[squid-users] Remote Desktop Gateway thru Squid.

Hi all, Im looking to use my Remote Desktop Gateway with my Squid. I tried this config but it didnt work. ### SITE cache_peer site.domain.qc.ca parent 443 0 no-query originserver ssl sslflags=DONT_VERIFY_PEER name=site acl sitehttps url_regex ^https://site\.domain\.qc\.ca http_access allow

[squid-users] How can I change the Squid logo on an access denied page.

Hi again, I would like to change the Squid'slogo that appear on an ccess denied page... I replace the picture /usr/share/squid/icons/SN.png but it didnt work. What did I miss ? Thanks you very much. Sébastien. ___ squid-users mailing list

Re: [squid-users] How can I change the Squid logo on an access denied page.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You miss local web-server, which must serve this picture. 22.10.15 0:52, sebastien.boulia...@cpu.ca пишет: > Hi again, > > I would like to change the Squid'slogo that appear on an ccess denied page... > I replace the picture

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 First, you should put in order configurations. 22.10.15 0:31, luizca...@gmail.com пишет: > Hello, > So what I am trying to accomplish here is to basically have a whitelist of domains that is allowed via http/https. If the UID is squid,apache, or

[squid-users] big files caching-only proxy

Hi, I have a running setup for proxying only 'big' files, like Windows Update, Apple Updates and some other very specific URLs. That's working just fine, no problem on that. For avoiding caching small things on the URLs i want to have big files proxied, i setup the

[squid-users] deny rep_mime_type

hello , can we deny rep_mime_type for specific domain ? if yes then how if no then why thank you .. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/deny-rep-mime-type-tp4673816.html Sent from the Squid - Users mailing list archive at Nabble.com.

Re: [squid-users] How can I change the Squid logo on an access denied page.

It is also possible to use the in place image like we do for our “403 blocked page” – see http://docs.diladele.com/faq/filtering/logo.html Best regards, Rafael Akchurin Diladele B.V. From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Yuri Voinov Sent: Wednesday,

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Show as access.log/cache.log for denied HTTPS sites. All others confir quirks will remain onto your responsibility - Amos come and explain when I/you wrong. ;) 22.10.15 1:52, luizca...@gmail.com пишет: > I answered your questions below. However

[squid-users] How can I change the Squid logo on an access denied page.

My question wasnt that. I want to change the Squid’s logo… Nothing else… Im sure I need to change something else if I want the Squid’s logo replaced… Did you ever replace the Squid logo ? Thanks. Sebastien. De : squid-users [mailto:squid-users-boun...@lists.squid-cache.org] De la part de

Re: [squid-users] How can I change the Squid logo on an access denied page.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You are talking about logo, which is hosted on external web-site. You can: 1. Use your own local web-server with another picture and point ERR_PAGE to this location. 2. Use Rafael's method as descrubed. 3. As Amos to get administrative rights on

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Show piece of allowed_domains file. 22.10.15 2:29, luizca...@gmail.com пишет: > Could you suggest a configuration that you think should be working ? I would > like both HTTP/HTTPS domains whitelisted via file all other domains blocked. What am

Re: [squid-users] Remote Desktop Gateway thru Squid.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 https://www.google.com/search?q=RDP+via+Squid Some results: http://superuser.com/questions/713359/i-want-to-rdp-to-my-server-that-is-behind-a-squid3-proxy

[squid-users] Squid/NTLM Auth

I have squid running on Centos 7 and am trying to setup AD authentication. I have samba/winbindd installed and the system was added to the domain with authconfig. I have tested authentication with auth_ntlm and that works. I have also tested group membership with auth_ntlm and that works as

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

I answered your questions below. However https traffic is still always being denied even though the site is on the allowed_list via nobumpSites. I want to control http/https traffic using the “allowed_domains” list. This current configuration works for HTTP but not HTTPS traffic. If there is an

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

Could you suggest a configuration that you think should be working ? I would like both HTTP/HTTPS domains whitelisted via file all other domains blocked. What am I missing ? My assumption here is the acl nobumpSites ssl::server_name "/etc/squid/git_allowed_domains/allowed_domains” part is not

Re: [squid-users] How can I change the Squid logo on an access denied page.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Usually Squid uses in conjunction with redirector+Apache/other_web_server, so in these setups the shortest (and weak) way is using it... But Rafael is right. 22.10.15 1:46, Rafael Akchurin пишет: > It is also possible to use the in place image

Re: [squid-users] Remote Desktop Gateway thru Squid.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Look more: http://www.experts-exchange.com/Software/Anti-Virus/Q_24387982.html and more. More closed: In transparent proxy setups RDP is not a problem everywhere, because of transparent proxy utilizes only HTTP and/or HTTPS ports. RDP is not

Re: [squid-users] Remote Desktop Gateway thru Squid.

