Search Results

Search found 375 results on 15 pages for 'squid'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 10/15 | < Previous Page | 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • configure squid3 to set up a web proxy in ubuntu12.04

    - by Gnijuohz
    I am in a LAN and have to use a proxy given to access the web in a very limited way. I can't even use google, github.com or SE sites. However I can use ssh to log into a server, which I have root access so basically I can do anything I want with it. So I was thinking that maybe I could use that server as a proxy so I can visit sites through it. I tested it using ssh -vT [email protected] which gave a proper response. And In my computer I can't do this. Also I tried downloading something from the gun.org using wget, which can't be done in my computer too. And it succeeded on that server. I don't know if that's enough to say that this server have full access to the Internet. But I assumed so and I installed squid3 on it. After trying some while, I failed to get it working. I got this after I run squid3 -k parse 2012/07/06 21:45:18| Processing Configuration File: /etc/squid3/squid.conf (depth 0) 2012/07/06 21:45:18| Processing: acl manager proto cache_object 2012/07/06 21:45:18| Processing: acl localhost src 127.0.0.1/32 ::1 2012/07/06 21:45:18| Processing: acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 2012/07/06 21:45:18| Processing: acl localnet src 10.1.0.0/16 # RFC1918 possible internal network 2012/07/06 21:45:18| Processing: acl SSL_ports port 443 2012/07/06 21:45:18| Processing: acl Safe_ports port 80 # http 2012/07/06 21:45:18| Processing: acl Safe_ports port 21 # ftp 2012/07/06 21:45:18| Processing: acl Safe_ports port 443 # https 2012/07/06 21:45:18| Processing: acl Safe_ports port 70 # gopher 2012/07/06 21:45:18| Processing: acl Safe_ports port 210 # wais 2012/07/06 21:45:18| Processing: acl Safe_ports port 1025-65535 # unregistered ports 2012/07/06 21:45:18| Processing: acl Safe_ports port 280 # http-mgmt 2012/07/06 21:45:18| Processing: acl Safe_ports port 488 # gss-http 2012/07/06 21:45:18| Processing: acl Safe_ports port 591 # filemaker 2012/07/06 21:45:18| Processing: acl Safe_ports port 777 # multiling http 2012/07/06 21:45:18| Processing: acl CONNECT method CONNECT 2012/07/06 21:45:18| Processing: http_port 3128 transparent vhost vport 2012/07/06 21:45:18| Starting Authentication on port [::]:3128 2012/07/06 21:45:18| Disabling Authentication on port [::]:3128 (interception enabled) 2012/07/06 21:45:18| Disabling IPv6 on port [::]:3128 (interception enabled) 2012/07/06 21:45:18| Processing: cache_mem 1000 MB 2012/07/06 21:45:18| Processing: cache_swap_low 90 2012/07/06 21:45:18| Processing: coredump_dir /var/spool/squid3 2012/07/06 21:45:18| Processing: refresh_pattern ^ftp: 1440 20% 10080 2012/07/06 21:45:18| Processing: refresh_pattern ^gopher: 1440 0% 1440 2012/07/06 21:45:18| Processing: refresh_pattern -i (/cgi-bin/|?) 0 0% 0 2012/07/06 21:45:18| Processing: refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 2012/07/06 21:45:18| Processing: refresh_pattern . 0 20% 4320 2012/07/06 21:45:18| Processing: ipcache_high 95 2012/07/06 21:45:18| Processing: http_access allow all I deleted some allow and deny rules and added http_access allow all so that all the request would be allowed. After configuring my computer, I got this error: Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect. And the log in the server showed that my TCP requests had all been denied. So, first of all, is what I am trying to do achievable? If so, how to configure the squid in the server so that I use it as a proxy to surf the Internet? My computer and the server both run Ubuntu11.04. Thanks for any help~

    Read the article

  • squidGuard hangs during setup

    - by richard
    I have a squid proxy on my Debian-Gnu-Linux-laptop configured to block some web sites. I can set a browser to use this proxy, but I can also configure it to not use it. As I an using it to block some sites. I do not wish and application to be able to bypass the proxy. Is it possible to to configure a fire wall to black outgoing traffic except if sent by the proxy application or user? I would like a simple configurator if possible.

