I want to use squid Proxy to ask username password to user for internet usage and if username password not correct squid stops user access.I use following installation commands and configuration but still squid not asking for username password, and I can use Internet browsing by defining proxy in my client proxy.I use following installataion commands one by one but non of them works, and configure squid to use ncsa_auth../configure --enable-delay-pools --enable-linux-netfilter --enable-arp-acl --disable-ident-lookups --enable-snmp --enable-removal-policies
with following squid.conf configuration one by one.
htpasswd /usr/local/squid/etc/passwd testuser
New password:
Re-type new password:
[code]....
No error received in access.log or /var/logs/messages files, nor on client screen, client still using internet browsing without asking username password by squid,
Is there anyway to monitor the current bandwidth in use by a user (NCSA auth) on squid? Occasionally we get a user downloading too many videos at once, which blocks bandwidth to other users on the network. As I have no idea which user it is until the end of the day (SARG reports), we just restart the squid server to disconnect their downloads.
I am using auth_param basic program /usr/lib/squid/squid_ldap_auth to authenticate users using squid from ldap. The user and pass is in clear text over the network between the browser and the squid server. Any way to send it in an encrypted format??
I have a Printer which is attached to Linux System which is fedora 12. I have squid proxy server which is installed on CentOs 5. My squid works perfect. I am using it with wpad.
Now I can access the the cups page using 192.168.x.2:631 without proxy setting
But when I configure my browser with proxy setting 192.168.x.2:631 doesn't open. Due to this users are also not able to print. How to get cups working with squid
I am using FEDORA 11 and Squid 3. Squid configured and working perfectly but some Win XP users unable to access their mails through outlook express. can anybody guide me what should i do to enable pop/smtp ports via through nating / MASQUERADE etc..
Lately I have been receiving this in my auth.log file. It seems to be repeating over and over, and I didn't know if was anything normal or something I should be worried about...
I have configured a squid proxy server with @2 eth in different network subnet and with site blocking and extn file download blocking. One eth0 for office wired network and another eth1 is for office wireless network for laptop use for guest and visitors.
The problem is [URL] is an Indian government website, which is not working though this proxy server and the Internet Explorer is getting very slow and freezing the computer. In alternate I have configured a another test server with squid proxy with out any security and test the same. the problem is still with the all the computer in the network. The above website is perfectly working with Gateway configuration in TCP/IP properties in Network Configuration in MS Windows XP computers but through squid proxy its not working.
I'm getting relay access denied to an email outside of my domain. It seems the passwords are authenticating because I'm not getting invalid password prompts.
My squid server works fine in fedora 11 system . Is there any web like interface for admins to create,change,modify users of squid and to view their logs.
I would like to ask some help and tutorial for setting up and how to configure squid proxy server in my (Home PC Server). I am a newbie in Linux Centos. I already installed in my system the CentOS 5.5 . Now, I want to configure it as my internet server, all of my 4 system running in Windows including the laptop I want to connect through my CentOS pc with username authentication. I assign all IP address by static. see tthe attachement in my set up. [url] I just want to know what I need to change and add in my squid config file. And how can I configure properly my CentOS with 2 LAN card as internet server.
Been a while but have a few scripts that need to hit a website that's local to that network, but also a public site. Currently there is an .htaccess in that folder with this lockdown;
I'm trying to add the -audit option to X Server. I run ps -ef | grep -v grep | grep "bin/X" and get: root 2511 2506 0 10:35 tty7 00:00:09 /usr/bin/X:0 -br -verbose -auth /var/run/dgm/auth-for-gdm-sScn1P/database -nolisten tcp vt7 So I'm thinking that I need to add -audit to the /usr/bin/X file, but I believe that it's binary and created by something else, but I can't find that "something else". How on earth can I add this option? I have opened up 1,000,000,000,000,000,000,000 files (slight exaggeration) and I've come up empty.
operating system: CentOS 5.5 git version:1.7.3.4 ldap server:OpenLdap Http server:Apache 2.2 the software above have been installed. How to config /etc/httpd/conf.d/gitweb.conf file to let git authed by ldap?
