Re: [squid-users] squid reverse proxy infront of exchange 2010

On 09/12/2015 12:49, Alex Samad wrote: Hi Can't seem to find 3.5.12 for centos pre compiled at http://www1.ngtech.co.il/repo/centos/6/x86_64/ Since it's in testing I have built and tested for CentOS 7 but yet to publish them. It will take a week or more. Eliezer

Re: [squid-users] squid reverse proxy infront of exchange 2010

Thanxs everyone i will try the changes and try with the debug options Tls1 might be an issue. Might have to look at the ssl offloading config so squid to exchange can be http instead of ssl Eliezer hopefuly you'll do a centos 6. Any chance you can let me have a non released .12 save me

Re: [squid-users] Deny Access based on SSL-Blacklists (SHA1-Fingerprint) with ssl_bump

Hi Alex I've tested again. Squid (3.5.11) only terminates the connection (based on SHA1-Fingerprint), *if* the fingerprint is delimited with colons. If not, squid GET's the https-request as usual. I'll report a bug. With SHA1-FP (delimited):

Re: [squid-users] Issues with authentication in Squid3

On 10/12/2015 10:24 p.m., Marcio Demetrio Bacci wrote: > Hi, Hi Marcio, You didn't get any response the last three threads you started about this in the past few days. Around here that means nobody reading it has an idea how to solve your problem or even any hints about to to go about fixing it.

[squid-users] squid 3.4, dstdomain

2015/12/10 10:33:49| ERROR: '.addons.mozilla.org' is a subdomain of 'addons.mozilla.org' I thought addons.mozilla.org blocks only these hostname .addons.mozilla.org blocks all the sub-domains, like www.addons.mozilla.org etc.addons.mozilla.org Which

[squid-users] [squid related software] Web Safety ICAP Filter 4.3 for Squid is available

Greetings everyone, Version 4.3.0.B716 of Web Safety ICAP Filter for Squid is now available. We have finally added support for working with Squid on FreeBSD 10 and pfSense 2.2. In this version we tried to concentrate on better reporting, SSL bump root certificate management from Web UI and

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 10/12/2015 6:29 p.m., Alex Samad wrote: > Hi > > config > https_port 22.4.2.5:443 accel > cert=/etc/httpd/conf.d/office.abc.com.crt > key=/etc/httpd/conf.d/office.abc.com.key defaultsite=office.abc.com > options=NO_SSLv2,NO_SSLv3 > dhparams=/etc/squid/squid-office-dhparams.pem >

Re: [squid-users] help change cache dir

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cache dir owner must be user which is specified in squid.conf: http://i.imgur.com/AbYkE8M.png 11.12.15 2:27, juancho Alfonso пишет: > Hey thereI have installed CentOS squid in 7I want to change the cache > directory > appears when I try to

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Answer my own question http://www.squid-cache.org/Versions/v3/3.5/cfgman/http_port.html seems like there is a no-vhost, I presume vhost turns it on On 11 December 2015 at 09:23, Alex Samad wrote: > Hi > > > On 10 December 2015 at 23:44, dweimer

[squid-users] help change cache dir

Hey thereI have installed CentOS squid in 7I want to change the cache directory appears when I try to initialize Creating Swap Directories FATAL: Failed to make directory swap mydirectory / cache / 00: (13) Permission denied directory is an external drive or a folder on the same partitionand

Re: [squid-users] help change cache dir

Hello Juancho, Also check the SeLinux permissions. Best regards, Rafael Akchurin Diladele B.V. -- Please take a look at Web Safety - our ICAP based web filter server for Squid proxy. From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Yuri Voinov Sent:

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi On 10 December 2015 at 23:44, dweimer wrote: > https_port 10.50.20.12:443 accel defaultsite=mail.mydomain.com \ > cert=/certs/wildcard.certificate.crt \ > key=/certs/wildcard.certificate.key \ > options=NO_SSLv2:NO_SSLv3:NO_TLSv1:SINGLE_DH_USE:CIPHER_SERVER_PREFERENCE

Re: [squid-users] help change cache dir

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 chmod is about nothing. Who's the owner of cache dir? 11.12.15 2:27, juancho Alfonso пишет: > Hey thereI have installed CentOS squid in 7I want to change the cache > directory > appears when I try to initialize > Creating Swap Directories >

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi So I have taken this config done some slight customization for my site and it appears to be working Thanks for this .. On 10 December 2015 at 23:44, dweimer wrote: > On 2015-12-09 11:29 pm, Alex Samad wrote: >> >> Hi >> >> config >> https_port 22.4.2.5:443 accel >>

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 2015-12-10 4:24 pm, Alex Samad wrote: Hi Answer my own question http://www.squid-cache.org/Versions/v3/3.5/cfgman/http_port.html seems like there is a no-vhost, I presume vhost turns it on On 11 December 2015 at 09:23, Alex Samad wrote: Hi On 10 December 2015 at

[squid-users] Squid 32-bit (2.7.2) much faster than Squid 64-bit (3.5.11)

Hello, Just following up on my slow 3.5.11 Squid server. I loaded the 32-bit 2.7.2 version on the same box and it's so much faster for me. Its 4 to 5 times faster for me on the same machine. Please any help appreciated. Amos, I think I cleaned up my 3.5.11 squid.conf properly. I think my

