similar to: Transparent Proxy Problem with Squid3 and Shorewall

Hello there. I'm try to configure squid3 with samba4-alpha-10 autentication. My samba4 pdc work fine with a simple smb.conf: [globals] netbios name = PANTRO workgroup = MYDOMAIN realm = MYDOMAIN.LAN server role = domain controller [netlogon] path = /usr/local/samba/var/locks/sysvol/mydomain.lan/scripts read only = no

Hai, ? Im know this might not be the place to ask, but im doing it anyway..? ;-) ? Im testing an debian Jessie server with squid3 ( 3.4.8 ) Its running Debian Samba 4.1.13 with winbind. ? Im having troubles, to get the squid auth working. So my question is is someone here using kerberos authentication on squid. ( 3.4.x ) Or someone who is using the gss-spnego helper protocol. ? Im using this

> you are better off building the more up to date 3.5 version available > from Stretch/Testing repository. I disagree with this one, use SID and not testing, testing has a longer delay in security updates and koms after unstable. See : https://www.debian.org/security/faq Greetz, Louis > -----Oorspronkelijk bericht----- > Van: squid-users [mailto:squid-users-bounces at

Is it possible for squid3 to authenticate its users with samba 4 active directory while both services are on the same pc? Maybe that could be the reason it does not work for me? What do you think?

Hai, You can very easy upgrade to 3.5.12 on Jessie. Add sid to your sources.list, or better in : /etc/apt/sources.list.d/debian-sid.list Only the deb-src line is needed. Now apt-get update # install dependecies. apt-get build-dep squid # get and build source. apt-get source squid -b if you missing something, get that package first, build it, install it and do above again. !! thing to

Hello, I'm running a Squid cache (Version 3.1.10) on CentOS 6.6 as a forward proxy which is reachable over a global IPv6 address. For whatever reason, Squid tries to perform PTR lookups on the client's IPv6 address. The weird thing is, that Squid seems to struggle with the "endianess" of the IPv6 address blocks. For example: My current client IP is

Hello there. i'm check this link about squid with AD autentication: http://techmiso.com/1934/howto-install-squid-web-proxy-server-with-active-di rectory-authentication/ But the test don't work # wbinfo-t checking the trust secret via RPC calls succeeded # find / - name ntlm_auth /usr/local/samba/bin/ntlm_auth /usr/src/samba-alpha10/source4/bin/ntlm_auth /usr/lib/squid3/ntlm_auth #

> you are better off building the more up to date 3.5 version available > from Stretch/Testing repository. I disagree with this one, use SID and not testing, testing has a longer delay in security updates and coms after unstable. See : https://www.debian.org/security/faq Greetz, Louis > -----Oorspronkelijk bericht----- > Van: squid-users [mailto:squid-users-bounces at

Hello: I have a squid3 with aunteticacion ntlm integrated to samba4 but in workstations with windows 8.1 constantly asked for the username and password and it does not let the user navigate, use debian 8 + samba 4.7.7, no idea because that happens in client with windows 7 works well. smb.conf workgroup = MYDOMINIO security = ads netbios name = srv-proxy server string = Servidor Proxy de

I remember to see something about that in shorewall.net some time ago, but I could not find it today ... The case : Debian Etch, Shorewall 3.2.6, squid3 and Apache 2 . The first 3 where already running fine for some time ... Now I need to setup an Apache server to allow some web mannagement, things like PHPsysinfo, phppgadmin, just for internal net, no web access . but port 80 is redirected to

Hi all, I''m trying to set up a transparent proxy with dansguardian, and running into some strange issues with the squid setup without dansguardian. I have used shorewall for quite some time, and I''m stumped as to why I can''t get this to work. Here is a brief synopsis of my network. loc --> gateway/firewall--> net I have the following policies: #firewall to

Hi, Is it possible to transparent proxy FTP through Squid? If so what rules would i need to add to the rules file so that any ftp request is forwarding through Squid? I have www traffic being Tranparantly proxied. Herwith my www rules: REDIRECT loc 3128 tcp 80 ACCEPT loc fw::3128 tcp www - all ACCEPT fw

Hi, I try configure squid proxy transparent and shorewall In my squid.conf have this configuration: http_port 8000 acl all src 0.0.0.0/0.0.0.0 acl password REQUIRED http_access allow password http_access deny all authentica_program /usr/lib/squid/ncsa_auth /etc/squid/passwd In my rules have: REDIRECT loc 8000 tcp 80 - !MY_IP_EXTERNAL ACCEPT fw net tcp 80 I try

Hello, I'm having problems using Samba as an primary domain controller. I am using debian woody as our platform. The version of samba is "2.2.3a-12.3 for Debian" and i followed the instructions which can be found on the following url: http://www-106.ibm.com/developerworks/eserver/tutorials/samba/. In short this covers: - creating the config file - creating the users /

Hi, I followed the instructions posted on the shorewall web page for transparent proxy, but I still cannot get it to work. I have almost the same setup as described on the web, running squid on dmz, eth1, and the loc on eth2. I can see that packets going out from the fw, they are not sent to the squid proxy, and if I try to telnet to the squid proxy to port 80, where I should be directed to

Thanks to everyone for all the help getting this done. As promised, here are the detailed notes I put together. These step by step instructions should work starting with a raw RedHat Linux 9.0 system. - Greg Scott GregScott@InfraSupportEtc.com These are step by step instructions for how to install and configure the Squid proxy server with transparent authentication for users in a

Hello, I have this problem: when my mail server on the DMZ starts a connection to the internet it''s ip (213.58.230.26) is "masqueraded" with the firewall ip (213.58.230.50). I wouldn''t mind but there is a one customer who rejects the connection because it makes reverse dns and finds no dns entry for the firewall ip. How can i correct this? Thanks, MSantos shorewall

Hi, I have a big "name problem" with my internal mail server (10.0.0.152). It is "seen" on the internet through DNAT (213.58.230.27). Also there is a MX record pointing to the machine. Everything works fine from the outside. However i can''t set the mail clients on the lan pointing to the mx record, because this one points to 213.58.230.27 and the firewall

Hi. I'm using Samba 4 on two Zentyal servers as Domain Controller and now I have to authenticate some services to it (Apache and PAM in particular). The LDAP integration asks me for a LDAP bind password, but I cannot find out where it is on Zentyal. Is there a way to check (or change it) directly on Samba 4? Or is it preferable to authenticate against Active Directory or Kerberos? Thank you