|
|
Sponsored Content
Operating Systems
Linux
Not able to setup CentOS 7 as gateway [Using squid proxy]
Post 303008704 by sunnysthakur on Tuesday 5th of December 2017 04:51:02 AM
12-05-2017
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
hi. pardon my noob question id just like to have a quick answer. i am planning to install a jabber webclient and a jabber server in our apache server. my boss said this wouldnt work because squid filters port 5222 connections (jabber). i told him we can simply 'unfilter' the port then but he said... (0 Replies)
Discussion started by: marcpascual
0 Replies
2. IP Networking
I have an architecture as below
<> <>
There is a program in the AIX server which sends SMS to the internet, by sending HTTP request to the SMS processing server.
Like, http://smsserver/mysms=test
However the application does not have an option to specify where the Proxy server... (1 Reply)
Discussion started by: firdousamir
1 Replies
3. IP Networking
hi guys!
We are setting up Squid Server. we want the server to be transparent. But I don't know how will i be able to set the network up. is it possible to set the squid server in the same LAN with the Squid Client and still functions as a transparent server? if so, can anybody help me do it?
... (1 Reply)
Discussion started by: init6_
1 Replies
4. UNIX for Advanced & Expert Users
Hi all,
The scenario is:
http://img834.imageshack.us/img834/7990/1234z.jpg
- With:
+ 192.168.100.0/24 : internet link (simulation)
+ Multiple Websites are hosting in local.
+ Complete DNS configuration.
+ OS: CentOS 5
- Requirements:
Configure Squid Proxy as... (0 Replies)
Discussion started by: kidzer0
0 Replies
5. Linux
Dear Sir
I am a newbie in the world of IP telephony. I have been working with Asterisk PBX (SIP) and Cisco Call Manager (MGCP) but now I am learning on how to work GNUGK for H.323 Gatekeeper.
I am having a problem, configuring static call routing on GNUGK
in the section
... (0 Replies)
Discussion started by: mfondoum
0 Replies
6. IP Networking
Can any one direct me to the resources where I can find in-depth instructions on Squid Proxy server and its configuration?
Thanks in advance.:) (1 Reply)
Discussion started by: admin_xor
1 Replies
7. Linux
Hi we have Centos Server and we have client machines using Ubuntu 12.04 and Win7,I Have Configured Squid only purposely for facebook denied, Cos User;s often being in fb so need to do it, have configured squid as transpernt , followed this How to install squid proxy on centos 6 steps to did it and... (1 Reply)
Discussion started by: babinlonston
1 Replies
8. Linux
Hi All Im using squid Proxy in centos
Squid version = squid.x86_64 7:3.1.10-20.el6_5
CentOS release 6.5 (Final)
Router IP = 192.168.1.1
My proxy System have 2 Ethernet port
eth0
eth1
Using IP address for eth0 = 192.168.1.15/24
using IP address for eth1 = 192.168.1.16/24
Default... (1 Reply)
Discussion started by: babinlonston
1 Replies
9. Linux
Hi we have Centos Server and we have client machines using Ubuntu 12.04 and Win7,I Have Configured Squid only purposely for facebook denied, Cos User;s often being in fb so need to do it, have configured squid as transparent , followed this How to install squid proxy on centos 6 steps to did it and... (2 Replies)
Discussion started by: babinlonston
2 Replies
10. UNIX for Advanced & Expert Users
Hello,
We are migrating our gateways from CentOS 6 to CentOS 7 and for setting up a transparent proxy using squid and Firewalld i am using below configuration.
#Firewalld configurations
firewall-cmd --permanent --zone=public --add-forward-port=port=80:proto=tcp:toport=3128:toaddr=LAN_IP... (4 Replies)
Discussion started by: sunnysthakur
4 Replies
LEARN ABOUT CENTOS
negotiate_kerberos_auth
negotiate_kerberos_auth(8) System Manager's Manual negotiate_kerberos_auth(8) NAME
negotiate_kerberos_auth - Squid kerberos based authentication helper Version 3.0.4sq SYNOPSIS
negotiate_kerberos_auth [-h] [-d] [-i] [-r] [-s Service-Principal-Name] DESCRIPTION
negotiate_kerberos_auth is an installed binary and allows Squid to authenticate users via the Negotiate protocol and Kerberos. OPTIONS
-h Display the binary help and command line syntax info using stderr. -d Write debug messages to stderr. -i Write informational messages to stderr. -r Remove realm from username before returning the username to squid. -s Service-Principal-name Provide Service Principal Name. CONFIGURATION
This helper is intended to be used as an authentication helper in squid.conf. auth_param negotiate program /path/to/negotiate_kerberos_auth auth_param negotiate children 10 auth_param negotiate keep_alive on NOTE: The following squid startup file modification may be required: Add the following lines to the squid startup script to point squid to a keytab file which contains the HTTP/fqdn service principal for the default Kerberos domain. The fqdn must be the proxy name set in IE or firefox. You can not use an IP address. KRB5_KTNAME=/etc/squid/HTTP.keytab export KRB5_KTNAME If you use a different Kerberos domain than the machine itself is in you can point squid to the seperate Kerberos config file by setting the following environmnet variable in the startup script. KRB5_CONFIG=/etc/krb5-squid.conf export KRB5_CONFIG Kerberos can keep a replay cache to detect the reuse of Kerberos tickets (usually only possible in a 5 minute window) . If squid is under high load with Negotiate(Kerberos) proxy authentication requests the replay cache checks can create high CPU load. If the environment does not require high security the replay cache check can be disabled for MIT based Kerberos implementations by adding the following to the startup script KRB5RCACHETYPE=none export KRB5RCACHETYPE If negotiate_kerberos_auth doesn't determine for some reason the right service principal you can provide it with -s HTTP/fqdn. If you serve multiple Kerberos realms add a HTTP/fqdn@REALM service principal per realm to the HTTP.keytab file and use the -s GSS_C_NO_NAME option with negotiate_kerberos_auth. AUTHOR
This program was written by Markus Moeller <markus_moeller@compuserve.com> This manual was written by Markus Moeller <markus_moeller@compuserve.com> COPYRIGHT
This program and documentation is copyright to the authors named above. Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+). QUESTIONS
Questions on the usage of this program can be sent to the Squid Users mailing list <squid-users@squid-cache.org> REPORTING BUGS
Bug reports need to be made in English. See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. Report bugs or bug fixes using http://bugs.squid-cache.org/ Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org> Report ideas for new improvements to the Squid Developers mailing list <squid-dev@squid-cache.org> SEE ALSO
squid(8) ext_kerberos_ldap_group_acl(8) RFC4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows, RFC2478 - The Simple and Protected GSS-API Negotiation Mechanism, RFC1964 - The Kerberos Version 5 GSS-API Mechanism, The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq The Squid Configuration Manual http://www.squid-cache.org/Doc/config/ http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos negotiate_kerberos_auth(8)