On Mon, Feb 27, 2012 at 11:01 PM, Amos Jeffries squ...@treenet.co.nz wrote:
3.2.0.15+ will do a soft-fail type behaviour, which allows the request
through but does not allow caching of the response and only relays the
original destination IP. Which hides the problems from client visibility,
at
On 28.02.12 01:24, Muhammad Yousuf Khan wrote:
Thank you very much for you help i also thought for the same but it
doesn't help me. because i like to block this on certain time window.
like it will b allowed only in lunch hours or after COB so this might
not work. any suggestion on this
Hi,
I'm getting:
configure:26480: WARNING: Missing needed capabilities (libcap or
libcap2) for TPROXY
configure:26482: WARNING: Linux Transparent Proxy support WILL NOT be
enabled
configure:26484: WARNING: Reduced support to Interception Proxy
when I ./configure --prefix=/usr/squid
On 28/02/2012 11:17 p.m., cc wrote:
Hi,
I'm getting:
configure:26480: WARNING: Missing needed capabilities (libcap or
libcap2) for TPROXY
configure:26482: WARNING: Linux Transparent Proxy support WILL NOT be
enabled
configure:26484: WARNING: Reduced support to Interception Proxy
when I
On 2/28/2012 3:47 PM, cc wrote:
Hi,
I'm getting:
configure:26480: WARNING: Missing needed capabilities (libcap or
libcap2) for TPROXY
configure:26482: WARNING: Linux Transparent Proxy support WILL NOT be
enabled
configure:26484: WARNING: Reduced support to Interception Proxy
Even i had got
On 28/02/2012 11:53 p.m., parashuram wrote:
On 2/28/2012 3:47 PM, cc wrote:
Hi,
I'm getting:
configure:26480: WARNING: Missing needed capabilities (libcap or
libcap2) for TPROXY
configure:26482: WARNING: Linux Transparent Proxy support WILL NOT be
enabled
configure:26484: WARNING: Reduced
On 28/02/2012 9:07 p.m., Erwann Pencreach wrote:
Hi all,
here is what I've done in squid.conf :
external_acl_type loggeduser children=15 %DST %SRC
/etc/squid3/squid.d/loggeduser_acl.sh
acl isok external loggeduser
http_access allow isok
If you add an ID you can use concurrency to reduce
2012/2/28 Amos Jeffries squ...@treenet.co.nz:
On 28/02/2012 9:07 p.m., Erwann Pencreach wrote:
Hi all,
here is what I've done in squid.conf :
external_acl_type loggeduser children=15 %DST %SRC
/etc/squid3/squid.d/loggeduser_acl.sh
acl isok external loggeduser
http_access allow isok
If
Ok I have a network 192.168.1.x with squid proxy 192.168.1.205 upstream of
network 10.10.1.x which is my local network with squid proxy at 10.10.1.105
Both squids are 3.1.16 Debian and I need to know which lines to add
to the conf
to allow cache peering to the upstream proxy cache. Of course
Hi All,
I have a problem with my squid's.
Squid stops working several times a day.
Although the process is up and running, our users get timeouts at port 80.
When this happens even the telnet on port 80 stops working. With no error
messages in log.
The only thing that warns me that something
Hi All,
I have a problem with my squid's.
Squid stops working several times a day.
Although the process is up and running, our users get timeouts at port 80.
When this happens even the telnet on port 80 stops working. With no error
messages in log.
The only thing that warns me that something is
Hi
What's the best way to 403 any site that people go via IP address
instead of hostname?
if someone goes to http://64.237.55.82/ vs http://alexus.org/
so if someone types in http://alexus.org/ it should work yet if
someone types in http://64.237.55.82 it should not
--
http://alexus.org/
Hi,
I have squid 3.1 with 32M cache memory, but there's something called
ordinal block keeps growing out of control taking about 500M memory,
any way we could restrict that growth?
Cheers.
Thanks,
if i use squid as non transparent proxy would it work for HTTPS for
just blocking a domain.
Thanks.
On Tue, Feb 28, 2012 at 3:13 PM, Matus UHLAR - fantomas
uh...@fantomas.sk wrote:
On 28.02.12 01:24, Muhammad Yousuf Khan wrote:
Thank you very much for you help i also thought for the
On 2/28/2012 2:54 PM, karj wrote:
Hi All,
I have a problem with my squid's.
Squid stops working several times a day.
The only thing that warns me that something is wrong in cache.log is the
Detected DEAD Sibling: xxx.xx.xxx.xxx message.
After a few seconds everything goes back to normal.
