Hi,
Agree that Squid is a specialized proxy and more optimal architecture for
the purpose and trying to achieve HA on the Browser side is certainly a bad
idea.
Talking specifically of a reverse proxy scenario, whether one uses Squid or
Apache mod_proxy or something else may well depend upon what
Accessing via the browser may work but the sync clients that sit in the system
tray use certificate pinning I believe. So if certificate pinning is being
used, ssl bumping will not work. You will see an alert message in the pcap
followed by a connection termination.
-Shane Original
On 1/09/2015 1:52 a.m., Corbo, Nelson wrote:
> Antony thanks for your quick reply
>
> About request it looks to be this one:
> Acces.log
> 1441029005.619 2159098 10.183.2.33 TCP_TUNNEL/200 23389 CONNECT
> outlook.office365.com:443 - HIER_DIRECT/132.245.44.226 -
> Cache.log
>
I'm thinking about something like this
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
>
> I'm thinking about something like this
>
>
Sorry wrong move :)
So, What I meant was
I'm thinking about something like this
# HTTP 1/1
# The refresh_pattern rules applied only to responses without an explicit
expiration time
# min 1440 minutes
# Max 10080 minutes
# http 10080 / 60 /
Hello guys...
I need to make on my squid the following.
When the user put its login and password it redirects the user to a default
page (lets say www.example.com)
And then after that the user can browse normally.
Some people told me i need to make a splash page, is that right ?
how do i do that
Well... now its appearing the following when i try to access...
Internal Error: Missing Template /etc/squid/splash.html
Ideas ?
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Splash-page-tp4672984p4672985.html
Sent from the Squid - Users mailing list
On Monday 31 Aug 2015 at 17:38, adricustodio wrote:
> Well... now its appearing the following when i try to access...
>
> Internal Error: Missing Template /etc/squid/splash.html
>
> Ideas ?
Well, sorry to be a bit obvious about this, but did you create that file when
you added this line to
yes.
I found the error just now...
I saw here on this forum the answer.
I need to add the splash.html on the template folder
(/usr/share/squid/errors/template)
And on the squid.conf file just did deny_info 511:splash.html existing_users
Now it worked!
=D
--
View this message in context:
On 1/09/2015 4:01 a.m., FredB wrote:
>
>>
>> I'm thinking about something like this
>>
>>
>
>
> Sorry wrong move :)
>
> So, What I meant was
>
> I'm thinking about something like this
>
> # HTTP 1/1
> # The refresh_pattern rules applied only to responses without an explicit
> expiration
On 01/09/15 02:59, Shane King wrote:
> Accessing via the browser may work but the sync clients that sit in
> the system tray use certificate pinning I believe. So if certificate
> pinning is being used, ssl bumping will not work. You will see an
> alert message in the pcap followed by a connection
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Aha. And future of caching software too. With total HTTPS migration.
01.09.15 2:21, Jason Haar пишет:
> On 01/09/15 02:59, Shane King wrote:
>> Accessing via the browser may work but the sync clients that sit in
>> the system tray use certificate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
But everything will very secure, is it? :)
01.09.15 2:21, Jason Haar пишет:
> On 01/09/15 02:59, Shane King wrote:
>> Accessing via the browser may work but the sync clients that sit in
>> the system tray use certificate pinning I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BTW, GoogleDrive web application still works with bump. Use it, Luke ;)
01.09.15 2:21, Jason Haar пишет:
> On 01/09/15 02:59, Shane King wrote:
>> Accessing via the browser may work but the sync clients that sit in
>> the system tray use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I see this one?
1441054231.642 21243 127.0.0.1 TCP_HIT_ABORTED/000 0 GET
http://wiki.squid-cache.org/wiki/squidtheme/js/kutils.js -
HIER_DIRECT/2001:4b78:2003::1 -
1441054231.642 21245 127.0.0.1 TCP_SWAPFAIL_MISS_ABORTED/000 0 GET
Yes, SSLBump still works with the web apps, but it would be a lot more
convenient if the mobile apps would also work.
Does anyone know how to pin Squid's self-signed certificate's public key to
Googledrive and Dropbox so that it would work with SSLBump enabled?
Stan
On Mon, Aug 31, 2015 at 3:29
Works for me:
#curl -Iv wiki.squid-cache.org
* Rebuilt URL to: wiki.squid-cache.org/
* Hostname was NOT found in DNS cache
* Trying 2001:4b78:2003::1...
* Connected to wiki.squid-cache.org (2001:4b78:2003::1) port 80 (#0)
> HEAD / HTTP/1.1
> User-Agent: curl/7.35.0
> Host: wiki.squid-cache.org
Hi.
Just wondering.
in the config file, this parameter must exist 1 or 1 with each delay_pool?
squid 3.3.4.x, thanks.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 1/09/2015 12:15 p.m., Beto Moreno wrote:
> Hi.
>
> Just wondering.
>
> in the config file, this parameter must exist 1 or 1 with each delay_pool?
Best to either not set it at all, or set it at one value before
configuring the pools.
If you set it to different values between pools it
The SSL pinning means dropbox application does know the fingerprint of the
certificate of the connection out-of-band and will simply refuse to work with
another (even trusted one).
It is not possible to change this behaviour without recompiling unless
developers of dropbox has some "managed"
On 31/08/2015 6:23 p.m., Ashish Mukherjee wrote:
> Hi,
>
> Agree that Squid is a specialized proxy and more optimal architecture for
> the purpose and trying to achieve HA on the Browser side is certainly a bad
> idea.
>
> Talking specifically of a reverse proxy scenario, whether one uses Squid
We have users of Squid 3.5.x with SSLBump enabled complaining about their
DropBox and GoogleDrive apps not connecting. We are assuming this is
related to the fact that these apps use HTTPS but they are not part of any
of the browsers, therefor these apps do not have the sefl-signed
certificate
Hello,
I'm getting failure messages in squid 3.57 for Windows, I don't
know the reason. I'll appreciate your support with this issue.
Access.log:
2015/08/31 10:03:41 kid1| local=IP_SQUID_SERVER:3128
remote=IP_CLIENT:CLIENT_PORT FD 77 flags=1: read/write failure: (113) Software
On Monday 31 Aug 2015 at 14:08, Corbo, Nelson wrote:
> I'm getting failure messages in squid 3.57 for Windows, I
> don't know the reason. I'll appreciate your support with this issue.
We'd appreciate in return some information about:
- what was the request which got aborted?
-
many thanks Anas is very encouraging to know that someone is working for
you to continue with my goal.
greetings and thank you very much.
--
View this message in context:
Antony thanks for your quick reply
About request it looks to be this one:
Acces.log
1441029005.619 2159098 10.183.2.33 TCP_TUNNEL/200 23389 CONNECT
outlook.office365.com:443 - HIER_DIRECT/132.245.44.226 -
Cache.log
2015/08/31 10:50:05 kid1| local=10.183.10.61:3128
26 matches
Mail list logo