,
>
> Need help on how to configure c-icap to scan http,https and ftp request
>
> Sample virus to test
> http://www.eicar.org/download/eicar.com
>
> my configuration is as below
> to test my setup I used the above link but it was not scanned for virus
> and I was able to downloaded it nothi
Hi All,
Need help on how to configure c-icap to scan http,https and ftp request
Sample virus to test
http://www.eicar.org/download/eicar.com
my configuration is as below
to test my setup I used the above link but it was not scanned for virus
and I was able to downloaded it nothing is working
wha
43 matches
Mail list logo