We are
I currently have two networks, one is upstream of the other
192.168.1.x with squid 3.1.16 cache @ 129.168.1.205
and down stream
10.10.1.x network with 10.10.1.105 Squid 3.1.16 Proxy cache
I need to know what I need to ad to the 10.10.1.x proxy config file to
enable caching from the
On 29.02.2012 02:50, E.S. Rosenberg wrote:
2012/2/28 Amos Jeffries squ...@treenet.co.nz:
On 28/02/2012 9:07 p.m., Erwann Pencreach wrote:
Hi all,
here is what I've done in squid.conf :
external_acl_type loggeduser children=15 %DST %SRC
/etc/squid3/squid.d/loggeduser_acl.sh
acl isok external
As far as I always understood from the docs (but I may be wrong) any
domain listed in a dstdomain list will also cover the IP associated
with the domain IF the IP has that domain related to it when you do a
reverse lookup on the IP.
So for most big websites/domains that will usually work but small
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi friends,
I have a problem for implement kerberos authentication on my squid
server. I'm using this article of the squid wiki:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
My server is Red Hat Enterprise Linux
Hi friends,
I have a problem for implement kerberos authentication on my squid
server. I'm using this article of the squid wiki:
http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
My server is Red Hat Enterprise Linux (minimal) 6.2 (all package
updated), with the
On 29.02.2012 01:51, Erwann Pencreach wrote:
Hi,
I don't really understand the trick with the Id, but I'll have a look
at it
Its a concurrency support. Allowing Squid to schedule more than one
lookup at a time for the helper. You then add concurrency=N with some N
value greater than 1 for
Hello,
I am in the process of building some test squid instances for possible
deployment and have come across an issue where the user squid runs under
seems not be allowed access to the winbind pipe when the user is in the
proper group. Here are the details:
Ubuntu 11.04
Squid 3.1.11 (from the
On 29.02.2012 07:09, Yucong Sun wrote:
Hi,
I have squid 3.1 with 32M cache memory, but there's something called
ordinal block keeps growing out of control taking about 500M memory,
any way we could restrict that growth?
Where are you getting that information? in particular where does the
On 29.02.2012 12:35, E.S. Rosenberg wrote:
As far as I always understood from the docs (but I may be wrong) any
domain listed in a dstdomain list will also cover the IP associated
with the domain IF the IP has that domain related to it when you do a
reverse lookup on the IP.
So for most big
Amos Jeffries wrote:
Two things:
1) libpcap is not libcap or libcap2. libcap2 is a linux
security library to enable low-privileged users capabilities (get
it cap...) for safe access to high security actions (specifically
IP spoofing). [I can't say where to find it sorry, maybe somone
On 29/02/2012 10:57 a.m., Benjamin E. Nichols wrote:
I currently have two networks, one is upstream of the other
192.168.1.x with squid 3.1.16 cache @ 129.168.1.205
and down stream
10.10.1.x network with 10.10.1.105 Squid 3.1.16 Proxy cache
I need to know what I need to ad to the
On 29/02/2012 9:27 a.m., Muhammad Yousuf Khan wrote:
Thanks,
if i use squid as non transparent proxy would it work for HTTPS for
just blocking a domain.
Yes. HTTPS tunnel CONNECT requests have a special type of URL, which
only contains deatinstion domain name and port. You can use the
On 29/02/2012 4:58 p.m., cc wrote:
Amos Jeffries wrote:
Two things:
1) libpcap is not libcap or libcap2. libcap2 is a linux
security library to enable low-privileged users capabilities (get
it cap...) for safe access to high security actions (specifically
IP spoofing). [I can't say where
Well, it appears that this is a known issue on Debian variants. Disabling
the cache_effective_group setting seems to have fixed the issue. Got the
idea from this thread:
http://old.nabble.com/Bug-307257:-About-winbind-3-and-squid-with-ntlm-authe
ntication-(Debian-Bug--307257)-td10390962.html
here's the request from mgr:info
Memory usage for squid via mallinfo():
Total space in arena: 536788 KB
Ordinary blocks: 173203 KB 4895 blks
Small blocks: 0 KB 0 blks
Holding blocks: 1420 KB 3 blks
Free Small
Memory usage for squid via mallinfo():
Total space in arena: 536788 KB
Ordinary blocks: 173203 KB 4895 blks
Small blocks: 0 KB 0 blks
Holding blocks: 1420 KB 3 blks
Free Small blocks: 0 KB
Free
link)
So my question now is: Which option would squid go with, in order to compile
with --enable-ssl on Mac OS X?
In the meantime, I tried to get around it without --disable-ssl or without
--enable-ssl. In that case, make of squid-3.2.0.15-20120228-r11519 stops at:
/bin/sh ../../libtool --tag=CXX
On 2/29/2012 3:17 AM, YJZ wrote:
So my question now is: Which option would squid go with, in order to compile
with --enable-ssl on Mac OS X?
Hello!
Looks like a trap, I would go with Openssl
Just download, ./configure --prefix someplace and when compiling squid
tell ./configure where to find
On 29/02/2012 5:54 p.m., Chris Waters wrote:
Well, it appears that this is a known issue on Debian variants. Disabling
the cache_effective_group setting seems to have fixed the issue. Got the
idea from this thread:
http://old.nabble.com/Bug-307257:-About-winbind-3-and-squid-with-ntlm-authe
34 matches
Mail list logo