date:20200213

Re: [squid-users] squid-users Digest, Vol 66, Issue 13, Squid 4.10 for windows

2020-02-13 Thread Latino, Chris

Unfortunately due to design by architects here this will not be possible at 
this moment, but I will suggest this up the chain. So we will stick with 
v3.5.28. Is there plans to make the windows version available in the future.

Chris Latino
Systems Platform Engineer II

Mastercard
1 Angel Lane | London, EC4R 3AB


-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf 
Of squid-users-requ...@lists.squid-cache.org
Sent: 13 February 2020 16:26
To: squid-users@lists.squid-cache.org
Subject: squid-users Digest, Vol 66, Issue 13

Send squid-users mailing list submissions to
squid-users@lists.squid-cache.org

To subscribe or unsubscribe via the World Wide Web, visit

https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.squid-2Dcache.org_listinfo_squid-2Dusers=DwIGaQ=uc5ZRXl8dGLM1RMQwf7xTCjRqXF0jmCF6SP0bDlmMmY=ZO_4u8yVNn_3q7TmkfoNDXPUaze1C-nxiq5H74Rmf8Y=E7G7-YCdvdwuhscn3KcjCIzHnY1HIdbZVfI2BbqgHWg=4AFST0RQi7tk2FMW7MRTtOlMTMORZwr4VWlcElN0uCk=
or, via email, send a message with subject or body 'help' to
squid-users-requ...@lists.squid-cache.org

You can reach the person managing the list at
squid-users-ow...@lists.squid-cache.org

When replying, please edit your Subject line so it is more specific than "Re: 
Contents of squid-users digest..."


Today's Topics:

   1. Re: Squid proxy incoming and outcoming connections?
  (Patrícia Sousa)
   2. Re: Squid proxy incoming and outcoming connections?
  (Felipe Arturo Polanco)
   3. Re: Squid 4.10 for windows (Rafael Akchurin)


--

Message: 1
Date: Thu, 13 Feb 2020 16:18:34 +
From: Patrícia Sousa 
To: Felipe Arturo Polanco 
Cc: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid proxy incoming and outcoming
connections?
Message-ID:

Content-Type: text/plain; charset="utf-8"

Hi,

Thanks for the tip,

Enabling debug_options I can see that the wget from the machine computer to the 
Squid machine does not goes through the proxy. Any idea why?

Felipe Arturo Polanco  escreveu no dia quinta,
13/02/2020 à(s) 15:32:

> Hi,
>
> For this, you need to use IPtables to block at the network level.
>
> SSH uses port 22/tcp but wget uses HTTP, it should have been blocked 
> by squid.
> Enabled debug_options in squid to see why it was allowed.
>
>
>
> On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa 
> wrote:
>
>> I'm using the squid proxy and I'm trying to block some connections 
>> (incoming and outcoming traffic) from a certain ip address. However, 
>> for example, if I deny all the connections (http_access deny all) it 
>> only blocks the connections that I made to websites for example, but 
>> if I use another PC and try to ssh or wget the PC that owns the proxy 
>> squid, it is allowed. How can I block the traffic from and to a 
>> specific IP or DNS? It is possible to do this with Squid?
>>
>> If not, what is the best way to do this?
>>
>> Thank you.
>> ___
>> squid-users mailing list
>> squid-users@lists.squid-cache.org
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.squid-2Dcac
>> he.org_listinfo_squid-2Dusers=DwIGaQ=uc5ZRXl8dGLM1RMQwf7xTCjRqXF0
>> jmCF6SP0bDlmMmY=ZO_4u8yVNn_3q7TmkfoNDXPUaze1C-nxiq5H74Rmf8Y=E7G7-
>> YCdvdwuhscn3KcjCIzHnY1HIdbZVfI2BbqgHWg=4AFST0RQi7tk2FMW7MRTtOlMTMOR
>> Zwr4VWlcElN0uCk=
>>
>
-- next part --
An HTML attachment was scrubbed...
URL: 


--

Message: 2
Date: Thu, 13 Feb 2020 12:21:50 -0400
From: Felipe Arturo Polanco 
To: Patrícia Sousa 
Cc: Squid Users 
Subject: Re: [squid-users] Squid proxy incoming and outcoming
connections?
Message-ID:

Content-Type: text/plain; charset="utf-8"

Did you configure Squid to accept both HTTP and HTTPS ports?

