Comments for NerdFish http://www.nerdfish.com A Blog for Nerds Wed, 12 Oct 2011 03:04:39 +0000 hourly 1 http://wordpress.org/?v=3.3 Comment on Setting Up Squid With a Single NIC On a Single Network by Bruce http://www.nerdfish.com/2010/07/setting-up-squid-with-a-single-nic-on-a-single-network/comment-page-1/#comment-476 Bruce Wed, 12 Oct 2011 03:04:39 +0000 http://www.nerdfish.com/?p=66#comment-476 It isn't "somehow routed" through my squid box. My clients have their default gateway set to the Squid box. This means whenever they try to reach the Internet, they don't speak to the router, they speak to the Squid box. The Squid box passes everything on except HTTP without touching it. It redirects HTTP to itself on port 3128, where Squid is waiting to service HTTP requests. If a client does a traceroute to Google the packet goes: 192.168.1.15 192.168.1.1 Then out to the Internet. And yes, my Squid box is connected to the network on a single port on a switch. It isn’t “somehow routed” through my squid box. My clients have their default gateway set to the Squid box. This means whenever they try to reach the Internet, they don’t speak to the router, they speak to the Squid box. The Squid box passes everything on except HTTP without touching it. It redirects HTTP to itself on port 3128, where Squid is waiting to service HTTP requests.

If a client does a traceroute to Google the packet goes:

192.168.1.15
192.168.1.1
Then out to the Internet.

And yes, my Squid box is connected to the network on a single port on a switch.

]]> Comment on Setting Up Squid With a Single NIC On a Single Network by Shawn Gadwa http://www.nerdfish.com/2010/07/setting-up-squid-with-a-single-nic-on-a-single-network/comment-page-1/#comment-475 Shawn Gadwa Sun, 09 Oct 2011 06:09:33 +0000 http://www.nerdfish.com/?p=66#comment-475 If I got this right, your squid box is simply connected to an extra port on your router/switch, you connect to the network through your router and traffic is somehow routed through the squid box, right? Without port forwarding in the router itself, I don't see how this would work. I'd appreciate your help. If I got this right, your squid box is simply connected to an extra port on your router/switch, you connect to the network through your router and traffic is somehow routed through the squid box, right?

Without port forwarding in the router itself, I don’t see how this would work.

I’d appreciate your help.

]]> Comment on Slowing Sites with Squid by Lenoel http://www.nerdfish.com/2010/07/slowing-sites-with-squid/comment-page-1/#comment-399 Lenoel Thu, 04 Aug 2011 13:41:55 +0000 http://www.nerdfish.com/?p=79#comment-399 Well, there's no doubt it's complicated to face this issue about free proxies. I don't have transparent proxy so my squid can manage https traffic. But even when I can catch this https or http free proxy traffic I can't deal with it in the way it deserves. I guess i will have to wait for squid developers fix the fact that i can't assign delay pools based on server responses like you said before. Thank you so much for your time, I'm much more clear now. Well, there’s no doubt it’s complicated to face this issue about free proxies. I don’t have transparent proxy so my squid can manage https traffic. But even when I can catch this https or http free proxy traffic I can’t deal with it in the way it deserves. I guess i will have to wait for squid developers fix the fact that i can’t assign delay pools based on server responses like you said before.
Thank you so much for your time, I’m much more clear now.

]]> Comment on 3TB Hard Disk Shows up as 750 GB by Anon http://www.nerdfish.com/2011/07/3tb-hard-disk-shows-up-as-750-gb/comment-page-1/#comment-398 Anon Thu, 04 Aug 2011 03:24:26 +0000 http://www.nerdfish.com/?p=170#comment-398 Worked, tyvm Worked, tyvm

