Amos,
I understand the idea of the current implementation. I read the manual
no one time. I only want one thing - let the administrator to decide how
to adjust his system to him. Not through patches. By means of parameters.
Squid runs on different OS'es, and it is logical to have a flexible
I am ready to sponsor the development of such a patch - but only as a
basic redirector's functional and subject to the inclusion in the upstream.
13.02.15 6:34, Amos Jeffries пишет:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 13/02/2015 8:54 a.m., Yuri Voinov wrote:
So simple.
I want to
On Friday 13 Feb 2015 at 03:53, Priya Agarwal wrote:
> These are the output:
>
> root@t4240qds:~# /usr/sbin/squid ls -al /var/logs/access.log
Thanks, but I asked for the output of
ls -al /var/logs/access.log
There is no squid command in there.
All I want to see is that this file (and
On Friday 13 Feb 2015 at 09:12, Antony Stone wrote:
> On Friday 13 Feb 2015 at 03:53, Priya Agarwal wrote:
> > These are the output:
> >
> > root@t4240qds:~# /usr/sbin/squid ls -al /var/logs/access.log
>
> Thanks, but I asked for the output of
>
> ls -al /var/logs/access.log
>
> There is
On 12.02.2015, at 17:58, Amos Jeffries wrote:
> On 13/02/2015 5:41 a.m., Simon Stäheli wrote:
>>
>> hmh, HAVE_KRB5 seems not to be set in include/autoconf.h
>>
>> What is the correct way to provide squid the path to the kerberos header
>> files?
>>
>> ./configure —help doesn’t show a useful
So sorry. In squid.conf I had done cache_effective_user to nobody and set
permissions of /var and /usr to nobody. So those are the permissions.
root@t4240qds:/var/logs# ls -al /var/logs/access.log
ls: cannot access /var/logs/access.log: No such file or directory
root@t4240qds:/var/logs# ls -ld /va
On Friday 13 Feb 2015 at 11:06, Priya Agarwal wrote:
> So sorry. In squid.conf I had done cache_effective_user to nobody and set
> permissions of /var and /usr to nobody. So those are the permissions.
Are you saying that /var is owned by 'nobody'?
That sounds like a problem for the system to me.
Then It is unable to write cache.log:
Here is the output:
root@t4240qds:~# /usr/sbin/squid -k parse
2015/02/13 12:27:14| Startup: Initializing Authentication Schemes ...
2015/02/13 12:27:14| Startup: Initialized Authentication Scheme 'basic'
2015/02/13 12:27:14| Startup: Initialized Authentication
root@t4240qds:~# chown -R nobody:nogroup /var/logs
root@t4240qds:~# /usr/sbin/squid -k parse
2015/02/13 12:27:14| Startup: Initializing Authentication Schemes ...
2015/02/13 12:27:14| Startup: Initialized Authentication Scheme 'basic'
2015/02/13 12:27:14| Startup: Initialized Authentication Scheme
hi,
i was wondering if there is a way to allow web browser use google search for
url input which dns can't resolve just like if there was no proxy setup (
example get this https://www.google.com/search?q=example.com when inputing
example.com ) instead of getting this:
The requested URL could no
Thanks a lot I can see the spalsh screen now but, session expiry is little
confusing may be some rule i messed up with will play around it to
understand it. thanks again
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Portal-Splash-Pages-example-on-squid-3
Good day!
I have a problem with squid proxy in intercept ssl_bump mode.
If I want to attach big file (>25MB) to my e-mail message on https://mail.ru
web site, I have error "Can not upload file".
Into access.log I have errors: TCP_MISS_ABORTED/000
My squid configuration, access.log, cache.log in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dmitry,
you need to pass mail.ru attachments servers as dst no bump ACL's to work.
In my configuration I use following workaround:
squid.conf:
# Only ip-based dst acl!
acl dst_nobump dst "/usr/local/squid/etc/dst.nobump"
# SSL bump rules
sslproxy_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Claudio,
what is your /etc/resolv.conf on squid cache host contents?
13.02.15 18:20, Claudio Mendes пишет:
> hi,
>
> i was wondering if there is a way to allow web browser use google
> search for url input which dns can't resolve just like if there
Thank you for your help, but your solution doesn't work on my server.
I have same error, but other ip addresses of uploadXXX.mail.ru servers.
Now I use:
acl mail_ru dstdomain .mail.ru
ssl_bump none mail_ru
Good day!
On 13 February 2015 at 21:37, Yuri Voinov wrote:
> -BEGIN PGP SIGNED MESSA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You have no bump whole .mail.ru domain, which is contains minimum 40%
and over overall traffic.. Not good solution.
I think, be better to no bump only attachments servers.
14.02.15 1:28, Dima Ermakov пишет:
> Thank you for your help, but your sol
> Markus Moeller writes:
> Hi Ludovit,
> How did you create the keytab ? Usually there is an option allowing
> you to select the encryption type. The other place to check would be
> /etc/krb5.conf. It can contain a list of supported encryption
> types. See
>
http:/
Hi Ludovit,
Firstly, these lines are contradictory
permitted_enctypes = aes128-cts-hmac-sha1-96
allow_weak_crypto = true
weak crypto is des and permitted is aes. Do you use a mixed AD environment
( 2003/2008 ) ? 2003 does not support aes.
Markus
"Ludovit Koren" wrote in message news:8
> Markus Moeller writes:
> Hi Ludovit,
> Firstly, these lines are contradictory
> permitted_enctypes = aes128-cts-hmac-sha1-96
> allow_weak_crypto = true
> weak crypto is des and permitted is aes. Do you use a mixed AD
> environment ( 2003/2008 ) ? 2003 does not
On 14/02/2015 12:45 a.m., Priya Agarwal wrote:
> root@t4240qds:~# chown -R nobody:nogroup /var/logs
STOP!!!
You are demonstrating in the last few posts that you do not understand
how the command line tools or the permissions work.
Please stop right now from doing anything on your own. This may
On 14/02/2015 1:20 a.m., Claudio Mendes wrote:
> hi,
>
> i was wondering if there is a way to allow web browser use google search for
> url input which dns can't resolve just like if there was no proxy setup (
> example get this https://www.google.com/search?q=example.com when inputing
> exampl
On 14/02/2015 5:35 p.m., snakeeyes wrote:
> Hi Amos , can you chk below plz ?
>
>
> mysql> select * from squid ;
> ++--+-+---+-+
> | user | password | enabled | fullname | comment |
> ++--+-+---+---
It could be the new AD server is setup to be backward compatible meaning
it use RC4 despite being able to use AES. I suggest you crate an additional
keytab entry for RC4. How did you create the keytab ?
Markus
"Ludovit Koren" wrote in message news:86mw4hbl56@gmail.com...
Markus Moe
> Markus Moeller writes:
> It could be the new AD server is setup to be backward compatible
> meaning it use RC4 despite being able to use AES. I suggest you crate
> an additional keytab entry for RC4. How did you create the keytab ?
It was created with ktpass on AD. The exac
In the adduser command --disabled-login and --disabled password options are
not there in my system. Got this:
root@t4240qds:~# adduser --system --no-create-home \
> --disabled-login --disabled-password \
> --ingroup squid squid
adduser: unrecognized option '--disabled-login'
Tinylogin v1.4 (2015.0
I think, that it's not good solution too, but uploadXXX.files.mail.ru has
about 100 servers.
Now i write small script on python, that creates a file with ip addresses
of uploadXXX.files.mail.ru.
Script and list of ip addresses in attachment.
On 13 February 2015 at 22:32, Yuri Voinov wrote:
> -
26 matches
Mail list logo