    Read the article

  • HTTP traffic through PIX VPN from outside site

    - by fwrawx
    I have a remote site with a website that only allows access from the outside IP assigned to our local PIX. I have users connecting to the local networking using a VPN that need to be able to view this remote site. I don't think this works because the packets want to come in and go out over the same (ext) interface. So I'm looking for a way to make this work using the PIX or setting up a service on a server on the local network to act as a middle-man for the HTTP requests. The remote site doesn't support setting up a VPN to our PIX. The remote website is dishing out pages over a non-standard port. Can I use squid or something similar to proxy just one site?

    Read the article

  • Funnelling http traffic

    - by spencer p
    I have a situation where a large batch of servers (X), on demand, need to request data from a smaller set of web servers (Y). The worst case scenario is if all servers in X decide to fetch different requests to one server in Y. That would be X amount of connections, which could be a very large burst of traffic. The best case scenario is if 1 server in X hit 1 server in Y in tandem. Life does not work like this. One idea to entertain is placing a proxy, similar to squid between X and Y. All of X servers can connect to this proxy, but would result in a few persistent (http keepalive) connections to Y. If The few were say, 3 or 4, then it would funnel. If we could then rate limit those connections and traffic decides to spike unusually high, we wouldn't hurt anyone but ourselves. Thoughts?

    Read the article

  • What kind of proxy acl rules should be applied?

    - by user42891
    I try to block sites in squid based on this article. Assuming you would want to block access to Yahoo (e.g http://www.yahoo.co.jp, http://www.yahoo.com, http://www.yahoo.co.in), you would ideally want to block all of the above URLs, if I use a regular expression and try to search something called yahoo it seems to get blocked. We are just interested in applying rules which would be most commonly used across all companies (e.g. social networking sites like facebook, orkut), porn sites (e.g. sex), gaming sites (games), movie & song download sites, and sites where they can upload data (e.g. rapidshare) What would be the common set of effective rules in achieving the above?

    Read the article

  • Squid3 not working. Access denied

    - by Nitish
    I installed SQUID3 on a Linux machine with two ethernet interfaces (eth0 and eth1). I used the default settings in the squid.conf file and uncommented the two lines acl localnet src 192.168.0.0/16 and http_access allow localnet. eth0 is connected to a router, which provides Internet access. It is assigned an IP 192.168.1.2 by the router. I manually configured eth1 to have an IP address 192.168.5.1. It is connected to a switch. Systems having IP addresses 192.168.5.x are connected to this switch. I ran these two commands for NAT: iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.5.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 But when I try to access internet from a system having IP 192.168.5.2 through the proxy I get an error that says "Access denied". What is wrong with my configuration?

    Read the article

  • software to monitor internet usage on an XP PC? (browser + non-browser)

    - by user39316
    Hi Is there any (ideally open source) software for Windows that can be used on a PC, to monitor the usage of internet from that PC? It would need to include both browser and non-browser sources (e.g. a service that sync's calendar to gmail). So any software on your PC that uses would need to be configured to point to this local internet monitoring software/proxy. The monitoring software/proxy then would be configured to point to the company proxy server (address, port & credentials). Things that come to mind that might be close but not really focused on solving this might be perhaps: Charles Proxy, Fiddler 2, SQUID? The idea would be it could give you a daily/weekly/monthly report of internet upload/download usage on a per program/process/service basis for the PC it is being run on. thanks

    Read the article

  • Squid3 not working. Access denied.

