Your DKIM signature covers the Subject and To headers. Any normal
mailing list will modify those, so your server cannot do that on list
postings. Content-Type is also changed sometimes by our listserver due
to the list policy on binary attachments, I dont know whether that is a
common practic
On 20.07.2017 05:35, Walter H. wrote:
On 19.07.2017 08:54, Amos Jeffries wrote:
On 19/07/17 01:42, Walter H. wrote:
(expanded from
): mail forwarding loop for
squid-us...@squid-cache.org
Why?
You sent a mail to the address squid-users@squid-cache.*
The mailing list address is squid
On 19.07.2017 08:54, Amos Jeffries wrote:
On 19/07/17 01:42, Walter H. wrote:
(expanded from
): mail forwarding loop for
squid-us...@squid-cache.org
Why?
You sent a mail to the address squid-users@squid-cache.*
The mailing list address is squid-users@lists.*
No, see the log of my
On 19/07/17 05:02, Marcus Kool wrote:
I am trying to debug ssl-bump and am looking specifically for decisions
that Squid takes with regard to bumping, splicing and unsupported protocol.
The config file for Squid 4.0.21 has
debug_options ALL,1 33,9 83,9
Section 28 is probably where you wa
On 20/07/17 09:10, Yuri wrote:
Aha,
20.07.2017 3:04, Cherukuri, Naresh пишет:
Yuri,
I am sorry I didn’t get you I already installed certificate on all
clients(trusted root certificate authorities). You want me install
proxy public key also on clients, if so were should I put the proxy
pub
pPS: please respond to the list, responding to people on-list directly
and cc'ing the list makes the thread view and web forum view all screwed up.
Below is a free audit of your config lines. I suspect know where your
problem is, but will followup in the tread where Yuri is posting rather
tha
On 20/07/17 06:08, Eliezer Croitoru wrote:
Hey iziz1,
Can you try to add squid.conf the next and see if it affects anything:
forwarded_for delete
via off
http://www.squid-cache.org/Doc/config/via/
http://www.squid-cache.org/Doc/config/forwarded_for/
And see if it changes anything?
Er, try t
20.07.2017 3:09, Cherukuri, Naresh пишет:
>
> Yuri,
>
>
>
> I am new to squid I learned it through searching google. My question
> is I generated self-signed SSL certificates and install certificates
> on IE all clients. I didn’t install proxy public key. Can you tell me
> where I have to put
Aha,
20.07.2017 3:04, Cherukuri, Naresh пишет:
>
> Yuri,
>
>
>
> I am sorry I didn’t get you I already installed certificate on all
> clients(trusted root certificate authorities). You want me install
> proxy public key also on clients, if so were should I put the proxy
> public key. Below is m
Yuri,
I am new to squid I learned it through searching google. My question is I
generated self-signed SSL certificates and install certificates on IE all
clients. I didn’t install proxy public key. Can you tell me where I have to
put proxy public key on clients. Appreciate you help!
Thanks,
N
Related OpenSSL public CA bundle - in theory it should be installed
together with OpenSSL.
20.07.2017 2:49, Cherukuri, Naresh пишет:
>
> Thanks Yuri for quick turnover!
>
>
>
> We inly installed root certificate on all clients. We didn’t install
> proxy CA’s public key on clients. So you sugges
Yuri,
I am sorry I didn’t get you I already installed certificate on all
clients(trusted root certificate authorities). You want me install proxy public
key also on clients, if so were should I put the proxy public key. Below is my
squid.conf file.
Squid.conf
key=/etc/squid/pctysquid2sslcerts/
No. Only proxy's CA public key. Private should remains on proxy only.
20.07.2017 2:49, Cherukuri, Naresh пишет:
>
> Thanks Yuri for quick turnover!
>
>
>
> We inly installed root certificate on all clients. We didn’t install
> proxy CA’s public key on clients. So you suggestion fix that we need
Thanks Yuri for quick turnover!
We inly installed root certificate on all clients. We didn’t install proxy CA’s
public key on clients. So you suggestion fix that we need to install both
certificate and proxy ca’s public key on clients.
Thanks,
Naresh
From: squid-users [mailto:squid-users-boun.
Hey Walter,
Something is still missing to me about the network and network interfaces.
I need the output of:
ip a
brctl show br0
And try to apply the next iptables rules to see if it works OK for you:
http://ngtech.co.il/paste/1782/raw/
From what I understand the proxy is just another machine in
Hello Eliezer,
it is just this:
# Generated by iptables-save v1.4.7 on Wed Jul 19 20:25:22 2017
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
-A INPUT -d 224.0.0.0/4 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i b
One out of two. Either the Squid does not see the OpenSSL/system root
CAs bundle, or the proxy CA's public key is not installed in the
clients. It's all.
19.07.2017 23:30, Walter H. пишет:
> Hello,
>
> this seems not to be the problem, as the error messages are in
> cache.log, which is not a brow
This simple seems op does not installed proxy CA's public in clients. No
more.
And errors in cache.log (as well as client complaints) are unambiguously
shown.
All other ideas are your nonsense.
