Networking :: Squid With Multiple IP Segment?
Jan 13, 2011I've setup Squid - DHCP - Transparent Proxy with the following
eth0 = connected to internet
eth1 = connected to lan. (192.168.1.1)
[code]....
I've setup Squid - DHCP - Transparent Proxy with the following
eth0 = connected to internet
eth1 = connected to lan. (192.168.1.1)
[code]....
I've got this current configuration : 1 squid server authenticating with 1 forest abc.com, then another company wants to joint but in different forest efg.com, I've already configured trust relationshipt between them.
How should I configured at squid.conf so it will authenticate both domain ?
At squid.conf I've already configured like the following below for abc.com :
Is it enough to adding a new line for auth_param basic program for efg.com ?
I need to run multiple squid instances on my server , I am running squid version squid-2.7.STABLE5-1.el4 on RHEL 4.7 , kindly tell me how to do so. by the way , I need to run two instance because i need to configure my proxy to act as a reverse proxy and a forward proxy, and people told me that you cannot run a forward and reverse proxy on the same instance.
View 4 Replies View RelatedI am using squid 3.1.12 as a proxy cache. All the requests initially land on a Apache server which acts as a reverse proxy server, the Apache redirects some URLs based on the context to Squid server. This Squid server based on the URL needs to forward the request to the specific tomcat server where the application is deployed. I am able to configure just for one application but how do I configure multiple tomcat servers(each tomcat having different application deployed on it). Squid needs to redirect based on the URL.In Squid.conf I made the following changes
[URL]
cache_peer abc.dev2.xxx.com parent 8080 0 no-query originserver refresh_pattern -i /ABC144020%1440 override-expire override-lastmod reload-into-ims ignore-reload
#cache_peer def.dev2.xxx.com parent 8080 0 no-query originserver
[code]....
Here Squid is deployed on my host [URL], Apache redirects any URLS with the context 'ABC' or 'DEF' to squid. Squid needs to redirect it to the individual hosts thats [URL] or [URL] based on the URL. I have commented the entry for DEF in my squid.conf as it was not working. But it does work for any URLs with ABC as the context.
I want to allow only ip segment(212.154.75.0/24) to telnet the server(RHEL-7.3).How this can be done using iptables?In the server i gave this command:
# iptables -I FORWARD -s 212.154.75.0/24 -p tcp --dport 23 -j ACCEPT
output is
0 0 ACCEPT tcp -- * * 212.154.75.0/24 0.0.0.0/0 tcp
[code]....
I've got a redhat 5.5 machine which is supposedly up-to-date according to RHN. When I try to do anything with yum, I get the following error:
Code:
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:
[code]...
Two years ago, I have set up two node Active-passive cluster on VSphere 4.0 and it is in production ever since.
I've tried to setup another cluster for testing purposes on the same VSphere, and failed. And what is interesting is that those new two nodes came up with cluster.conf of the production cluster, even though I did not try to bring them in the existing production cluster. I googled a bit and found something stating that two different clusters might behave strane if on the same network segment. Question is, did anyone try to create two different clusters on the same hardware, or on the same network VLAN?
I will do some more digging after weekend, and get back to you.
I am dualbooting Karmic, windows 7, and fedora. When I boot, Grub2 will boot everything but Windows 7. Instead it says:
Code:
reloc offset is out of the segment
abort.
I've tried reinstalling and updating grub2 and I also tried grub. It wasn't a problem until I put Lucid on a 4th partition that's always been there. I let lucid install grub2 and after that windows didn't work, but I got the same error when I reinstalled it from karmic. I got a different error from grub (that I don't remember), but I wasn't positive about the configuration so that may have been my fault.
Ok before anyone tells me to use the open source drivers. Did that and the 3d was messed up. Wine + eve online = fail. This is where this adventure began.
lspci | grep VGA
01:05.0 VGA compatible controller: ATI Technologies Inc Radeon XPRESS 200M 5955 (PCIE)
System:
HP Dv5130ca AMD Turion 64
Glxgears:
Segment fault
ATI Proprietary Linux Driver-8.30.3 from the documentation seems to support this card. But no make install package for 10.10
ATI Proprietary Linux Driver-10.9-x86_64 fails on sudo ./
Error: ./default_policy.sh does not support version
default:v286_64:lib32::none:2.6.35-22-generic:; make sure that the version is being
correctly set by --iscurrentdistro .....
