Squid Returned to Packages *** PLEASE TEST ***
-
Woot! I'm going to give this a try in the next week or two on the big iron box I've been running squid on since before it got b0rken'd. I have a 60+ day uptime on that box, squid hasn't been restarted once.
-
Hi, can you recompile squid with –enable-arp-acl option, because, arp acls not working.
thank you very much :)
-
Any luck yet with white list only or any kind of wild card in the black list field? Just tried with a clean install of snapshot 1-24 and I'm still making it to any site. Maybe we'll have to do something like ipCop and create a whitelist only check box. I suspect in their implementation it removes the blacklist_acl completely and leaves only the whitelist in squid.conf. Just a thought, my programming / text edit skills in FreeBSD are marginal at best.
Any ideas data?
-
what kind of wildcard are you looking for in the blocked domains? trying to be able to block domains like sex ? cuz that WOULD be nice.
currently though it can block all subdomains of a domain. wonder if it will work on top domains. would be neat if i could block, say, all of .ru (havent tried so it may already do it). course i could do the same thing by running an internal DNS. -
There is also some difficulties if i setup my proxy without transparent proxy and Allow users on interfase, with Allowed subnets, then squid.inc create
acl allowed_subnets src XXX.XXX.XXX.XXX/XX
but there is no
http_access allow allowed_subnets
also waiting for recompiled squid binaries with –arp
-
Blacklisting TLDs does work as reported in this post some time ago. I want to be able to block all sites not explicitly named in my whitelist.
-
for whitelisting and blacklisting use wildcard "."
example for blacklist:
.sex.
.xxx.
.ch
.net
.123456.if you leave only "." dot in list then your users can access only sites listed in Whitelist
Best regards
Ju5t4s -
The period worked!!!! Thank you so much ju5t4s.
-
what kind of wildcard are you looking for in the blocked domains? trying to be able to block domains like sex ? cuz that WOULD be nice.
currently though it can block all subdomains of a domain. wonder if it will work on top domains. would be neat if i could block, say, all of .ru (havent tried so it may already do it). course i could do the same thing by running an internal DNS.I tried (as a matter of interest) to block all .ru domains, but using .ru in the blocked area blocks sites like this forum :lol: I'm not sure it should though.
It shouldn't block forum should it? I can understand it blocking foru, as there's nothing after the ru and it would match the wildcard pattern, but not forum
-
edit manualy file /usr/local/pkg/squid.inc
and change "dstdom_regex -i" to "dstdomain"
you can change it for you filtering needs
more about acl types you can read http://wiki.squid-cache.org/SquidFaq/SquidAcl#head-021f45033c4ee1b1fc5bdd4f5c49ddcd08f45bd1
*sorry for my poor english
-
I have been working on getting squid to start and stop propery. I am using 1.0.1-SNAPSHOT-02-08-2007.
I have some suggestions for changes to improve the situation:- in /etc/rc.newwanip, insert:
exec("/etc/rc.stop_packages");
before
exec("/etc/rc.start_packages"); - in /etc/rc.stop_packages, is package synching necessary?
- in /usr/local/etc/rc.d/proxy_monitor.sh, it is necessary to examine the parameter to determine if start, stop or restart should be performed. I have attached the updated file proxy_monitor.sh.txt. As package sync overwrites this file, I have been able to test only by commenting out package sync in start_packages and stop_packages.
It would certainly help to have these changes released in a snapshot.
- in /etc/rc.newwanip, insert:
-
Any ideas why in the services tab I have ~30 instances of squid running?
I've rebooted and it still shows them all when I reboot
-
no idea yet.
I am sorely out of time at work to work on squid this month.
-
First I had 5 instances of NTPserver running. De- and re-install helped this service but then it were 4 or 5 squid services.
Deinstalled squid and reinstall cured this finally.All of this was after upgrading to 1.0.1 snapshot Feb 09 OR Feb 06 - don't know exactly anymore.
-
Yeah, I find from time to time a package goes a bit mental and starts running multiple instances of itself, but squid, even after an uninstall / reinstall cycle was exactly the same, I was running literally 30 instances!
-
Just upgraded to 2/14 snapshot. Squid had lots of instances here too. I uninstalled Squid (via GUI), rebooted, reisntalled (via GUI), and rebooted and all was well. On a side note, the 2/14 snapshot upgrade deactivated all my firewall rules (the little green triangle was unclicked).
-
hi,
i installed squid and it is running ok, my isp uses proxy; if i put proxy in the upstream proxy in squid configuration, the user name password pops up for my clients to authenticate, even if i put the username and password that my isp gave me in the username and password fields of squid, the authentication still pops up when any body try to open a browser, bu the problem will not raise up if they put the proxy and the port in their browser.
how to deal with this in a way that my clients dont need to put the proxy in their browser
thank you
-
Hello,
I tested the proxy and found out that, wenn you enabled the proxy in normal or transparency mode the NAT for the clients who use the proxy doesent work.
I searched for this in the internet and found out that you should enter
forwared_for off
in the squid.conf.
Then the clients which use the proxy will be NATted to the WAN IP.Please can you fix it.
Thanks,
xabbu 8) -
for the old squid package i once made a diff… when this could help you'll find them here:
http://pfsense.trendchiller.com/squid/
But as I said these were for the old versions of the squid package…
-
hi again
where is the file squid.conf, and in what line i should insert the forwarded_for off???
thank you
