On 26/08/2016 8:35 a.m., erdosain9 wrote:
> Hi.Thanks
> Yes i have a delay pool pointing to googlevideo.com and its working... but,
> it's strange because... look this.
> The proxy for now is being tested. And I have very few users (ip) in the
> proxy.
> So i have this delay pool and acl.
>
...
>
On 26/08/2016 8:40 a.m., erdosain9 wrote:
> Is there any way to know which service (web, or whatever) provides this ip ??
> Because it consumes a lot of bandwidth.
> How do I know which machine asks for it ?? From the proxy.
>
> It also appears the ip 190.61.17.10
>
> Greetings and thanks.
Plea
On 26/08/2016 7:05 a.m., --Ahmad-- wrote:
> Hi dear “squid users “
>
> i have a question in mind on how can i limit connections for a user that is
> connected using AUTH_NTLM method
Why?
> i already added the directives below :
>
> as example , user will connect to squid and have only 50 ma
What is the squid version?
Chico Venancio
(98) 9 8800 2743
CEO - VM TECH
2016-08-25 18:53 GMT-03:00 erdosain9 :
> Thats ok i dont want to give more Bandwith, and im not interest in caching
> video.
>
>
>
> --
> View this message in context: http://squid-web-proxy-cache.
> 1019090.n4.nabble.com/L
Thats ok i dont want to give more Bandwith, and im not interest in caching
video.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Limit-Bandwith-for-youtube-tp4679182p4679201.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Everything can be much easier. Google Streaming video is not cacheable.
Absolutely. If users are watching the same video, each time it is
downloaded from the outside. Slowly and sadly.
26.08.2016 3:10, erdosain9 пишет:
> I have ssl-bump enable..
I have ssl-bump enable... I guess "quic" is not the problem.
In fact, in the pc, yes, the video slows down ... however, bandwidth,
showing the Proxy in the mikrotik is excessive ..
(sorry I do not speak English)
My delay pools are fine?
--
View this message in context:
http://squid-w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Akamai works with many companies. Antivirus providers, MS updates,
Social networks (FB, Instagram, etc.etc.etc.).
26.08.2016 2:40, erdosain9 пишет:
> Is there any way to know which service (web, or whatever) provides this ip ??
Only squid's acces
On 08/25/2016 01:56 PM, erdosain9 wrote:
> "NONE/200".. that's an error i guess.
Those lines are often "normal" when you use SslBump. If you want to know
a little more about what gets logged during SslBump processing, then
search for "logged" at
http://wiki.squid-cache.org/Features/Ssl
Is there any way to know which service (web, or whatever) provides this ip ??
Because it consumes a lot of bandwidth.
How do I know which machine asks for it ?? From the proxy.
It also appears the ip 190.61.17.10
Greetings and thanks.
--
View this message in context:
http://squid-web-proxy-c
Be aware that youtube uses the QUIC protocol (
https://en.wikipedia.org/wiki/QUIC) with browsers that support it.
Unless you block and/or manage that specific condition with your firewall,
the actual downloading of the videos will not go through Squid...
Thanks,
Jok
On Thu, Aug 25, 2016 at 1:35 P
Hi.Thanks
Yes i have a delay pool pointing to googlevideo.com and its working... but,
it's strange because... look this.
The proxy for now is being tested. And I have very few users (ip) in the
proxy.
So i have this delay pool and acl.
http_access allow localhost
http_access allow administration
h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Nod. This is informational tag AFAIK.
26.08.2016 1:56, erdosain9 пишет:
> I have a lot of
>
> "NONE/200".. that's an error i guess.
> or not??
> Thanks
>
>
>
> --
> View this message in context:
http://squid-web-proxy-cache.1019090.n4.nab
I have a lot of
"NONE/200".. that's an error i guess.
or not??
Thanks
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Strange-log-https-problem-tp4679179p4679192.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Traceroute confirm this:
root @ khorne / # traceroute 190.61.17.9
traceroute to 190.61.17.9 (190.61.17.9), 30 hops max, 40 byte packets
1 192.168.201.1 (192.168.201.1) 0.978 ms 0.798 ms 0.755 ms
2 178.88.163.97 (178.88.163.97) 24.230 ms 2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Feel free to check yoursuspicious IP:
http://www.tcpiputils.com/browse/ip-address/190.61.17.9
As you can see, this is Akamai. So, this can be (most probably)
perfectly legitimate traffic.
So, don't panic.
26.08.2016 0:58, erdosain9 пишет:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Feel free to check yoursuspicious IP:
http://www.tcpiputils.com/browse/ip-address/190.61.17.9
As you can see, this is Akamai. So, this can be (most probably)
perfectly legitimate traffic.
So, don't panic.
26.08.2016 0:58, erdosain9 пишет:
> Hi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Feel free to check yoursuspicious IP:
http://www.tcpiputils.com/browse/ip-address/190.61.17.9
As you can see, this is Akamai. So, this can be (most probably)
perfectly legitimate traffic.
So, don't panic.
26.08.2016 0:58, erdosain9 пишет:
> Hi
Hi dear “squid users “
i have a question in mind on how can i limit connections for a user that is
connected using AUTH_NTLM method
i already added the directives below :
as example , user will connect to squid and have only 50 max connections .
my config are below :
##
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
With router or L3 switch.
26.08.2016 0:58, erdosain9 пишет:
> Hi.
> I have too much traffic to this ip 190.61.17.9 i really dont know what
> it is... so i want to block that ip.
> How i can do this?
> Thanks!
>
>
>
> --
> View this message in
Hi.
I have too much traffic to this ip 190.61.17.9 i really dont know what
it is... so i want to block that ip.
How i can do this?
Thanks!