]]> Comment on Converting Barracuda Spam Firewall to a VM on VMware Server by Bruce http://www.nerdfish.com/2011/07/converting-barracuda-spam-firewall-to-a-vm-on-vmware-server/comment-page-1/#comment-397 Bruce Thu, 04 Aug 2011 00:09:52 +0000 http://www.nerdfish.com/?p=173#comment-397 Yes. There are two ways to gain shell access. 1) If you have it in a VM, add the hard disk to a Linux VM you already have setup. Mount the first partition on the drive. Edit the /mnt/etc/shadow file (Assuming you mounted the first partition at /mnt) Look for the line that says something like "root:e8,je#2ciw@$lo0nfielso2!jfJEcw:15153:0:99999:7:::". Delete all the jibberish between the first : and the second :. Now when you boot the Barracuda VM, the password to root will be nothing (Just hit enter --- It will log in) 2) If you don't have your box in a VM, reboot the system. When you get to the lilo prompt where it asks which of the kernels you'd like to load, press p (I think). The password is "bimg". Make sure the first kernel is selected and press "e". It should allow you to edit the boot line for the kernel. At the end of the line add "init=/bin/bash". Press "b" to boot the lilo line you've just edited. Now you need to remount the root partition as read/write so you can change the shadow file. Type "mount -o remount, -rw /dev/ide/host0/bus0/target0/lun0 /" (if you are using SATA drives they are probably going to be under /dev/scsi/host0/bus0/target0/lun0/ or software raid /md). Next edit /etc/shadow. You are looking for the line that says something like "root:e8,je#2ciw@$lo0nfielso2!jfJEcw:15153:0:99999:7:::". Delete everything between the first : and the second : save the file and reboot the system. The root password should now be blank. Yes. There are two ways to gain shell access.

1) If you have it in a VM, add the hard disk to a Linux VM you already have setup. Mount the first partition on the drive. Edit the /mnt/etc/shadow file (Assuming you mounted the first partition at /mnt)
Look for the line that says something like “root:e8,je#2ciw@$lo0nfielso2!jfJEcw:15153:0:99999:7:::”. Delete all the jibberish between the first : and the second :. Now when you boot the Barracuda VM, the password to root will be nothing (Just hit enter — It will log in)

2) If you don’t have your box in a VM, reboot the system. When you get to the lilo prompt where it asks which of the kernels you’d like to load, press p (I think). The password is “bimg”. Make sure the first kernel is selected and press “e”. It should allow you to edit the boot line for the kernel. At the end of the line add “init=/bin/bash”. Press “b” to boot the lilo line you’ve just edited.
Now you need to remount the root partition as read/write so you can change the shadow file. Type “mount -o remount, -rw /dev/ide/host0/bus0/target0/lun0 /” (if you are using SATA drives they are probably going to be under /dev/scsi/host0/bus0/target0/lun0/ or software raid /md).
Next edit /etc/shadow. You are looking for the line that says something like “root:e8,je#2ciw@$lo0nfielso2!jfJEcw:15153:0:99999:7:::”. Delete everything between the first : and the second : save the file and reboot the system. The root password should now be blank.

]]> Comment on Converting Barracuda Spam Firewall to a VM on VMware Server by hgonzalez http://www.nerdfish.com/2011/07/converting-barracuda-spam-firewall-to-a-vm-on-vmware-server/comment-page-1/#comment-396 hgonzalez Wed, 03 Aug 2011 18:33:47 +0000 http://www.nerdfish.com/?p=173#comment-396 just wondering if you were able to gain shell/root access to your barracuda during your testing. i followed the guide the best i could and i couldnt get the lilo prompt to let me boot single-user mode. thanks! just wondering if you were able to gain shell/root access to your barracuda during your testing. i followed the guide the best i could and i couldnt get the lilo prompt to let me boot single-user mode.

thanks!

]]> Comment on Slowing Sites with Squid by Bruce http://www.nerdfish.com/2010/07/slowing-sites-with-squid/comment-page-1/#comment-395 Bruce Wed, 03 Aug 2011 00:33:27 +0000 http://www.nerdfish.com/?p=79#comment-395 To be blunt: Blocking free proxies can be near impossible. Some of the free proxies use HTTPS which cannot be transparently proxied. Even if you could intercept the HTTPS traffic, you will be faced with other problems (Like how do you verify the SSL certificate on the other end..... How do you let the user know when the other SSL certificate isn't valid?) To be blunt: Blocking free proxies can be near impossible. Some of the free proxies use HTTPS which cannot be transparently proxied. Even if you could intercept the HTTPS traffic, you will be faced with other problems (Like how do you verify the SSL certificate on the other end….. How do you let the user know when the other SSL certificate isn’t valid?)