Hi Yuri, Thanks you very much for your answer. My question was Remote Desktop Gateway with my Squid. A Remote Desktop Gateway and RDP is not the same. http://windows.microsoft.com/en-ph/windows7/what-is-a-remote-desktop-gateway-server Thanks. Sébastien. De : squid-users

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

There really isn’t anything in there right now since I am testing. /etc/squid/git_allowed_domains/allowed_domains" .facebook.com .cnn.com ___ squid-users mailing list squid-users@lists.squid-cache.org

Re: [squid-users] deny rep_mime_type

Hi, I suspect (unverified) that acl dom dstdomain .example.com acl type rep_mime_type base/type http_reply_access deny dom type http_reply_access allow all will do what you need On Wed, Oct 21, 2015 at 9:36 PM, HackXBack wrote: > hello , > can we deny rep_mime_type for

Re: [squid-users] auto get latest release

thank you amos was helpful -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/auto-get-latest-release-tp4673780p4673830.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing

Re: [squid-users] deny rep_mime_type

sorry not deny but make it miss and not hit with store_miss send_hit -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/deny-rep-mime-type-tp4673816p4673829.html Sent from the Squid - Users mailing list archive at Nabble.com.

Re: [squid-users] NTLM Authentication Failing

Would it be fair to say best practice is to get kerbose working in favour of ntlm ? On 21/10/2015 3:18 PM, "Amos Jeffries" wrote: > On 2015-10-21 15:38, Ilias Clifton wrote: > >> >>> On 20/10/2015 4:04 p.m., Ilias Clifton wrote: >>> > Hi All, >>> > I've been following the

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Working config snippet for 3.5.x looks like this: acl get_sni_at_step1 at_step SslBump1 ssl_bump peek get_sni_at_step1 acl spliced_hosts ssl::server_name_regex -i "/usr/local/squid/etc/url.nobump" ssl_bump splice spliced_hosts ssl_bump bump

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

On 10/21/2015 02:49 PM, Yuri Voinov wrote: > Working config snippet for 3.5.x looks like this: > > ssl_bump peek get_sni_at_step1 > ssl_bump splice spliced_hosts > ssl_bump bump net_bump The above config leaves the following question unanswered: Q: What happens if neither spliced_hosts nor

[squid-users] Squid 3.5.10 SSL Bump whitelist domains issue

Hello, So what I am trying to accomplish here is to basically have a whitelist of domains that is allowed via http/https. If the UID is squid,apache, or root then basically you will bypass squid and anything is allowed. This was working well on 3.4.2 however once I moved to 3.5.10 it no longer

Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains

Alex, So what do you recommend to do here ? I just need a simple whitelist file for both http/https. I have a config that works on 3.4 but would like to upgrade to 3.5 and the current config we have won't cut it. Just need a simple if you are in this list allow if not deny. No need for any ssl

Re: [squid-users] POST upload splits tcp stream in many small 39byte sized pakets

Dear Alex, unfortunately not really fixed. The upload speed using squid 4.0.1 with this patch has bettered significant but is far away from squid 3.4.x performance. The used test client can reach a maximum upload speed of 115 MBIT if the apache server is directly reachable. If a SQUID 3.4.X

Re: [squid-users] POST upload splits tcp stream in many small 39byte sized pakets

Dear Alex, using squid 3.5.10 with patch the upload speed problem seems to be fixed. Now I get 112Mbit upload speed from a possible maximum of 115Mbit. Squid 4.0.1 still has a performance problem on unencrypted POST upload ... BR, Toni (TSO off) 12:10:16.343559 IP 10.1.1.210.49388 >

Re: [squid-users] Monitoring Squid using SNMP.

On 2015-10-20, Brendan Kearney wrote: > this did not work - snmpwalk -v2c -c SecretHandShake proxy1:3401 > this did work - snmpwalk -v2c -c SecretHandShake proxy1:3401 .1.3 From snmpwalk's manual: "If no OID argument is present, snmpwalk will search the subtree rooted

Re: [squid-users] Monitoring Squid using SNMP.

Em 20/10/15 16:26, sebastien.boulia...@cpu.ca escreveu: When I try to do a snmpwalk, I got a timeout. [root@bak ~]# snmpwalk xx:3401 -c cpuread -v 1 [root@bak ~]# Anyone monitor Squid using SNMP ? Do you experiment some issues ? You're not getting timeout, you're getting no