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Block-access-to-a-ip-external-tp4679184.html
Sent from the Squid -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
26.08.2016 0:39, erdosain9 пишет:
> Hi.
> i have ssl-bump enable...
>
> #
> # Squid listen Port
> http_port 192.168.1.97:3128 ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB cer
Hi.
i have ssl-bump enable...
#
# Squid listen Port
http_port 192.168.1.97:3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myca.pem
key=/etc/squid/ssl_cert/myca.pem
acl excluidosSSL dstdomain "/etc/sq
Hack the code. Because it is even worse, as firefox for example does not obey
to the TTL.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/More-host-header-forgery-pain-with-peek-splice-tp4679178p4679181.html
Sent from the Squid - Users mailing list archive a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
What is you threat as error?
26.08.2016 0:31, erdosain9 пишет:
> Hi im doing bump.
> all is working fine except that i have this error in log
>
> 49484.020 0 192.168.1.17 NONE/200 0 CONNECT www.facebook.com:443 -
> HIER_NONE/- -
> 1472149484
Hi im doing bump.
all is working fine except that i have this error in log
49484.020 0 192.168.1.17 NONE/200 0 CONNECT www.facebook.com:443 -
HIER_NONE/- -
1472149484.225 1644 192.168.1.2 TCP_MISS/200 1493 POST
https://outlook.live.com/owa/ev.owa2? - HIER_DIRECT/132.245.61.50
application/js
This one just seems to keep coming up and I'm wondering how other people
are dealing with it:
When you peek and splice a transparently proxied connection, the SNI
goes through the host validation phase. Squid does a DNS lookup for the
SNI, and if it doesn't resolve to the IP address that th
On 26/08/2016 3:27 a.m., Michael Pelletier wrote:
> Hello,
> I would like to log ACLs Pass \ Blocks in the access.log. I am using
> Logstash for a monitoring system and being able to pass this information
> allows me to do some nice graphing.
>
> Does any know how this can be done?
Besides what A
On 08/25/2016 09:27 AM, Michael Pelletier wrote:
> I would like to log ACLs Pass \ Blocks in the access.log.
If you want to log the name of the ACL that resulted in an http_access
allow or deny decision, then there is only poor/indirect support for
that right now AFAIK: You can kind of do that v
On 26/08/2016 2:58 a.m., Peter Viskup wrote:
> Hello all,
> we do experience some connection issues with SFTP and clear HTTP
> clients on Squid 3.4 version built with SSL split.
What is this "SSL split" you speak of?
Squid does not support SFTP as far as I am aware except by CONNECT
tunnelling do
On 26/08/2016 1:24 a.m., Samuraiii wrote:
> On 25.8.2016 13:24, Diogenes Jesus wrote:
>> Hi there.
>>
>> The config should work - I noticed only that you're using
>> "--with-gnutls", but that shouldn't be an issue. Try it out and let us
>> know how that worked for you.
>>
>> Dio
>>
>> Sent from my
Hello,
I would like to log ACLs Pass \ Blocks in the access.log. I am using
Logstash for a monitoring system and being able to pass this information
allows me to do some nice graphing.
Does any know how this can be done?
Michael
--
*Disclaimer: *Under Florida law, e-mail addresses are public
Hello all,
we do experience some connection issues with SFTP and clear HTTP
clients on Squid 3.4 version built with SSL split.
We occasionally see ERR_CONNECT_FAIL with SYSERR=110.
Just discovered higher value of "HTTP I/O number of reads" at the time
the issue occur.
I am not able to understand t
On 08/24/2016 11:56 PM, 曹士超 wrote:
> I don`t know squid use smp , multi cpu process purge cache, each
> process define cache_dir ,when purge cache Choose a different
> worker,Lead to clear the cache fails
Hello,
Due to the language barrier, I am not sure what question you are
asking,
Ok, found it.
So a resume for a squid 3.5.19 + samba 4.4.5, kerberos auth and kerberos groups
on debian jessie.
By default the package libsasl2-modules-gssapi-mit was not installed.
So i installed it: apt-get install libsasl2-modules-gssapi-mit
I always install with, --no-install-r
On 25.8.2016 13:24, Diogenes Jesus wrote:
> Hi there.
>
> The config should work - I noticed only that you're using
> "--with-gnutls", but that shouldn't be an issue. Try it out and let us
> know how that worked for you.
>
> Dio
>
> Sent from my iPhone
>
Hello again,
still same error...
Comlete de
http://www.squid-cache.org/Versions/v3/3.5/manuals/ext_kerberos_ldap_group_acl.html
shows the following.
-u Ldap-User
Username for LDAP server.
-u Ldap-Password
Password for LDAP server.
-u Ldap-URL
LDAP server URL in form ldap[s]://server:port
3 x -u
While shows something different.
/u
Hi there.
The config should work - I noticed only that you're using "--with-gnutls", but
that shouldn't be an issue. Try it out and let us know how that worked for you.
Dio
Sent from my iPhone
> On Aug 25, 2016, at 11:17 AM, Samuraiii wrote:
>
>> On 24.8.2016 16:39, Diogenes S. Jesus wrote:
On 24.8.2016 16:39, Diogenes S. Jesus wrote:
> Oh, an a tiny little detail :)
>
> # squid -v
>
> Squid Cache: Version 4.0.13
>
> Service Name: squid
>
> configure options: '--with-openssl' '--prefix=/usr'
> '--localstatedir=/var' '--libexecdir=/lib/squid'
> '--datadir=/share/squid' '--sysconfdir=
Hai,
I’ve added the needed upn, setup the _ldaps in the dns zones, thats ok now.
The last part, here i need some help.
support_ldap.cc(942): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Setting up connection to ldap server samba-dc1.internal.domain.tld:636
support_ldap.cc
40 matches
Mail list logo