    - by Nitish
    I installed SQUID3 on a Linux machine with two ethernet interfaces (eth0 and eth1). I used the default settings in the squid.conf file and uncommented the two lines acl localnet src 192.168.0.0/16 and http_access allow localnet. eth0 is connected to a router, which provides Internet access. It is assigned an IP 192.168.1.2 by the router. I manually configured eth1 to have an IP address 192.168.5.1. It is connected to a switch. Systems having IP addresses 192.168.5.x are connected to this switch. I ran these two commands for NAT: iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.5.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 But when I try to access internet from a system having IP 192.168.5.2 through the proxy I get an error that says "Access denied". What is wrong with my configuration?

    Read the article

  • Proxy server on windows with SSL encrypted exchange with client

    - by Syffys
    I want to set up a classic proxy server (HTTPS, HTTPS, SSH, FTP, etc...) on a windows platform, but I need the following features: password authentication for clients data exchanged between clients and server to be SSL encrypted I've been trying to set this up various application to get this result, but without success so far: Squid for windows ccproxy wingate Alternatively, an other solution would be an HTTP SSL tunnel encapsulating an unencrypted proxy connection between clients and the server. I've spent a lot of time without any result so far, so I'm wondering if anyone faced this kind of issue. Thanks in advance!

    Read the article

  • How can I access blocked sites while in China?

    - by Samuurai
    I have some colleagues who need to go to China for work, however while they're there, they can't access a lot of sites. One of which is GMail (Google Apps), which they need for work. We have a UK based Ubuntu server, which I have root access for. What can I do for them? I thought about a Squid proxy, but it might rely on their hotel having port 8080 open, so, not ideal. Are there any workarounds or other solutions?

    Read the article

  • How to direct reverse proxy requests using wildcard vhosts

    - by HonoredMule
    I'm interested in running a reverse proxy with 2-3 virtual machines behind it. Each internal server will run multiple virtual hosts, and rather than manually configuring each individual vhost on the proxy (a variety of vhosts come and go too often for this to be practical), I would like to use something which can employ pattern matching in a sequential order to find the appropriate back-end server. For example: Server 1: *.dev.mysite.com Server 2: *.stage.mysite.com Server 3: *.mysite.com, dev.mysite.com, stage.mysite.com, mysite.com Server 4: * In the above configuration, task.dev.mysite.com would go to Server 1, dev.mysite.com would go to Server 3, yoursite.stage.mysite.com to Server 2, www.mysite.com to Server 3, and yoursite.com to Server 4. I've looked into using Squid, Varnish, and nginx so far. I have my opinions regarding their respective desirability and general suitability, but it's not readily apparent if any of them can handle dynamic server selection in this manner and not require per-vhost configuration. Apache on the other hand can do this handily and simply, but otherwise (aside from being well-known and familiar) seems very poorly suited to the partly-performance-serving task. Performance isn't actually a major concern yet, but it seems foolish to use Apache if another system will perform far better and can also handle the desired 'hands-free' configuration. But so is frequently having to adjust the gateway for all production services and risk network-wide outage...and so also is setting oneself up for longer downtime later if Apache becomes a too-small bottleneck. Which of these (or other) reverse proxies can do it/would do it best? And maybe I should post this as a separate question, but if Apache is the only practical option, how safe/reliable/predictable is apache-mpm-event in apache2.2 (Ubuntu 12.04.1) particularly for a dedicated reverse proxy? As I understand it the Event MPM was declared "safe" as of 2.4 but it's unclear whether reaching stability in 2.4 has any implications for the older (2.2) versions available in official/stable package channels of various distros.

    Read the article

  • Apache2: Limit simultaneous requests & throttle bandwidth per IP/client?

