Hi
I have squid 3.5.12 working as a reverse proxy
cache_peer 127.0.0.1 \
parent 443 0 proxy-only no-query no-digest originserver \
login=PASS \
ssl \
sslcafile=/etc/pki/tls/certs/ca-bundle.crt \
sslflags=DONT_VERIFY_PEER \
name=webServer
This points to httpd which has a
Hai,
> ok thanks. I think the system guys use samba and winbind to join linux
> machines to domain independetly services installed
Thats good, but if you want fallback and make NTLM work
( for only kerberos its not needed )
You want something like :
auth_param negotiate program /usr/lib/squ
ok thanks. I think the system guys use samba and winbind to join linux
machines to domain independetly services installed
2015-12-29 16:10 GMT+01:00 Eliezer Croitoru :
> Hey Fabio,
>
> If you do want to use kerberos you do not need to use winbindd there are
> other options.
> (I have not tried the
Rather then non squid it would be the iptables and routing related things.
However if you are intercepting https or http connections your might
want to add some exceptions in the iptables to avoid the additional web
servers traffic being intercepted by squid.
Eliezer
On 29/12/2015 14:43, Euge
Hey Fabio,
If you do want to use kerberos you do not need to use winbindd there are
other options.
(I have not tried them both yet)
Eliezer
On 29/12/2015 16:30, Fabio Bucci wrote:
Hi Amos,
i'm trying to implement kerberos as you suggested me. But following
the guide i read "Do not use this m
Hai,
> i read "Do not use this method if you run winbindd or other samba
> services as samba will reset the machine password every x days and
> thereby makes the keytab invalid
Seems wrong to me.
If you use samba 4. ( dont know if its the same for samba 3 )
Make sure you have this in smb.c
Hi Amos,
i'm trying to implement kerberos as you suggested me. But following
the guide i read "Do not use this method if you run winbindd or other
samba services as samba will reset the machine password every x days
and thereby makes the keytab invalid !!" and my system guy told me we
use winbindd
ciao Luigi
I ask to update the distro to squid 3.4.14, the last stable version,
released in august.
Rationale :
1) various bugs and memory leaks fixed;
2) security fix for CVE 2015 5400;
3) support for Alternate-Protocol HTTP header.
I need 3) to disable QUIC on youtube, otherwise squid3 cannot
Em 29/12/15 10:43, Eugene M. Zheganin escreveu:
Hi.
On 29.12.2015 17:05, Reet Vyas wrote:
Hi
I have working squid3.5.4 configuration with ssl bump, I am using this
squid machine as router and have external IP to it and have a leased
line connection but with leased line I have 10 extra IP addre
Hi.
On 29.12.2015 17:05, Reet Vyas wrote:
> Hi
>
> I have working squid3.5.4 configuration with ssl bump, I am using this
> squid machine as router and have external IP to it and have a leased
> line connection but with leased line I have 10 extra IP address and I
> want to NAT those external ip t
Hi
I have working squid3.5.4 configuration with ssl bump, I am using this
squid machine as router and have external IP to it and have a leased line
connection but with leased line I have 10 extra IP address and I want to
NAT those external ip to local ip on same network, like we do in our
router,
11 matches
Mail list logo
