from:"squid\-list"

[squid-users] Reg - Squid can cache the chrome OS updates.

2015-06-25 Thread Squid List


Hi,

Is the Squid can cache Microsoft Updates and IOS Updates?

If its cache means, please help me out for cache Chrome OS updates in 
latest squid version that is installed in CentOS 6.6.



Thanks & Regards,
Nithi

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] problem with squid_ldap_auth

2014-10-23 Thread squid-list


Hi,

I think the error is not with squid version, it might be the connection 
problem between proxy server and  LDAP server. Please, check the 
reachability of LDAP server from the proxy server and also Just check 
the DNS configuration whether you have correctly configured it in proxy 
server.


First, You can try the test connection to the LDAP sever from the 
terminal, if it succeed then you can modify the squid configuration. I 
have given a sample one, modify the domain and credentials according to 
your one and try.


[root@test ~] #  /usr/lib64/squid/squid_ldap_auth -R -b 
"dc=test,dc=com" -D "CN=admin,DC=test,DC=com" -w "password" -f 
sAMAccountName=%s  -h 192.168.195.195

username password
OK

If you get the output "OK", then you have successfully tested the 
connection with the LDAP server. If you cannot establish the connection 
with LDAP server, then you will get the same error.


[root@test ~] #  /usr/lib64/squid/squid_ldap_auth -R -b 
"dc=test,dc=com" -D "CN=admin,DC=test,DC=com" -w "password" -f 
sAMAccountName=%s  -h 192.168.195.195

username password
squid_ldap_auth: WARNING, could not bind to binddn 'Can't 
contact LDAP server'


Regards,
ViSolve Squid

On 10/24/2014 06:11 AM, Julie Xu wrote:


Hi

I have squid installed and trying to contact Ldap.

Below command is working for older squid, but not new one and both 
server are Redhat 6.5 (Santiago)


auth_param basic program /usr/lib64/squid/squid_ldap_auth -b 
ou=xx,dc=xx,dc=xx,dc=xx,dc=xx -f (&(cn=%s)(objectClass=*)) -u cn -s 
sub -P -c 5 -t 5 -R -a never -D 
cn=Lookup,ou=xx,dc=xx,dc=xx,dc=xx,dc=xx -w x mydomain


error message is:

squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP 
server'


squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP 
server'


squid_ldap_auth: WARNING, could not bind to binddn 'Can't contact LDAP 
server'


to stop type isse, I have scp the squid.conf from older one to new 
one? And restart the squid; and also tried to copy firewall 
configuration over to new box, in case some firewall issue. It is 
still not help.


Could any one advice me what is the possible issue related?

Any comments will be appreciated

Thanks in advance

Julie



___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid ACL, SSL-BUMP and authentication questions

2014-11-06 Thread squid-list


Hi,
*
**"Access to google maps(https://www.google.com/maps) should prevent any 
authentication need"*


I could understand that all users should be able to access the google 
maps link without any authentication. For this you could add the site 
acl before the authentication part in the squid conf. So that users will 
not prompt for the authentication when the user try to access the google 
map site. But when they try to access any other site authentication will 
be prompted.


(i.e)
acl GoogleMaps   url_regex -i ^https://www.google.com/maps*.
acl allow GoogleMaps all

auth_param basic children 5

auth_param basic realm Welcome to Our Website!

auth_param basic program /usr/lib64/squid/basic_ncsa_auth 
/etc/squid/squid_user


auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off




I am not clear about the remaining part of the content.

Regards,
ViSolve Squid

On 11/07/2014 08:55 AM, sq...@icshk.com wrote:


Hello all,

As our company policy only allow some machines to access to some SSL 
website URL(eg. https://www.google.com/maps). However, they do not 
have access to https://www.google.com/ Before, we tried to implement 
authentication, everything works fine. We try to allow https access to 
https://www.google.com/maps and “CONNECT” request to www.google.com 
 using SSL bump. Now, I want to preserve this 
config, and let user to authenicate to access to any website. Access 
to google maps(https://www.google.com/maps) should prevent any 
authentication need. However, I am not success to figure this out. I 
have tried different kinds of configuration, some will prompt for 
authentication. Some will not allow the authenticated users to access 
to https://www.google.com. From the access log, after I authenticate 
and try to access to https://www.google.com, the authentication 
information is not displayed. Seems squid do not use the 
authentication information when matching the this rule: 
“http_access allow   CONNECT google”.