    - by xentek
    I want to limit simultaneous requests & throttle bandwidth per IP/Client on a single apache vhost. In other words, I want to ensure that this site, which hosts large media files, doesn't get hammered by someone trying to download everything all at once (just happened the other night). I'd like to limit the outgoing transfer speed overall for this site, as well as limit the number of connections a single IP can make to the server to a sane default (i.e. within normal browser limits for multiple requests so page loads aren't effected too much). Bonus points if I can actually scope it to file types (i.e. leave web files alone, but apply these rules to just the media files). We're running Ubuntu 9.04 on all the servers, and have two apache/php servers being load balanced via Round Robin by a squid proxy server. MySQL is running on its own box as well. We've got plenty of bandwidth to give them, so I don't really want overall caps, but just want to throttle the amount of memory/CPU it takes to serve this site. There other sites on these servers that we don't want to apply these rules too, just want to keep this one from hogging all the resources. Let me know if you need more info! Thanks in advance for your suggestions!

    Read the article

  • Any HTTP proxies with explicit, configurable support for request/response buffering and delayed conn

    - by Carlos Carrasco
    When dealing with mobile clients it is very common to have multisecond delays during the transmission of HTTP requests. If you are serving pages or services out of a prefork Apache the child processes will be tied up for seconds serving a single mobile client, even if your app server logic is done in 5ms. I am looking for a HTTP server, balancer or proxy server that supports the following: A request arrives to the proxy. The proxy starts buffering in RAM or in disk the request, including headers and POST/PUT bodies. The proxy DOES NOT open a connection to the backend server. This is probably the most important part. The proxy server stops buffering the request when: A size limit has been reached (say, 4KB), or The request has been received completely, headers and body Only now, with (part of) the request in memory, a connection is opened to the backend and the request is relayed. The backend sends back the response. Again the proxy server starts buffering it immediately (up to a more generous size, say 64KB.) Since the proxy has a big enough buffer the backend response is stored completely in the proxy server in a matter of miliseconds, and the backend process/thread is free to process more requests. The backend connection is immediately closed. The proxy sends back the response to the mobile client, as fast or as slow as it is capable of, without having a connection to the backend tying up resources. I am fairly sure you can do 4-6 with Squid, and nginx appears to support 1-3 (and looks like fairly unique in this respect). My question is: is there any proxy server that empathizes these buffering and not-opening-connections-until-ready capabilities? Maybe there is just a bit of Apache config-fu that makes this buffering behaviour trivial? Any of them that it is not a dinosaur like Squid and that supports a lean single-process, asynchronous, event-based execution model? (Siderant: I would be using nginx but it doesn't support chunked POST bodies, making it useless for serving stuff to mobile clients. Yes cheap 50$ handsets love chunked POSTs... sigh)

    Read the article

  • Using Tor behind a proxy ?

    - by atkck
    hi, i'd like to use TOR/polipo behind a proxy like below ME -- POLIPO -- TOR -- PROXY SQUID -- WEB Couldn't find how to do that. When specifying a parent proxy for polipo, it goes straight for it without using TOR so my IP Adress doesn't change. Please any idea is welcome.

    Read the article

  • How should one manager external and internal DNS servers at the same time?

    - by erotsppa
    We run a mac network here in the office. We have an internal DNS server to manage the network. Everything is resolved to a local ip (for mail.mydomain.com etc). However, we also have an external DNS server for when our users are not in the office. However, isn't it a pain to have to manage two lists? Whenever you change something you have to change another? And you can't have one be a slave of another because the ip are sometimes different (for example mail.mydomain.com would point to a local ip in local dns server but an external ip in the external dns server). Any tricks?

    Read the article

  • dansguardian error: filterports must match number of filterips (pfsense)

    - by Bulki
    Hi I'm setting up pfsense with squid3 and dansguardian packages. When I try to start the dansguardian service however, I get the following errors: May 27 22:17:37 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/dansguardian.sh start' returned exit code '1', the output was 'kern.ipc.somaxconn: 16384 -> 16384 kern.maxfiles: 131072 -> 131072 kern.maxfilesperproc: 104856 -> 104856 kern.threads.max_threads_per_proc: 4096 -> 4096 Starting dansguardian. filterports (2) must match number of filterips (1) Error parsing the dansguardian.conf file or other DansGuardian configuration files /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian' May 27 22:17:37 root: /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian May 27 22:17:37 dansguardian[52944]: Error parsing the dansguardian.conf file or other DansGuardian configuration files May 27 22:17:37 dansguardian[52944]: filterports must match number of filterips What does "filterports must match number of filterips" mean? Any thoughts on the matter?

