On 16/11/2016 1:28 p.m., vze2k...@verizon.net wrote:
On 15/11/2016 9:05 a.m., Patrick Flaherty wrote:
Hello,
Can anyone tell me if the 'HIER_NONE' entries below is Squid not able
to connect to www.website.com? The 21 sec timeout is a classic Windows
TCP connection timeout. I just need co
On 15/11/2016 9:05 a.m., Patrick Flaherty wrote:
> Hello,
>
>
>
> Can anyone tell me if the 'HIER_NONE' entries below is Squid not able
> to connect to www.website.com? The 21 sec timeout is a classic Windows
> TCP connection timeout. I just need confirmation that that Squid on
> these 2 cli
On 2016-11-15 22:31, AUBERT Thibaud wrote:
Hi Guys,
Ok, QoS might help to control traffic on the internet access side, but
it won't help between the source, client on a small remote
office/output, and the proxy.
It might also be difficult to split this traffic between what is
intended to intern
Hi Guys,
Ok, QoS might help to control traffic on the internet access side, but it won't
help between the source, client on a small remote office/output, and the proxy.
It might also be difficult to split this traffic between what is intended to
internet or just internal.
Example : 1Gb/sec in
15.11.2016 22:28, Alex Crow пишет:
> On 15/11/16 16:22, Yuri Voinov wrote:
>>
>>> You can if you have control over the clients, ie install your CA into
>>> the browser/OS.
>> ... and this can be illegal ;)
>>
>
> YMMV (depending on where you live/work)!
AFAIK Spying for users without they agreeme
On 15/11/16 16:22, Yuri Voinov wrote:
You can if you have control over the clients, ie install your CA into
the browser/OS.
... and this can be illegal ;)
YMMV (depending on where you live/work)!
--
This message is intended only for the addressee and may contain
confidential information. Un
15.11.2016 20:43, Alex Crow пишет:
>
>
> On 15/11/16 14:28, Yuri Voinov wrote:
>>
>>
>> So, you can't do SSL bump without users notification.
>
> You can if you have control over the clients, ie install your CA into
> the browser/OS.
... and this can be illegal ;)
>
> Alex
> --
> This message is
On 15/11/16 14:28, Yuri Voinov wrote:
So, you can't do SSL bump without users notification.
You can if you have control over the clients, ie install your CA into
the browser/OS.
Alex
--
This message is intended only for the addressee and may contain
confidential information. Unless you a
On 15/11/16 14:22, Sergio Belkin wrote:
Hi,
When using something like that:
http_port 8080 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
cert=/home/proxy/ssl_cert/example.com.cert
key=/home/proxy/ssl_cert/example.com.private
Is possible to use a certific
15.11.2016 20:22, Sergio Belkin пишет:
> Hi,
>
> When using something like that:
>
> http_port 8080 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB
> cert=/home/proxy/ssl_cert/example.com.cert
> key=/home/proxy/ssl_cert/example.com.private
>
>
> Is possible to u
Hi,
When using something like that:
http_port 8080 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/home/proxy/ssl_cert/example.com.cert
key=/home/proxy/ssl_cert/example.com.private
Is possible to use a certificate generated by a trusted CA?
Thanks in adv
With correctly configured SSL Bump-enabled Squid there is no problem to
access this page.
http://img04.imgland.net/O71or-y.png
15.11.2016 16:54, Dmitry Melekhov пишет:
Hello!
User complained that he can't access
https://es.ciur.ru/auth/login-page over squid.
I tried, and all I see in log i
Hello!
User complained that he can't access https://es.ciur.ru/auth/login-page
over squid.
I tried, and all I see in log is:
1479206688.068 59865 192.168.22.229 TAG_NONE/503 0 CONNECT
es.ciur.ru:443 - HIER_NONE/- -
Direct connection from browser works OK.
Squid 3.5.22, compiled from sour
On Tue, 2016-11-15 at 22:48 +1300, Amos Jeffries wrote:
> Then you integrate Squid with those system QoS controls by using the
> tcp_outgoing_tos directive with ACLs to send the appropriate TOS
> label for the client IP.
Hi Amos,
AFAIK, the directive 'tcp_outgoing_tos' is applied only for traffic
On 15/11/2016 11:01 p.m., AUBERT Thibaud wrote:
> Hi Amos,
>
> Sounds like a pretty interesting approach. Getting in touch with my
> network colleagues and convince them to change their Infra/routers
> configuration will be quiet a challenge through.
>
Okay. Network-wide would be best as it incl
On 15/11/2016 10:19 p.m., AUBERT Thibaud wrote:
> Hi,
>
> I'm currently stuck on a study that consist to set different
> ''reply_body_max_size" directives, depending on the source IP.
>
> Here's the current proxy Infra : I have some corporate proxy
> (v3.5.19) used by some small and remote office
Hi,
I'm currently stuck on a study that consist to set different
''reply_body_max_size" directives, depending on the source IP.
Here's the current proxy Infra : I have some corporate proxy (v3.5.19) used by
some small and remote offices, with a small link (8mbits/sec). Those proxy are
often b
17 matches
Mail list logo
