Hey Yuri,
I have compiled the services for solaris and windows and can be
downloaded at:
http://ngtech.co.il/squidblocker/downloads/
Also I am publishing the client source code at:
https://github.com/elico/squidblocker-client
This is one piece of the puzzle that takes a very high load.
One of
My apologies, I just assumed that I was dealing with the same issue i
was before. I have applied both patches and will report on the success
after I see a good amount of use.
On Tue, Sep 15, 2015 at 1:10 AM, Alex Rousskov
wrote:
> On 09/14/2015 08:09 PM, Nicolaas Hyatt wrote:
>> Recent Backtrace:
On 09/15/2015 07:33 PM, PSA wrote:
> Hi,
>
> I am updating a url_rewrite helper. My helper is getting the following
> input:
> https://my.url/is/here - GET myip=10.0.0.1 myport=443
>
> I've looked this up here
> http://www.squid-cache.org/Versions/v3/3.5/cfgman/url_rewrite_extras.html
> I w
Hi,
I am updating a url_rewrite helper. My helper is getting the following
input:
https://my.url/is/here - GET myip=10.0.0.1 myport=443
I've looked this up here
http://www.squid-cache.org/Versions/v3/3.5/cfgman/url_rewrite_extras.html
and found this:
Default Value: url_rewrite_extras "%>a/%>A
Here is my testing config from test system. This is original
configuration, which is works well with HTTP but not with HTTPS.
I've tried to permit CONNECT access to cache_peer, config cache_peer as
ssl, splice forwarded URL's... without any result.
When I've turned URL into cache_peer -
access.lo
On 15.09.15 23:42, Yuri Voinov wrote:
I asked a specific question. How does Squid as a whole - I am well
aware. Before asking a question - I tried everything I seemed right. And
I asked, hoping to get a specific answer or intelligible explanation,
not the common words and sentences to read the ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Antony,
thank your for answer.
My problem is a bit specific.
I have some permanently ISP-banned sites. I need to pass-through it from
transparent interception Squid to cache_peer - both plain HTTP and HTTPS
tunnels without decryption. Sites d
On Tuesday 15 September 2015 at 19:45:05, Yuri Voinov wrote:
> I want to get the answer the people who did it. And not those that
> suggest that they could do it.
I have a suggestion which I hope may help - show us a configuration you have
tried, following the documentation, and tell us in what
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I want to get the answer the people who did it. And not those that
suggest that they could do it.
15.09.15 23:42, Matus UHLAR - fantomas пишет:
>>> On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I asked a specific question. How does Squid as a whole - I am well
aware. Before asking a question - I tried everything I seemed right. And
I asked, hoping to get a specific answer or intelligible explanation,
not the common words and sentences to
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
On 15.09.15 23:33,
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
On 15.09.15 23:27
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
There is no answer.
15.09.15 23:31, Matus UHLAR - fantomas пишет:
> On 15.09.15 23:27, Yuri Voinov wrote:
>> Is it possible to specifically - how exactly it is necessary to write
>> the configuration? The fact is that any variations on a similar t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Squid working in transparent SSL Bump mode.
AFAIK, here is SSL decrypts. AFAIK, decrypted tunnel denied to be
forwarded to parent.
I need to forward some URLs without decryption to peer. Whole session
starting with CONNECT.
Problem: Peer must ac
On 15.09.15 23:27, Yuri Voinov wrote:
Is it possible to specifically - how exactly it is necessary to write
the configuration? The fact is that any variations on a similar theme
cause assertion.
just combine it with proper acl of type dst or dstdomain...
15.09.15 23:17, Matus UHLAR - fantomas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Is it possible to specifically - how exactly it is necessary to write
the configuration? The fact is that any variations on a similar theme
cause assertion.
15.09.15 23:17, Matus UHLAR - fantomas пишет:
> On 15.09.15 22:45, Yuri Voinov wrote:
>> D
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
I need to send some sites, defined by ACL, connections with starts
On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote:
we have squidguard on a few servers and I'd like to redirect client's
request
directly to squid's error page, e.g. ERR_ACCESS_DENIED
Is that possible directly through e.g. internal URL, or do I have to play
with special page and acl?
(it sho
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
I'll try to explain.
I need to send some sites, defined by ACL, connections with starts with
CONNECT (443 port), to the cache_peer first? Rather t
On 09/15/2015 03:50 AM, Amos Jeffries wrote:
> The right way to perform access authorization is with the http_access or
> adapted_http_access rules. That is also the only way to *generate*
> ERR_ACCESS_DENIED.
For completeness sake, it is also possible to deny a request using eCAP
blockVirgin() A
On 15 September 2015 at 17:18, Martin Dietze wrote:
> To me it seems like my squid does not understand it needs to use the
> global proxy for HEAD requests as well as for GET. But I could not find any
> reference to this particular problem anywhere in the web.
I have found a way to solve this n
In our network we are behind a proxy that I don't have access to. In order
to speed up deployments and development I am trying to set up a caching
squid proxy for yum and maven repositories.
Naturally, this proxy needs to be configured to use our company's global
proxy as parent.
I have successful
Amos, thanks for your answer. I understand your point in
collapsed_forwarding not being triggered because the requests are not
concurrent, nevertheless if I use collapsed_forwarding the Vary loop
appears, if I disable it, format the cache_dir and start over .. It does
not appear.
If you think
On 15/09/2015 9:16 a.m., Sebastián Goicochea wrote:
> I could finally isolate the problem, it only happens if you are using
> collapsed_forwarding.
>
> If you want, you can use this script to replicate it:
>
> #!/bin/bash
> H='--header'
>
> echo "With Firefox"
> wget -d \
> $H='Accept:
> text/h
On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote:
> Hello,
>
> we have squidguard on a few servers and I'd like to redirect client's
> request
> directly to squid's error page, e.g. ERR_ACCESS_DENIED
> Is that possible directly through e.g. internal URL, or do I have to play
> with special p
25 matches
Mail list logo