    Read the article

  • Outlook express under RHEL 5 server

    - by Kumar P
    I am using RHEL 5 server as proxy server in Local network. Under server i have few windows machines. Now i want to configure Outlook express in windows boxes, When i configure and test connections, It showing connection failed. In browser, internet working well. Without proxy, windows outlook express configure well in windows boxes. And working well. What you think about it and How can i solve this problem ?

    Read the article

  • Outlook 2003 under RHEL 5 server

    - by Kumar P
    I am using RHEL 5 server as proxy server in Local network. Under server i have few windows machines. Now i want to configure Outlook 2003 for send and receive mails in windows boxes, When i configure and test connections, It showing connection failed. In browser, internet working well. Without proxy, windows outlook - 2003 configure well in windows boxes also working well. What you think about it and How can i solve this problem ? Please give clear steps to solve.

    Read the article

  • Transparent proxying in MacOS X 10.6 Snow Leopard (and maybe FreeBSD)

    - by apenwarr
    I'm trying to create a transparent proxy on my MacOS machine in order to port the sshuttle ssh-based transproxy VPN from Linux. I think I almost have it working, but sadly, almost is not 100%. Short version is this. In one window, start something that listens on port 12300: $ while :; do nc -l 12300; done Now enable proxying: # sysctl -w net.inet.ip.forwarding=1 # sysctl -w net.inet.ip.fw.enable=1 # ipfw add 1000 fwd 127.0.0.1,12300 log tcp from any to any And now test it out: $ telnet localhost 9999 # any port number will do # this works; type stuff and you'll see it in the nc window $ telnet google.com 80 # any host/port will do # this *doesn't* work! After the latter experiment, I see lines like this in netstat: $ netstat -tn | grep ^tcp4 tcp4 0 0 66.249.91.104.80 192.168.1.130.61072 SYN_RCVD tcp4 0 0 192.168.1.130.61072 66.249.91.104.80 SYN_SENT The second socket belongs to my telnet program; the first is more suspicious. SYN_RCVD implies that my SYN packet was correctly captured by the firewall and taken in by the kernel, but apparently the SYNACK was never sent back to telnet, because it's still in SYN_SENT. On the other hand, if I kill the nc server, I get this: $ telnet google.com 80 Trying 66.249.81.104... telnet: connect to address 66.249.81.104: Connection refused telnet: Unable to connect to remote host ...which is as expected: my proxy server isn't running, so ipfw redirects my connection to port 12300, which has nobody listening on it, ie. connection refused. My uname says this: $ uname -a Darwin mean.local 10.2.0 Darwin Kernel Version 10.2.0: Tue Nov 3 10:37:10 PST 2009; root:xnu-1486.2.11~1/RELEASE_I386 i386 Does anybody see any different results? (I'm especially interested in Snow Leopard vs Leopard results, as there seem to be some internet rumours that transproxy is broken in Snow Leopard version) Any advice for how to fix?

    Read the article

  • Outlook express-2003 under RHEL 5 server

    - by Kumar P
    I am using RHEL 5 server as proxy server in Local network. Under server i have few windows machines. Now i want to configure Outlook express-2003 for send and receive mails in windows boxes, When i configure and test connections, It showing connection failed. In browser, internet working well. Without proxy, windows outlook express configure well in windows boxes. And working well. What you think about it and How can i solve this problem ? Please give clear steps to solve.

