On 6/10/2016 11:56 a.m., Jose Torres-Berrocal wrote:
> Correcting typo:
>
> And placing it inside a whitelist.acl file:
> acl whitelist2 dstdom_regex -i "whitelist.acl"
>
> Where whitelist.acl content:
> ^familymedicinepr\.com$
> ^mail\.yahoo\.com$
> ^neodecksoftware\.com$
> ^office\.net$
>
On 10/05/2016 05:49 PM, squid-us...@filter.luko.org wrote:
>> See "early return"
>> statements in clientReplyContext::processReplyAccess(), including:
>>
>>> /** Don't block our own responses or HTTP status messages */
>>> if (http->logType.oldType == LOG_TCP_DENIED ||
>>>
Alex,
> However, there is a difference between my August tests and this thread.
> My tests were for a request parsing error response. Access denials do not
> reach the same http_reply_access checks! See "early return"
> statements in clientReplyContext::processReplyAccess(), including:
>
> >
Lets try again:
acl whitelist1 dstdomain .familymedicinepr.com .mail.yahoo.com
.neodecksoftware.com .office.net
=
acl whitelist2 dstdom_regex ^familymedicinepr\.com$ ^mail\.yahoo\.com$
^neodecksoftware\.com$ ^office\.net$ \.familymedicinepr\.com$
\.mail\.yahoo\.com$ \.neodecksoftware\.com$
Correcting typo:
And placing it inside a whitelist.acl file:
acl whitelist2 dstdom_regex -i "whitelist.acl"
Where whitelist.acl content:
^familymedicinepr\.com$
^mail\.yahoo\.com$
^neodecksoftware\.com$
^office\.net$
\.familymedicinepr\.com$
\.mail\.yahoo\.com$
\.neodecksoftware\.com$
Well.. it looks like the issue I'm having (subject: handshake problems
with stare and bump).
IE8 on XP sends out:
Secure Sockets Layer
SSL Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 104
On 10/05/2016 02:59 PM, Jose Torres-Berrocal wrote:
> Please confirm equivalence:
>
> 1.
> acl whitelist1 dstdomain .familymedicinepr.com .mail.yahoo.com
> .neodecksoftware.com .office.net
> =
> acl whitelist2 dstdom_regex ^familymedicinepr\.com$ ^mail\.yahoo\.com$
> ^neodecksoftware\.com$
Please confirm equivalence:
1.
acl whitelist1 dstdomain .familymedicinepr.com .mail.yahoo.com
.neodecksoftware.com .office.net
=
acl whitelist2 dstdom_regex ^familymedicinepr\.com$ ^mail\.yahoo\.com$
^neodecksoftware\.com$ ^office\.net$
OR
2.
acl whitelist1 dstdomain .familymedicinepr.com
On 10/05/2016 01:15 PM, Jose Torres-Berrocal wrote:
> I would like to know how
> I should enter the domains as to make it work correctly using
> dstdom_regex behaving like dstdomain
To map any leaf FQDN "foo.bar.baz":
1. start with "^";
2. add "foo.bar.baz" where every period is escaped with
Hey Anthony,
I have used apt-cacher-ng, but it can't save git repos or npm repos. Also i
have used apt-cacher-ng, it used to work great until 12.02 but when we had
started to have mixed setup [ ubuntu 13,14.04 and others ] we got issues
within our setup and one point issues became so daily we
The situation is that I am using squid on the pfsense firewall. Squid
is available as a package with GUI interface. The whitelist is part
of the sections provided by the GUI and somehow entering the domains
as a list that I provided it does work for most of the domains but it
fails in others.
First goes first is to restart the client machine to verify that the
certificate is installed.
If you want a list of "banned" ssl sites you will need to do some research on
your clients needs...
Nobody can do your work for you without knowing your "thing".
The overall slow down is from both
Hey Amos,
oh, i actually built archive mode squid by getting help at here,
http://bugs.squid-cache.org/show_bug.cgi?id=4604
I was thinking if we have option vary_mode just like archive mode to set it
for particular domain like,
acl dlsslgoogle srcdomain dl-ssl.google.com
vary_mode allow
On 6/10/2016 12:09 a.m., john jacob wrote:
> Hi All,
>
> We have a requirement to use the same Squid instance for Basic and NTLM
> authentication to serve various customer groups (may not be on different
> network sections). The customer groups which are using Basic authentication
> (for legacy
On 5/10/2016 7:00 a.m., Nilesh Gavali wrote:
> Hi Amos;
> Ok, we can discussed the issue in Two part 1. For Windows AD
> Authentication & SSO and 2. Linux server unable to access via squid proxy.
>
> For First point-
> Requirement to have SSO for accessing internet via squid proxy and based
>
On 5/10/2016 6:48 a.m., KR wrote:
> I uncommented that line and now I get
>
> Initializing the Squid cache with the command squid3 -f /etc/squid/squid.conf
> -z ..
>
Hmm. The 'squid3' package should have config files at /etc/squid3/*
The 'squid' package has config files at /etc/squid/*
>
Hi All,
We have a requirement to use the same Squid instance for Basic and NTLM
authentication to serve various customer groups (may not be on different
network sections). The customer groups which are using Basic authentication
(for legacy reasons) should not receive NTLM scheme and the customer
Hi All,
We have a requirement to use the same Squid instance for Basic and NTLM
authentication to serve various customer groups (may not be on different
network sections). The customer groups which are using Basic authentication
(for legacy reasons) should not receive NTLM scheme and the customer
Hey Amos,
I have implemented your patch at
and added following to my squid.conf
archive_mode allow all
and my refresh pattern is,
refresh_pattern dl-ssl.google.com/.*\.(deb|zip|tar|rpm) 129600 100% 129600
ignore-reload ignore-no-store override-expire override-lastmod ignor$
but i am still not
19 matches
Mail list logo