I am a bit of a linux newbie, but have been gradually teaching myself how to set up Sendmail 8.13.8 on a CentOS system to handle our MX mail for various domains we own on our local server. Configuration has gone well so far, except I cannot seem to get Outlook to authenticate with the SMTP server and I must readily admit to some large gaps in my knowledge. For testing purposes, I have tried to authenticate using Telnet with the following results:
Code: 220 my.domain.com ESMTP Sendmail 8.13.8/8.13.8; Wed, 3 Aug 2011 14:27:00 GMT ehlo my.domain.com 250-my.domain.com Hello mytelnethost.btcentralplus.com [109.xxx.xxx.xx], pleased to meet you 250-ENHANCEDSTATUSCODES
I'd like to enable SSL authentication in vsftpd.conf but still somehow force plain data transfer; even if the client is capable of SSL data transfer. The way I understand the config, if I set ssl_enable=YES then if client wants to use SSL for data transfers, it can. I wish for force plain data transer, but still have SSL enabled for login. Is this possible with vsftpd?
I'm hoping someone here can help, as I've been beating my head on the wall for a week now with little advancement. I've found a number of tutorials on setting this up, however none of them have gotten me 100% of the way there. Here's my situation: home-based Fedora server (Core 8), running sendmail 8.14.2-1. Connecting to hosting company's smtp server over port 587, to bypass Verizon's blocking of port 25.
My /etc/mail/sendmail.mc file looks like this (comment lines removed):Quote:
I got one last stop until I've fully configured my Sendmail server. I want the server to verify which address the sender is using when sending mail. Even though authenticated via SMTP AUTH or mailing from an IP listed as RELAY in access.db, the user should not be able to use whichever address he likes.
Ideally, I would like Sendmail to use a file that looks something like this: Username sername@Server.org
where, if logged in with Username, the only accepted sender address is Username@Server.org. As of now, Sendmail just verifies that the sender domain exists and then relays which I don't like. This also applies to a lot of other servers as well... for example in the cases where ISPs have blocked outgoing port 25 and let all their users use their SMTP server. I assume, if they don't use SMTP AUTH which is not the case where I am, that they have their entire IP range listed as RELAY and therefore, using my ISPs SMTP when in their net, I can send mail as whomever I like as long as the sender domain exists.
I've had a look at filters but haven't found any suitable and I assume that this might be realised through a Ruleset or something. What do you think? Have I missed something making this a really stupid suggestion or am I on to something? It would make my day
i had configured mail server in linux. i had configured sendmail in linux client . i have error while sending mail through thunderbird smtp auth error how can i resolv the issue .....
New machine, need to append my id_rsa.pub to my remote SSH box, cannot use ssh-copy-id because I cannot specify the port I've got the machine running on.
I have a CentOS 5 box that is a web server. When it generates emails, all emails should go out through our Exchange mail server.I believe our Exchange server requires NTLM authentication:
If I ssh from my laptop (running F10) to the server (centos 5.2) it asks for the password, but everytime I enter the correct password it says incorrect password. when I do the same from the server to my laptop I can get in just fine. I think my passwords are stored as ssha in the LDAP (I tried clear passwords and that dosen't work either).
Squid document says that Squid accepts only HTTP requests but speaks FTP on the server side when FTP object are requested.
We call Squid HTTP and FTP caching proxy server. Does it also caches FTP contents? Is it possible to configure FTP clients to use Squid cache? When we make an FTP request to an FTP site via Squid will it be bypassed?
I have a proxy server (squid-3) that I would like to setup Dansguardian to do additional web filtering.
The system:
Ubuntu 10.10 - all updates as of today Dansguardian - 2.10.1.1-2ubuntu0.1 (latest update) Squid3 - latest update (not squid 2.7) Webmin - 1.530 (all updates) Webmin dansguardian module - 0.7.1
Ok - I have all of the above installed. When I go to the DG module page in Webmin, I get the following:
Warning - the version of DansGuardian you have is not supported by this Webmin module version Webmin Module Version 0.7.1 supports DG version 2.10 (& 2.9) Currently installed DG version
This obviously makes no sense, since I am running DG version 2.10.1...
PS. I have squid installed, but not configured (still tinkering) - could this be the problem? That squid needs to be running for DG to work?
I want to make a transparent squid proxy server in centos. The squid proxy version is 2.6 stable. I made a normal squid server but want to make it transparent so that users do not need to enter the proxy settings in web browser. Even i searched about this on google but not getting it properly.I have two lan cards on centos system. ETH1 used for LAN and ETH2 used for WAN. And in this squid.conf i written "http_port 172.16.31.1:3128 transparent" and i also added a rule in iptables which is "iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128" but still i have to enter proxy settings at client's web browser to use internet
I would like to install and configure Transparent squid proxy on a gateway server ,but i dont have a local OR intranet DNS server.I am facing issues do that ,regard .My IP series is 192.168.1.1/24