The “CONNECT” method is success. Then, the squid will continue use no 
authentication information to process the “GET” command, causing the 
authenticated user to denied access to https://www.google.com.


Can I make squid always use the authentication information if already 
authenticate ? Or any suggestion to implement this policy.


Thanks.

Here is an extracted version of config which should state the related 
configuration:


auth_param basic children 5

auth_param basic realm Welcome to Our Website!

auth_param basic program /usr/lib64/squid/basic_ncsa_auth 
/etc/squid/squid_user


auth_param basic credentialsttl 2 hours

auth_param basic casesensitive off

acl my_auth proxy_auth REQUIRED

acl SSL_ports port 443

acl Safe_ports port 443 # https

acl CONNECT method CONNECT

acl GoogleMaps   url_regex -i ^https://www.google.com/maps*.

acl test_net src 192.168.1.253/32

acl googledstdomain www.google.com 



http_access deny CONNECT !SSL_ports

http_access allow   GoogleMaps

http_access allow   CONNECT google

http_access denyCONNECT google my_auth

#http_access allow   CONNECT test_net google

http_access allow   my_authall

http_access denyall



___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] squid authentication , & ACL select from databse SQL , is that possible ?

2015-02-11 Thread squid-list


Hi,

You can authenticate user and password from sql database using the 
helper "squid_db_auth".


But, allowing website for corresponding user by storing in db is not 
possible. You can use various ACLs to control the site access for the 
individual users.


Instead of storing website in particular column in db, you can store it 
in separate txt file and can control the site access of the users.


Squid will support user defined helper. If it necessary to verify site 
from db, you can create your own helper as per you requirement and you 
can use it. If you need any customization assistance, you can contact 
us(sq...@visolve.com).


Regards,
Siva Prakash
ViSolve Squid Team

On 02/12/2015 06:25 AM, snakeeyes wrote:


Hi

I need to do many operations :

I need squid with sql with the following needs :

1-Squid authenticate user/pwd from sql databse.

2-Then if authentication was okay  , they I need to see that username 
logged in and go to sql databse and select from there a cloum with the 
websites correspond to that user


3-Then I will do access list that permit the websites domain name only 
for that user based on info from sql.


Is that possible with squid ?

Im using last squid stable version 3.5.1 and hope it be okay .

cheers



___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] How can i keep log files for longer periods?

2015-03-17 Thread squid-list


Hi,

You can use the following in squid configuration to have access log for 
log time.


*logfile_rotate 10*

It will keep last 10 access log of squid. If you wish to have log for 
month, use it as 30. You may rotate squid log using crontab. Following 
will rotate log at every morning 6.


00  6   *   *   *  squid -k rotate

- Siva Prakash

On 03/17/2015 03:20 PM, Brijesh B. Mehta wrote:

Hello,

I am new to squid and using it for few days. i found that in my squid
configuration (which default i guess) access log of only three days is
being maintained (/var/log/squid3/). Now i want to store access log of
more than 3 days say for month so what changes i need to make in my
configuration file? I already read about rotate a log file but it
confused me so i haven't tried it yet.
Kindly provide me some solution

Thanks

Regards,

Mr. Brijesh B. Mehta
Research Scholar,
Computer Engineering Department,
S. V. National Institute of Technology,
Surat - 395007
Gujarat, India
http://brijeshbmehta.wordpress.com/

Tips:
If you forward this email, please delete the forward history,
including my email address.
Remember, erasing the history helps to prevent SPAMMERS from mining
addresses and viruses from being propagated.
Also enter the addresses on the "Bcc" line to hide them from others.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Reg - Squid can cache the chrome OS updates.

Re: [squid-users] problem with squid_ldap_auth

Re: [squid-users] Squid ACL, SSL-BUMP and authentication questions

Re: [squid-users] squid authentication , & ACL select from databse SQL , is that possible ?

Re: [squid-users] How can i keep log files for longer periods?

5 matches

Site Navigation

Mail list logo

Footer information