19.07.2017 23:30, Walter H. пишет:
> Hello,
>
> this seems not to be the problem, as the error messag
Hey iziz1,
Can you try to add squid.conf the next and see if it affects anything:
forwarded_for delete
via off
http://www.squid-cache.org/Doc/config/via/
http://www.squid-cache.org/Doc/config/forwarded_for/
And see if it changes anything?
Let Me Know if something changes,
Eliezer
Eliezer
Hey Walter,
Can you please paste the output of "iptables-save" for me?
It's easier for me to read plain iptables-save then iptables -Lnv or any other
format.
Then I would be able to send you a file that you can just pull into
iptables-restore which should work.
And just to clear out my doubts o
Hey,
I have not published the RHEL packages on the squid-cache wiki at:
http://wiki.squid-cache.org/KnowledgeBase/RedHat
And will try to add the details there in the next days.
You can try to use the RHEL which is similar to the centos and on the same
server which is mentioned in this page:
http:
Walter,
Thanks for quick turner below is my squid.conf file and errors I seen in
cache.log.
From: Cherukuri, Naresh
Sent: Wednesday, July 19, 2017 9:46 AM
To: 'squid-users@lists.squid-cache.org'
Subject: RE: Squid Version 3.5.20
Hi All,
I installed Squid version 3.5.20 on RHEL 7 and generated
Hello,
this seems not to be the problem, as the error messages are in
cache.log, which is not a browser problem ...
the question: are the SSL bumped sites in intranet, which use a self
signed CA cert itself, which squid doesn't know?
On 19.07.2017 17:36, Yuri wrote:
http://wiki.squid-cach
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
http://i.imgur.com/A153C7A.png
19.07.2017 21:34, Cherukuri, Naresh пишет:
>
> Hi All,
>
>
>
> I installed Squid version 3.5.20 on RHEL 7 and generated self-signed
> CA certificates, My users are complaining about certificate
Hi All,
I installed Squid version 3.5.20 on RHEL 7 and generated self-signed CA
certificates, My users are complaining about certificate errors. When I looked
at cache.log I see so many error messages like below. Below is my squid.conf
file. Any ideas how to address below errors.
Squid.conf:
Hi All,
I installed Squid version 3.5.20 on RHEL 7 and generated self-signed CA
certificates, My users are complaining about certificate errors. When I looked
at cache.log I see so many error messages like below. Below is my squid.conf
file. Any ideas how to address below errors.
Squid.conf:
On 18/07/17 05:34, Eliezer Croitoru wrote:
So basically from I understand the limit of the AUFS\UFS cache_dir is at:
16,777,215 Objects.
So for a very loaded system it might be pretty "small".
I have asked since:
I have seen the mongodb ecap adapter that stores chunks and I didn't liked it.
In t
On 19/07/17 21:52, Ralf Hildebrandt wrote:
Is there any ETA for squid5?
If I'm optimistic and assume that development gets back into the old
rythmn we had going for most of 3.x, then sometime late 2018 or early 2019.
Or did you mean v4 stable? when the last few bugs are fixed. I'm hopeful
On Wednesday 19 July 2017 at 10:52:12, Ralf Hildebrandt wrote:
> Is there any ETA for squid5?
I can't help but quote one of my mail sigs here:
Software development can be quick, high quality, or low cost.
The customer gets to pick any two out of three.
Note: I am not a Squid de
On Wednesday 19 July 2017 at 10:40:36, Walter H. wrote:
> On Wed, July 19, 2017 11:31, Antony Stone wrote:
> > On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> >> I added these rules, and will see which packets are caught
> >>
> >> -A INPUT -m state --state INVALID -j LOG --log-prefix "I
Is there any ETA for squid5?
--
Ralf Hildebrandt Charite Universitätsmedizin Berlin
ralf.hildebra...@charite.deCampus Benjamin Franklin
https://www.charite.de Hindenburgdamm 30, 12203 Berlin
Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155
_
On Wed, July 19, 2017 11:31, Antony Stone wrote:
> On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
>
>> I added these rules, and will see which packets are caught
>>
>> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]:
>> "
>> --log-level 7
>> -A FORWARD -m state --sta
On Wednesday 19 July 2017 at 10:16:30, Walter H. wrote:
> I added these rules, and will see which packets are caught
>
> -A INPUT -m state --state INVALID -j LOG --log-prefix "IP[IN(invalid)]: "
> --log-level 7
> -A FORWARD -m state --state INVALID -j LOG --log-prefix "IP[FWD(invalid)]:
> " --log
On Wed, July 19, 2017 03:21, Amos Jeffries wrote:
> On 19/07/17 01:37, Walter H. wrote:
>> On Tue, July 18, 2017 15:28, Matus UHLAR - fantomas wrote:
>>> On 18.07.17 14:29, Walter H. wrote:
-A INPUT -i br0 -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>
-A INPUT -i br0 -m tcp -p tcp --
On 19/07/17 01:42, Walter H. wrote:
(expanded from
): mail forwarding loop for
squid-us...@squid-cache.org
On 19.07.17 18:54, Amos Jeffries wrote:
You sent a mail to the address squid-users@squid-cache.*
The mailing list address is squid-users@lists.*
however this should not cause
35 matches
Mail list logo