Please share your squid.conf file.

Thanks,

On Thu, Feb 13, 2020 at 12:18 PM Patrícia Sousa  wrote:

> Hi,
>
> Thanks for the tip,
>
> Enabling debug_options I can see that the wget from the machine 
> computer to the Squid machine does not goes through the proxy. Any idea why?
>
> Felipe Arturo Polanco  escreveu no dia 
> quinta,
> 13/02/2020 à(s) 15:32:
>
>> Hi,
>>
>> For this, you need to use IPtables to block at the network level.
>>
>> SSH uses port 22/tcp but wget uses HTTP, it should have been blocked 
>> by squid.
>> Enabled debug_options in squid to see why it was allowed.
>>
>>
>>
>> On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa 
>> wrote:
>>
>>> I'm using the squid proxy and I'm trying to block some connections 
>>> (incoming and outcoming

Re: [squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Felipe Arturo Polanco

You only have one port open for Squid
http_port 3128
You need two ports, one for HTTP and another for HTTPS.
Also, if you are going to block HTTPS based on the domain name, you need to
do sslBump to get the SNI of the destination website and then terminate the
SSL connection.

On Thu, Feb 13, 2020 at 12:26 PM Patrícia Sousa  wrote:

> I think so.
>
> Here is the conf file: https://pastebin.com/DKMbwNV6
>
> Felipe Arturo Polanco  escreveu no dia quinta,
> 13/02/2020 à(s) 16:22:
>
>> Did you configure Squid to accept both HTTP and HTTPS ports?
>>
>> Please share your squid.conf file.
>>
>> Thanks,
>>
>> On Thu, Feb 13, 2020 at 12:18 PM Patrícia Sousa 
>> wrote:
>>
>>> Hi,
>>>
>>> Thanks for the tip,
>>>
>>> Enabling debug_options I can see that the wget from the machine computer
>>> to the Squid machine does not goes through the proxy. Any idea why?
>>>
>>> Felipe Arturo Polanco  escreveu no dia
>>> quinta, 13/02/2020 à(s) 15:32:
>>>
 Hi,

 For this, you need to use IPtables to block at the network level.

 SSH uses port 22/tcp but wget uses HTTP, it should have been blocked by
 squid.
 Enabled debug_options in squid to see why it was allowed.



 On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa 
 wrote:

> I'm using the squid proxy and I'm trying to block some connections
> (incoming and outcoming traffic) from a certain ip address. However, for
> example, if I deny all the connections (http_access deny all) it only
> blocks the connections that I made to websites for example, but if I use
> another PC and try to ssh or wget the PC that owns the proxy squid, it is
> allowed. How can I block the traffic from and to a specific IP or DNS? It
> is possible to do this with Squid?
>
> If not, what is the best way to do this?
>
> Thank you.
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Patrícia Sousa

I think so.

Here is the conf file: https://pastebin.com/DKMbwNV6

Felipe Arturo Polanco  escreveu no dia quinta,
13/02/2020 à(s) 16:22:

> Did you configure Squid to accept both HTTP and HTTPS ports?
>
> Please share your squid.conf file.
>
> Thanks,
>
> On Thu, Feb 13, 2020 at 12:18 PM Patrícia Sousa 
> wrote:
>
>> Hi,
>>
>> Thanks for the tip,
>>
>> Enabling debug_options I can see that the wget from the machine computer
>> to the Squid machine does not goes through the proxy. Any idea why?
>>
>> Felipe Arturo Polanco  escreveu no dia quinta,
>> 13/02/2020 à(s) 15:32:
>>
>>> Hi,
>>>
>>> For this, you need to use IPtables to block at the network level.
>>>
>>> SSH uses port 22/tcp but wget uses HTTP, it should have been blocked by
>>> squid.
>>> Enabled debug_options in squid to see why it was allowed.
>>>
>>>
>>>
>>> On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa 
>>> wrote:
>>>
 I'm using the squid proxy and I'm trying to block some connections
 (incoming and outcoming traffic) from a certain ip address. However, for
 example, if I deny all the connections (http_access deny all) it only
 blocks the connections that I made to websites for example, but if I use
 another PC and try to ssh or wget the PC that owns the proxy squid, it is
 allowed. How can I block the traffic from and to a specific IP or DNS? It
 is possible to do this with Squid?