I see from dumping executables that seg selector 0x10 is assigned to my stack segment and to my data segments (.bss .data COMMON). The code is using 0x08. My question - how can I control this? I've looked at all the command line options and don't see it. I have a different program that uses 0x10 for code and 0x18 for data. I note that the second program has i386 in the architecture field in the linker script, whereas the first one referenced has i686. Is this what causes the difference? I understand that this architecture field triggers something regarding a library named BFD - is this where I should look? If so, where do I find it? I am runnig fedora. Is there a way to control the association of sections in the linker script with segment registers? I can set up segments in the gdt and can asign them to segment registers. I can - when writing in assembler - assign code to a section. I can relate a segment in the gdt with a register.But I dont see how to tell the section which segment register it is associated with Finally I see that the gcc compiler decides - based on how I initialize a variable - whether to put it into bss or data or COMMON. Do I have any control over this?
View 1 Replies View RelatedI have a text file that looks sort of like this:
Code:
blah blah blah
tons of unimportant stuff we don't care about
[code]...
I have had a strange experience in upgrading to Ubuntu 10.10 on a Dell Inspiron 1545 also running Vista. I was upgrading from a Ubuntu 8.04 that I thought would be worth reporting/sharing in case others have had a similar experience. last week I upgraded to Ubuntu 10.10 using the live cd. Everything seems have gone smoothly. I could log in and out of ubuntu. After logging into Vista and logging out, the next time I tried to start the machine, there was a 'segment offset error' with the boot loader and there was no way of rebooting into anything except to use the Ubuntu live CD and go to a terminal and reinstall the bootloader. The same thing happened after logging in to Vista- this seemed to mess with the boot loader. Logging in first time was not a problem.
Yesterday I started again, wiped out 10.10 and re-installed ubuntu but version 10.04. Logging in and out of Vista is so far ok and I have not had any problems. I do not have an obvious logical explanation to the sequence of events unless there is a problem with the boot loader in version 10.10.
I have a program that creates and uses a shared memory segment. I am trying to find out how to detach and delete this shared memory segment when I hit crtl-C, and I still need the process to terminate.shmdt() and shmctl() have variables that are local to the main passed to them(shared and shmid)
Code:
//Prototype
void leave(int sig);
//part of code trying to use signal handling
if(signal(SIGINT, leave))
[Code]...
I have an old pentium 3 computer that has ~7 NICs installed. These NICs are attached to modems and other networking equipment. According to the linux ping page on computerhope.com, it seems that one could send a ping from a certain specified NIC. How would one go about this?
View 6 Replies View RelatedI have a CentOS 5.3 box with three network interfaces in it. Each interface is attached to a separate VLAN and I want traffic to stay on each network segment.What I can�t figure out is why I cannot get each interface to have its own gateway and everything gets sent through the default gateway.The basically takes my possible 3Gb total bandwidth and throws it down a single 1Gb pipe.Then on top of that, if I take down the interface (ifdown) that has the current default gateway,I loose contact to the other two interfaces.When I look at the routes, each one of the interfaces shows the gw as 0.0.0.0 and defers to the default route. So I delete the route and try to add a new route with:
[root@testsan ~]# ip route add 10.1.15.0/24 via 10.1.15.1 dev eth2
but end up with the error:
RTNETLINK answers: Network is unreachable
[root@testsan sysconfig]# cat network
NETWORKING=yes
NETWORKING_IPV6=no[code].....
Our application uses a dynamically loaded shared object library (codec library) to compress and decompress audio streams.
There happens to be several static and global variables in this shared object library. Hence it is not possible to process two interleaved unrelated media streams using this shared object codec library because each stream corrupts/changes the contents of these static/global variables.
Is there a way through which a context save (save contents of data segment of shared object) and a context load (load previously saved contents of data segment of shared object)operation can be performed on the shared object library. This way the context for each media stream can be saved and loaded before and after processing the "other" media stream respectively.
I am using squid to controlling access to the internet all is working fine expect one of the user who is using outside organization portal to connect internet. But whenever he tries to enter in the portal by typing (EXAMPLE)url. Permission denied error from squid occur.
