Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

On 2016-05-10 06:05, J Green wrote: Appreciate the response. Thought it might work if I added those ports to the safe list. The Safe_ports list is the ports it is considered safe to send traffic to from an HTTP proxy. The ports not on that list are for protocols that can have crafted

[squid-users] How to analyse squid memory usage

A small percentage of deployments of our squid-based product are using oodles of memory—there doesn’t seem to be a limit to it. I’m wondering what the best way might be to analyse what squid is reserving it all for in the latest 3.5 release? The output of squidclient mgr:cache_mem is

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Sorry to derail off topic, though I appreciate the feedback. Trying to get this to work through a Cisco ASA. If not, I probably have an old 2900 series router somewhere. Thank you again. On Mon, May 9, 2016 at 2:33 PM, Yuri Voinov wrote: > > -BEGIN PGP SIGNED

[squid-users] New StoreID helper: squid_dedup

Hi, I'm pleased to announce the availability of squid_dedup, a helper for deduplicating CDN accesses, implementing the squid 3 StoreID protocol. It is a multi-threaded tool, written in python3, with no further dependencies, hosted at: https://github.com/frispete/squid_dedup available at:

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I mean this, for example: haribda(config)#policy-map Net_Limit haribda(config-pmap)#class alternate haribda(config-pmap-c)#? Policy-map class configuration commands: admitAdmit the request for bandwidthBandwidth

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I'm afraid Cisco firewall is not enough here. You need something more advanced. Like integrated service router, i.e.2901 or 2911, or something similar. With iOS 15.5 and complete hardware support. 10.05.16 3:15, J Green пишет: > Here, re 'upload

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 No-no, not policing. This is too blunt instrument. Try to dig in direction of policy-map, bandwidth, service policy, QoS and control-plane. Unfortunately, this is offtopic here. This is a completely different proprietary tool. This is not the

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Here, re 'upload and download sizes', I meant the later 'dumb traffic limits'. We do have a Cisco firewall in place, and I have setup 'traffic policing'. However, the results are inconsistent. Sometimes it seems to work, other times it blocks everything, or it blocks nothing. Appreciate all the

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 For such task enough put Cisco router with TCP traffic policies . And please - any protocol, any speed limits, any ACL's, any SLA . 10.05.16 1:15, Alex Rousskov пишет: > On 05/09/2016 12:53 PM, Yuri Voinov wrote: > >> Just to clarify.

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

On 05/09/2016 12:53 PM, Yuri Voinov wrote: > Just to clarify. For proxying anything (protocol or service), the proxy > server must be at the same time also act as the client of a protocol or > service - and as a server. It all depends on the definition of "upload and download sizes" in the OP

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You are welcome. Just to clarify. For proxying anything (protocol or service), the proxy server must be at the same time also act as the client of a protocol or service - and as a server. It is known for at least several hundreds of protocols. It

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Thank you. Yes, I am having a difficult time trying to find a solution for this. On Mon, May 9, 2016 at 11:18 AM, Yuri Voinov wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > As I know, even this solution can not: > > >

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Appreciate the response. Thought it might work if I added those ports to the safe list. If not Squid, any idea how to accomplish this? Thank you. On Mon, May 9, 2016 at 10:12 AM, Yuri Voinov wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Squid is not a

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 https://i1.someimage.com/DTMWEmc.png 09.05.16 23:07, J Green пишет: > Hello all: > > Can Traffic Management Settings be configured for TCP protocols other than HTTP? > > Would like to limit maximum upload and download sizes for other TCP

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Squid is not a proxy server every imaginable the TCP-usage protocol. AFAIK HTTP/HTTPS/FTP. That's all, folks. 09.05.16 23:07, J Green пишет: > Hello all: > > Can Traffic Management Settings be configured for TCP protocols other than HTTP? > >

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Hello all: Can Traffic Management Settings be configured for TCP protocols other than HTTP? Would like to limit maximum upload and download sizes for other TCP protocols: SMB, NFS, FTP, and RDP. Is this possible? If so, how? Thank you. ___

[squid-users] SSL Bump missing facebook app traffic (resumed SSL sessions?)

Hi there, We¹re running squid with SSL bump as a transparent proxy in order to control access to particular SSL sites. We¹ve noticed an issue with access to facebook from within the facebook app -- specifically it can get through the proxy even though it is *not* listed as a domain to splice.

[squid-users] [squid-announce] [ADVISORY] SQUID-2016:9 Multiple Denial of Service issues in ESI Response processing.

__ Squid Proxy Cache Security Update Advisory SQUID-2016:9 __ Advisory ID:SQUID-2016:9 Date: May 06, 2016 Summary:Multiple Denial

[squid-users] [squid-announce] [ADVISORY] SQUID-2016:7 Cache poisoning issue in HTTP Request handling

__ Squid Proxy Cache Security Update Advisory SQUID-2016:7 __ Advisory ID:SQUID-2016:7 Date: May 06, 2016 Summary:Cache poisoning

[squid-users] [squid-announce] Squid 3.5.19 is available

The Squid HTTP Proxy team is very pleased to announce the availability of the Squid-3.5.19 release! This release is a security and bug fix release resolving several vulnerabilities and issues found in the prior Squid releases. The major changes to be aware of: * SQUID-2016:7 - Cache

[squid-users] [squid-announce] Squid 4.0.10 beta is available

The Squid HTTP Proxy team is very pleased to announce the availability of the Squid-4.0.10 release! This release is a security and bug fix release resolving several vulnerabilities and issues found in the prior Squid releases. The major changes to be aware of: * SQUID-2016:7 - Cache

Re: [squid-users] debug_options appears to change squid behaviour

On 9/05/2016 5:19 p.m., Mark Carey wrote: > Hi, > > Running squid 3.1.19-1ubuntu3.12.04.2. > Please ugrade. Both your Squid and Ubuntu are very much past their end-of-life dates. > acl sefup dst massing-uploads.s3.amazonaws.com > acl sefairauser src 192.168.10.54/32 > http_access allow