 If not, what is the best way to do this?

 Thank you.
 ___
 squid-users mailing list
 squid-users@lists.squid-cache.org
 http://lists.squid-cache.org/listinfo/squid-users

>>>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid 4.10 for windows

2020-02-13 Thread Rafael Akchurin

Sorry Chris,

We still cannot find time to finish compilation of Squid 4 for Windows.
The Linux version running within Hyper-V works much better most probably. Why 
not to try it?

Best regards,
Rafael Akchurin
Diladele B.V.


From: squid-users  On Behalf Of 
Latino, Chris
Sent: Thursday, 13 February 2020 17:17
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Squid 4.10 for windows

Hi

Hoping you can help we are using squid for windows 3.5.28

Our vulnerability scanner is saying this isn't the latest version but I can't 
see a 4.10 version for windows and when I go to

https://squid.diladele.com/

It's still showing the 3.5.28 version

Chris Latino
Senior Systems Platform Engineer II

Mastercard
1 Angel Lane | London, EC4R 3AB
[cid:image001.png@01D5E292.B0BD8290]

CONFIDENTIALITY NOTICE This e-mail message and any attachments are only for the 
use of the intended recipient and may contain information that is privileged, 
confidential or exempt from disclosure under applicable law. If you are not the 
intended recipient, any disclosure, distribution or other use of this e-mail 
message or attachments is prohibited. If you have received this e-mail message 
in error, please delete and notify the sender immediately. Thank you.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Felipe Arturo Polanco

Did you configure Squid to accept both HTTP and HTTPS ports?

Please share your squid.conf file.

Thanks,

On Thu, Feb 13, 2020 at 12:18 PM Patrícia Sousa  wrote:

> Hi,
>
> Thanks for the tip,
>
> Enabling debug_options I can see that the wget from the machine computer
> to the Squid machine does not goes through the proxy. Any idea why?
>
> Felipe Arturo Polanco  escreveu no dia quinta,
> 13/02/2020 à(s) 15:32:
>
>> Hi,
>>
>> For this, you need to use IPtables to block at the network level.
>>
>> SSH uses port 22/tcp but wget uses HTTP, it should have been blocked by
>> squid.
>> Enabled debug_options in squid to see why it was allowed.
>>
>>
>>
>> On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa 
>> wrote:
>>
>>> I'm using the squid proxy and I'm trying to block some connections
>>> (incoming and outcoming traffic) from a certain ip address. However, for
>>> example, if I deny all the connections (http_access deny all) it only
>>> blocks the connections that I made to websites for example, but if I use
>>> another PC and try to ssh or wget the PC that owns the proxy squid, it is
>>> allowed. How can I block the traffic from and to a specific IP or DNS? It
>>> is possible to do this with Squid?
>>>
>>> If not, what is the best way to do this?
>>>
>>> Thank you.
>>> ___
>>> squid-users mailing list
>>> squid-users@lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>>>
>>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Patrícia Sousa

Hi,

Thanks for the tip,

Enabling debug_options I can see that the wget from the machine computer to
the Squid machine does not goes through the proxy. Any idea why?

Felipe Arturo Polanco  escreveu no dia quinta,
13/02/2020 à(s) 15:32:

> Hi,
>
> For this, you need to use IPtables to block at the network level.
>
> SSH uses port 22/tcp but wget uses HTTP, it should have been blocked by
> squid.
> Enabled debug_options in squid to see why it was allowed.
>
>
>
> On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa 
> wrote:
>
>> I'm using the squid proxy and I'm trying to block some connections
>> (incoming and outcoming traffic) from a certain ip address. However, for
>> example, if I deny all the connections (http_access deny all) it only
>> blocks the connections that I made to websites for example, but if I use
>> another PC and try to ssh or wget the PC that owns the proxy squid, it is
>> allowed. How can I block the traffic from and to a specific IP or DNS? It
>> is possible to do this with Squid?
>>
>> If not, what is the best way to do this?
>>
>> Thank you.
>> ___
>> squid-users mailing list
>> squid-users@lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Squid 4.10 for windows