Re: [squid-users] delay_pools from 3.1 to 3.4, media content

Massimo : >> acl acl_flussi_media rep_mime_type -i ^audio/ >> acl acl_flussi_media rep_mime_type -i ^video/ >> 2015/12/03 12:38:45 kid1| WARNING: acl_flussi_media ACL is used in >> context without an HTTP response. Assuming mismatch. Amos : > It means that *reply* header do not work when

Re: [squid-users] squid 3.4, dstdomain

Hi, it works exactly as you expect. "dstdomain addons.mozilla.org" does not block subdomains. On Thu, Dec 10, 2015 at 11:02 AM, wrote: > 2015/12/10 10:33:49| ERROR: '.addons.mozilla.org' is a subdomain of > 'addons.mozilla.org' > > > I thought >

Re: [squid-users] squid 3.4, dstdomain

Massimo > 2015/12/10 10:33:49| ERROR: '.addons.mozilla.org' is a subdomain of > 'addons.mozilla.org' Kinkie : > it works exactly as you expect. "dstdomain addons.mozilla.org" does > not block subdomains. So why doesn't squid accept both rules ? a parsing bug ? best regards, Massimo

[squid-users] delay syntax, speed and network

1) speed syntax example : delay_parameters 1 -1/-1 128/128 128000/128000 The speed is bytes / sec. Is it possible to use multipliers like K and M ? Is it possible to use units, like bps ( bit per sec ) ? It is wonderfoul to read : delay_parameters 1 -1/-1

Re: [squid-users] squid 3.4, dstdomain

On 10/12/2015 11:02 p.m., Massimo.Sala wrote: > 2015/12/10 10:33:49| ERROR: '.addons.mozilla.org' is a subdomain of > 'addons.mozilla.org' > > > I thought > addons.mozilla.org blocks only these hostname ACLs do not block anything. Access Controls do. This value tells

Re: [squid-users] delay_pools from 3.1 to 3.4, media content

On 10/12/2015 11:21 p.m., massimo.s...@asl.bergamo.it wrote: > Massimo : >>> acl acl_flussi_media rep_mime_type -i ^audio/ >>> acl acl_flussi_media rep_mime_type -i ^video/ > >>> 2015/12/03 12:38:45 kid1| WARNING: acl_flussi_media ACL is used in >>> context without an HTTP response. Assuming

[squid-users] reverse proxy setup

Hi Is there any way to remove these from the log kid1| Error negotiating SSL connection on FD 38: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol (1/-1) this is the corrosponding squid config options=NO_SSLv2:NO_SSLv3:NO_TLSv1:SINGLE_DH_USE:CIPHER_SERVER_PREFERENCE Not I

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 2015-12-09 11:29 pm, Alex Samad wrote: Hi config https_port 22.4.2.5:443 accel cert=/etc/httpd/conf.d/office.abc.com.crt key=/etc/httpd/conf.d/office.abc.com.key defaultsite=office.abc.com options=NO_SSLv2,NO_SSLv3 dhparams=/etc/squid/squid-office-dhparams.pem

Re: [squid-users] squid 3.4, dstdomain

On Thu, Dec 10, 2015 at 11:43 AM, wrote: > Massimo >> 2015/12/10 10:33:49| ERROR: '.addons.mozilla.org' is a subdomain of >> 'addons.mozilla.org' > > > Kinkie : >> it works exactly as you expect. "dstdomain addons.mozilla.org" does >> not block subdomains. > > > >

Re: [squid-users] issue with video

Where can i upload my logs ? It's too big for the mail. From: magicl...@outlook.com To: squ...@treenet.co.nz; squid-users@lists.squid-cache.org Subject: RE: [squid-users] issue with video Date: Thu, 10 Dec 2015 11:29:42 +0100 I activated the debug_option. I don't see anything particular in

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi I did the change over today. Tested with Window 7 + exchange 2010 and it wouldn't connect whilst there was no tls1 ! interesting IE worked against the web site so .. Did you come across this issues ? On 11 December 2015 at 11:09, dweimer wrote: > On 2015-12-10

Re: [squid-users] reverse proxy setup

On 11/12/2015 4:52 p.m., Alex Samad wrote: > Hi > > > Is there any way to remove these from the log > > kid1| Error negotiating SSL connection on FD 38: error:140760FC:SSL > routines:SSL23_GET_CLIENT_HELLO:unknown protocol (1/-1) > > this is the corrosponding squid config >

Re: [squid-users] issue with video

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 tar -cvf logs.tar access.log cache.log; gzip -9 logs.tar -> http://drive.google.com -> sahre+post URL's 10.12.15 19:56, Magic Link пишет: > Where can i upload my logs ? It's too big for the mail. > > From: magicl...@outlook.com > To:

Re: [squid-users] delay syntax, speed and network

On 10/12/2015 11:38 p.m., Massimo.Sala wrote: > 1) speed syntax > > example : > > delay_parameters 1 -1/-1 128/128 128000/128000 > > > The speed is bytes / sec. > > Is it possible to use multipliers like K and M ? > No. > Is it possible to use units, like bps ( bit per sec