How can i allow this portal in squid. So squid will allow this to access.
My squid server works fine in fedora 11 system . Is there any web like interface for admins to create,change,modify users of squid and to view their logs.
View 1 Replies View RelatedI would like to ask some help and tutorial for setting up and how to configure squid proxy server in my (Home PC Server). I am a newbie in Linux Centos. I already installed in my system the CentOS 5.5 . Now, I want to configure it as my internet server, all of my 4 system running in Windows including the laptop I want to connect through my CentOS pc with username authentication. I assign all IP address by static. see tthe attachement in my set up. [url] I just want to know what I need to change and add in my squid config file. And how can I configure properly my CentOS with 2 LAN card as internet server.
View 1 Replies View RelatedI have a VPS. I intend to use it as a squid server. I need to know how to configure Squid so it works as a simple proxy server. Don't need authenication etc.
View 1 Replies View Relatedin my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.
View 2 Replies View RelatedI am going to configure squid in my linux box.I have different kinds of ranges in my office.The default is as under
Code:
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks
can I add my own ranges as
Code:
acl our_networks src 10.1.60.0/24 10.1.70.0/24 10.0.80.0/24 10.1.90.0/24 10.1.100.0./24
http_access allow our_networks we have divided according to floors ,like 1st floor ip range is 10.1.60.0 2nd floor 10.1.70.0 ,third 10.1.80.0 and so on. All IP ping each others successfully.
I am using Squid as a proxy server red hat Linux.I want to block some specific web sites like facebook,..... under squid .Please guide me that how can i do it and under which header should i write the script ?
View 14 Replies View RelatedI have installed squid 2.6 in my cent os 5 machine. The installation location was
Code:
# ./configure@--prefix=/usr/local/squid
Normally with RPM base squid,to start and stop squid we use
# service squid start
# service squid stop
Now with source code based installation the start and stop services are not working.
I am using SQUID 2.6 on cent os. Squid as a proxy server is working fine. I want to manage my bandwidth according to my office staff.Like for top management users may allocate 1 MB and rest of the users as 256 kb.Kindly guide me that how can I do it ?
View 1 Replies View RelatedI just setup a linux machine that act as a gateway along with squid running in transparent mode. Now I have one asterisk server which is behind that gateway I mean on my local subnet which pass through my linux gateway. Voip server having 4mb up n 4 mb down limit. Clients having 512kbps and upload 2mb.
Linux gateway : controlling band width of each clients
Squid acl forNAT issue with voip sites
Now my question is regarding skype calling. Since skype uses port 80, does it mean that it passes its request via proxy or direct and for safe side I've changed skype incoming port to 443 which squid does not see it. How much and width does skype use for calling in that case. Some one told me that it using squid to pass its request which I don't agree.
I have recently just got another internet connection at home via cable as well as my exisiting DSL connection. I was wanting all my web browsing that I did via squid to be redirected down the cable connection. The box has a single nic at the moment and the default route sends it via the dsl connection for the mail server that is also running on the box.I was hoping that anything that hit squid would go down the cable connection that is plugged into a router and thus I can route to 172.16.2.251 and everything will go out via cable.
I was reading about iproute2 and marking the packets and is wondering whether this is the way to go?
say i have an apache server configured for ssl/non ssl virtual hosts and a proxy configured as follows (see squid.conf)the ssl on each name based virtual host is configured on its own port (only 7 of the domains need this the rest are just media and other insignificant bits of data but domains 1-7 contain forms that require specific personal information that may be technically illegal to transmit without encryption)if any additional information is needed just let me know
domain1 is port 443
domain2 is port 444
domain3 is port 445
[code]....
I have 10 systems on my network and I have centos5.5 installed on server. All other clients are on WinXP. I am using squid server to share internet on my network.Problem is: whenever an user trying to open a website through squid server, it opens too slow, but if same user tries to open same website by passing squid server, it opens 3 times faster. Downloading speed is same in both scenario. Only buffering speed is slow through squid.
View 1 Replies View Relatedi have configured transparent squid with dansguardian for content filtering i used this squid server ip on client gateway(not on browser) for content filtering, is it possible that i could use this squid server in different VLAN.
View 3 Replies View Related