2020-02-13 Thread Latino, Chris

Hi

Hoping you can help we are using squid for windows 3.5.28

Our vulnerability scanner is saying this isn't the latest version but I can't 
see a 4.10 version for windows and when I go to

https://squid.diladele.com/

It's still showing the 3.5.28 version

Chris Latino
Senior Systems Platform Engineer II

Mastercard
1 Angel Lane | London, EC4R 3AB
[cid:image001.png@01D5E289.0D722900]

CONFIDENTIALITY NOTICE This e-mail message and any attachments are only for the 
use of the intended recipient and may contain information that is privileged, 
confidential or exempt from disclosure under applicable law. If you are not the 
intended recipient, any disclosure, distribution or other use of this e-mail 
message or attachments is prohibited. If you have received this e-mail message 
in error, please delete and notify the sender immediately. Thank you.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Dean E. Weimer


On 2020-02-13 9:10 am, Patrícia Sousa wrote:

I'm using the squid proxy and I'm trying to block some connections (incoming and outcoming traffic) from a certain ip address. However, for example, if I deny all the connections (http_access deny all) it only blocks the connections that I made to websites for example, but if I use another PC and try to ssh or wget the PC that owns the proxy squid, it is allowed. How can I block the traffic from and to a specific IP or DNS? It is possible to do this with Squid? 

If not, what is the best way to do this? 


Thank you.


You need two ACL lines: 
acl BadIPSource src 1.1.1.1/32 
acl BadIPDst dst 1.1.1.1/32 


You can use srcdomain & dstdomain instead of src & dst to use domain
instead of IP. 


Rules are processed in order, if you are specifically wanting to block
this domain/IP put it first. Then youur allow lines and finally the deny
all line to block anything you haven't specifically allowed. 

http_access deny BadIPSource  
http_access deny BadIPDst 
[...Youur Allow Lines Here...] 
http_access deny all 


--
Thanks,
  Dean E. Weimer
  http://www.dweimer.net/___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Felipe Arturo Polanco

Hi,

For this, you need to use IPtables to block at the network level.

SSH uses port 22/tcp but wget uses HTTP, it should have been blocked by
squid.
Enabled debug_options in squid to see why it was allowed.



On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa  wrote:

> I'm using the squid proxy and I'm trying to block some connections
> (incoming and outcoming traffic) from a certain ip address. However, for
> example, if I deny all the connections (http_access deny all) it only
> blocks the connections that I made to websites for example, but if I use
> another PC and try to ssh or wget the PC that owns the proxy squid, it is
> allowed. How can I block the traffic from and to a specific IP or DNS? It
> is possible to do this with Squid?
>
> If not, what is the best way to do this?
>
> Thank you.
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Squid proxy incoming and outcoming connections?

2020-02-13 Thread Patrícia Sousa

I'm using the squid proxy and I'm trying to block some connections
(incoming and outcoming traffic) from a certain ip address. However, for
example, if I deny all the connections (http_access deny all) it only
blocks the connections that I made to websites for example, but if I use
another PC and try to ssh or wget the PC that owns the proxy squid, it is
allowed. How can I block the traffic from and to a specific IP or DNS? It
is possible to do this with Squid?

If not, what is the best way to do this?

Thank you.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] squid-users Digest, Vol 66, Issue 13, Squid 4.10 for windows

Re: [squid-users] Squid proxy incoming and outcoming connections?

Re: [squid-users] Squid proxy incoming and outcoming connections?

Re: [squid-users] Squid 4.10 for windows

Re: [squid-users] Squid proxy incoming and outcoming connections?

Re: [squid-users] Squid proxy incoming and outcoming connections?

[squid-users] Squid 4.10 for windows

Re: [squid-users] Squid proxy incoming and outcoming connections?

Re: [squid-users] Squid proxy incoming and outcoming connections?

[squid-users] Squid proxy incoming and outcoming connections?

10 matches

Site Navigation

Mail list logo

Footer information