    Read the article

  • Easy shorewall question : allow ips to DNAT

    - by llazzaro
    Hello, At my home network I had a transparent proxy. This is the rule that forward all 80 traffic to my squid3.1 server at DMZ DNAT loc:!10.0.0.126 dmz:172.16.0.198:3128 tcp 80 - !172.16.0.198 Ok, I need to add more ips to avoid transparent proxy. I tried loc:!10.0.0.134,!10.0.0.126...but didnt work (also similars like [ip0,ip1]. I tried to google the answer cant find it (sorry no matches, not searching the right keywords) also I tried to read the docs, but they are really long (and indexes dont help me). Thanks!

    Read the article

  • Transparent proxying leaves sockets with SYN_RCVD in MacOS X 10.6 Snow Leopard (and maybe FreeBSD)

    - by apenwarr
    I'm trying to create a transparent proxy on my MacOS machine in order to port the sshuttle ssh-based transproxy VPN from Linux. I think I almost have it working, but sadly, almost is not 100%. Short version is this. In one window, start something that listens on port 12300: $ while :; do nc -l 12300; done Now enable proxying: # sysctl -w net.inet.ip.forwarding=1 # sysctl -w net.inet.ip.fw.enable=1 # ipfw add 1000 fwd 127.0.0.1,12300 log tcp from any to any And now test it out: $ telnet localhost 9999 # any port number will do # this works; type stuff and you'll see it in the nc window $ telnet google.com 80 # any host/port will do # this *doesn't* work! After the latter experiment, I see lines like this in netstat: $ netstat -tn | grep ^tcp4 tcp4 0 0 66.249.91.104.80 192.168.1.130.61072 SYN_RCVD tcp4 0 0 192.168.1.130.61072 66.249.91.104.80 SYN_SENT The second socket belongs to my telnet program; the first is more suspicious. SYN_RCVD implies that my SYN packet was correctly captured by the firewall and taken in by the kernel, but apparently the SYNACK was never sent back to telnet, because it's still in SYN_SENT. On the other hand, if I kill the nc server, I get this: $ telnet google.com 80 Trying 66.249.81.104... telnet: connect to address 66.249.81.104: Connection refused telnet: Unable to connect to remote host ...which is as expected: my proxy server isn't running, so ipfw redirects my connection to port 12300, which has nobody listening on it, ie. connection refused. My uname says this: $ uname -a Darwin mean.local 10.2.0 Darwin Kernel Version 10.2.0: Tue Nov 3 10:37:10 PST 2009; root:xnu-1486.2.11~1/RELEASE_I386 i386 Does anybody see any different results? (I'm especially interested in Snow Leopard vs Leopard results, as there seem to be some internet rumours that transproxy is broken in Snow Leopard version) Any advice for how to fix?

    Read the article

  • How to build an outbound load balancer with linux?

    - by matnagel
    We have a small house in the countryside and there is no fixed broadband, so we had a mobile flatrate first, and for 2 people with 2 computers it was too slow, so now we have 2 flatrates for 2 client machines. So I pay 2 flatrates and have double bandwith theoretically. There is a local network in the house that connects everything. But when I am alone I wonder how I can use both connections at the same time. I want to build a solution where I can browse the web and page requests are spread between the 2 connections. I imagine there are expensive routers who can split the traffic between 2 lines. But is there a good way to do it with linux? The solution I am looking for will split the requests already for one page (multiple images, css files, javascrfipt files) between the two lines.

    Read the article

  • Connect Google Apps Email from Outlook via Linux ipTables

    - by Jean
    Hello, I have set up my google apps email on my outlook and I want it to connect to the google server and fetch my mails using SSL POP3 Ports 995, 465 both TCP and UDP are open. But it still not working. The server has 2 NIC, one for LAN and the other for External. Please provide assistance on solving this issue. Thanks Jean

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 6 7 8 9 10 11 12 13 14 15  | Next Page >