Re: [squid-users] FW: squid tproxy ssl-bump and Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

Hi Viery, Sorry, copy/paste error, my bad. Please try: openssl s_client -quiet -connect www.google.com:443 -tls1 -cipher RC4-MD5:RC4-SHA:DES-CBC3-SHA:DES-CBC-SHA:EXP1024-RC4-SHA:EXP1024-DES-CBC-SHA:EXP-RC4-MD5:EXP-RC2-CBC-MD5:DHE-DSS-DES-CBC3-SHA:DHE-DSS-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA <

Re: [squid-users] Whitelist domain ignored?

Benjamin: The situation is that I am using squid as a pfsense firewall package. The squid package is made that a user should enter a whitelist in a GUI that when saved generates the squid.conf file. Internally they use dstdom_regex instead of dstdomain so the whitelist should be entered for the

Re: [squid-users] Caching http google deb files

On 10/06/2016 11:14 AM, Linda A. Walsh wrote: > Alex Rousskov wrote: >> We can, but ignoring Vary requires more/different work than adding >> another refresh_pattern option. Vary is not a refresh mechanism so >> different code areas need to be modified to ignore (but still forward!) >> Vary. >

Re: [squid-users] Whitelist domain ignored?

"dstdomain .office.net" does not match xoffice.net domain. I do not want to match xoffice.net with the regex. So I should use my own last version, right? Jose E Torres 939-777-4030 JET System Services On Thu, Oct 6, 2016 at 1:28 PM, Alex Rousskov wrote: > On

Re: [squid-users] SSO and Squid, SAML 2.0 ?

On 10/06/2016 04:17 AM, Amos Jeffries wrote: > On 6/10/2016 9:57 p.m., FredB wrote: >> I can authenticate a user to squid with a certificate ? >> If yes the user name can be saved in squid log file ? > I'm not aware of anyone actually using that feature in the a long time > though. So YMMV. I

Re: [squid-users] Whitelist domain ignored?

On 10/05/2016 11:45 PM, Amos Jeffries wrote: > On 6/10/2016 11:56 a.m., Jose Torres-Berrocal wrote: >> acl whitelist2 dstdom_regex -i "whitelist.acl" >> >> Where whitelist.acl content: >> ^familymedicinepr\.com$ >> ^mail\.yahoo\.com$ >> ^neodecksoftware\.com$ >> ^office\.net$ >>

Re: [squid-users] Caching http google deb files

Alex Rousskov wrote: We can, but ignoring Vary requires more/different work than adding another refresh_pattern option. Vary is not a refresh mechanism so different code areas need to be modified to ignore (but still forward!) Vary. I can't say for certain, but I'd give it a 75% shot

Re: [squid-users] to all please read

sorry forgot the link http://bugs.squid-cache.org/show_bug.cgi?id=4604 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/to-all-please-read-tp4679954p4679955.html Sent from the Squid - Users mailing list archive at Nabble.com.

[squid-users] to all please read

im not going to re and re and re lablabla for nothing all of you should go read and VOTE this squid project we all suport it even by someone donate or pay and most of the rest report bug and even fix code for free so wat do you want -- View this message in context:

Re: [squid-users] FW: squid tproxy ssl-bump and Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

On 6/10/2016 8:46 p.m., Vieri wrote: > Hi, > > > > - Original Message - >> From: Amos Jeffries >>> Is it correct to assume at this point that the current openssl >>> build on this system is "OK" as far as supporting "Win XP TLS 1.0 >>> ciphers to access at least

Re: [squid-users] SSO and Squid, SAML 2.0 ?

On 6/10/2016 9:57 p.m., FredB wrote: > Hello, > > I found no way to do that, so I changed my mind > I can authenticate a user to squid with a certificate ? I'm thinking about a > smart card > > If yes the user name can be saved in squid log file ? > aking a Maybe. There is some very old

Re: [squid-users] Groups of peers load-balancing

On 6/10/2016 8:52 p.m., George William Herbert wrote: > Usually you load balance with another tool... HTTP Load Balancer is one of the roles Squid is designed for. When you need to converge the LB, routing, and caching tasks Squid is the product for the job. > >> On Oct 6, 2016, at 12:16 AM,

Re: [squid-users] SSO and Squid, SAML 2.0 ?

Hello, I found no way to do that, so I changed my mind I can authenticate a user to squid with a certificate ? I'm thinking about a smart card If yes the user name can be saved in squid log file ? Thanks Fred ___ squid-users mailing list

Re: [squid-users] Groups of peers load-balancing

Usually you load balance with another tool... Sent from my iPhone > On Oct 6, 2016, at 12:16 AM, Patrick Chemla > wrote: > > Hi, > > I am using Squid Cache: Version 3.5.20 on 2 Fedora 24 server. > > I have to set a load-balancer for multiple sites,

Re: [squid-users] FW: squid tproxy ssl-bump and Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

Hi, - Original Message - > From: Amos Jeffries >> Is it correct to assume at this point that the current openssl build >> on this system is "OK" as far as supporting "Win XP TLS 1.0 ciphers >> to access at least google.com"? > > Yes. The build is capable of it.

[squid-users] Groups of peers load-balancing

Hi, I am using Squid Cache: Version 3.5.20 on 2 Fedora 24 server. I have to set a load-balancer for multiple sites, each using different peers, on both servers + cloud instances. Squid is the entry point for all websites. According to the domain, I will have 2 to 5 peers to handle the load.

Re: [squid-users] Problem with Squid3 Caches

On 6/10/2016 11:27 a.m., KR wrote: > Hello Amos, > > >> On Oct 5, 2016, at 9:07 AM, Amos Jeffries wrote: >> >> On 5/10/2016 6:48 a.m., KR wrote: >>> I uncommented that line and now I get >>> >>> Initializing the Squid cache with the command squid3 -f >>>

Re: [squid-users] FW: squid tproxy ssl-bump and Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

- Original Message - > From: Marc > Mimicing in openssl (well.. not perfect but it joes the job I guess): > openssl s_client -quiet -connect www.google.com:443 -tls1 -cipher > RC4-MD5:RC4-SHA:DES-CBC3-SHA:DES-CBC-SHA:EXP1024-RC4-SHA:EXP1024-DES-CBC-SHA:EXP- >