]]> Comment on Slowing Sites with Squid by Lenoel http://www.nerdfish.com/2010/07/slowing-sites-with-squid/comment-page-1/#comment-387 Lenoel Wed, 13 Jul 2011 13:40:17 +0000 http://www.nerdfish.com/?p=79#comment-387 Wao !! I'm sorry, I didn't note before that you mentioned "req_mime_type" not "rep_mime_type". In that case it does make sense for me, my apologies for my mistake and thank you for your quick reply. I've set delay pools based on url_regex for such a media types you refer above and it's working, but I get in troubles when the user use anonymous proxies. That's why I so interested in setting delay pools based on mime types because it can not be hidden, especially reply mime types (rep_mime_types) because is downstream what I'm concerned about. Perhaps I could include delays based on url_regex acls for some known free proxies but the list would be quite a long. Do you have any other suggestion? thanks a lot for your time Wao !! I’m sorry, I didn’t note before that you mentioned “req_mime_type” not “rep_mime_type”. In that case it does make sense for me, my apologies for my mistake and thank you for your quick reply. I’ve set delay pools based on url_regex for such a media types you refer above and it’s working, but I get in troubles when the user use anonymous proxies. That’s why I so interested in setting delay pools based on mime types because it can not be hidden, especially reply mime types (rep_mime_types) because is downstream what I’m concerned about. Perhaps I could include delays based on url_regex acls for some known free proxies but the list would be quite a long. Do you have any other suggestion?
thanks a lot for your time

]]> Comment on Slowing Sites with Squid by Bruce http://www.nerdfish.com/2010/07/slowing-sites-with-squid/comment-page-1/#comment-386 Bruce Wed, 13 Jul 2011 00:21:46 +0000 http://www.nerdfish.com/?p=79#comment-386 The above page is correct. The delay pool is assigned before the server can respond with a type. I've heard that the developers of squid are working on fixing this so the delay pools can be assigned by the type defined by the server. You might note that my post mentions "req_mime_type" not "rep_mime_type". Request Mime Type is what the browser sends to the server. Reply Mime Type is what the webserver replies with I believe. req_mime_type won't catch all media types and so that is why I included the "url_regex". Generally when someone is requesting media it will contain an extension such as flv, mp3, mp4, wma, wmv, etc... These don't always catch streaming media types, so I also included a file with several domains (Such as youtube, pandora, facebook, etc), that I know would be non-work related. Any of these filters can be matched before the request is made, and thus they can be used to help determine which delay pool traffic should be put into. The above page is correct. The delay pool is assigned before the server can respond with a type. I’ve heard that the developers of squid are working on fixing this so the delay pools can be assigned by the type defined by the server. You might note that my post mentions “req_mime_type” not “rep_mime_type”. Request Mime Type is what the browser sends to the server. Reply Mime Type is what the webserver replies with I believe.

req_mime_type won’t catch all media types and so that is why I included the “url_regex”. Generally when someone is requesting media it will contain an extension such as flv, mp3, mp4, wma, wmv, etc… These don’t always catch streaming media types, so I also included a file with several domains (Such as youtube, pandora, facebook, etc), that I know would be non-work related. Any of these filters can be matched before the request is made, and thus they can be used to help determine which delay pool traffic should be put into.

]]> Comment on Slowing Sites with Squid by Lenoel http://www.nerdfish.com/2010/07/slowing-sites-with-squid/comment-page-1/#comment-385 Lenoel Tue, 12 Jul 2011 21:53:27 +0000 http://www.nerdfish.com/?p=79#comment-385 I've been trying to set delay pools based on mime types using req_mime_type acls but it doesn't seem to work for me. I've been googling all this days and I found similar configurations in other sites. but, in a forum somebody say that setting delay pools based on rep_mime_type acl it's not feasible. the argument exposed in there make sense for me ... "Delay pools is assigned when making the request, before seeing the reply from the server. " ... http://www.squid-cache.org/mail-archive/squid-users/200408/0313.html I just aim to understand this and be sure that I'll get some results if I accomplish it. Could you please help me out? Thanks in advance. I’ve been trying to set delay pools based on mime types using req_mime_type acls but it doesn’t seem to work for me. I’ve been googling all this days and I found similar configurations in other sites. but, in a forum somebody say that setting delay pools based on rep_mime_type acl it’s not feasible. the argument exposed in there make sense for me … “Delay pools is assigned when making the request, before seeing the reply from the server. ” …
http://www.squid-cache.org/mail-archive/squid-users/200408/0313.html
I just aim to understand this and be sure that I’ll get some results if I accomplish it. Could you please help me out?
Thanks in advance.

]]>