Re: [squid-users] extract http headers from CONNECT / bumped ssl?

On 08/24/2017 06:31 PM, Aaron Turner wrote: > Actually, looks like I was misunderstanding the access.log, it was working: > > 1503620688.280 0 10.93.3.85 TAG_NONE/200 0 CONNECT synfin.net:443 > - HIER_NONE/- - ip_index=0,client=- > 1503620689.241947 10.93.3.85 TCP_MISS/200 57810 GET > ht

Re: [squid-users] Block WebRTC Leak using Squid

Thanks Amos, Can i use the above configuration even though I am using tcp_outgoing_address in the squid conf? I want to make visible only tcp_outgoing_address only visible to outside and not real client IP. On Fri, Aug 25, 2017 at 4:11 AM, Amos Jeffries wrote: > On 25/08/17 03:21, Sekar Duraisam

Re: [squid-users] extract http headers from CONNECT / bumped ssl?

On Thu, Aug 24, 2017 at 5:16 PM, Alex Rousskov wrote: > On 08/24/2017 06:00 PM, Aaron Turner wrote: >> So I've deployed squid in forward mode, installed the CA in my web >> clients, etc and have squid working fine for both http and https >> traffic. > > Forgive me for double checking, but is SSL b

Re: [squid-users] extract http headers from CONNECT / bumped ssl?

On 08/24/2017 06:00 PM, Aaron Turner wrote: > So I've deployed squid in forward mode, installed the CA in my web > clients, etc and have squid working fine for both http and https > traffic. Forgive me for double checking, but is SSL bumping actually working? For example, do you see individual dec

[squid-users] extract http headers from CONNECT / bumped ssl?

So I've deployed squid in forward mode, installed the CA in my web clients, etc and have squid working fine for both http and https traffic. One thing I need to do is be able to extract a http request header into an external_acl_type: external_acl_type client_ip_map_0 %>{My-Custom-Client-Id} /usr

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 25/08/17 04:16, Olivier MARCHETTA wrote: Hello Squid Users, I have configured a squid reverse proxy to access Microsoft SharePoint Online with the aim of caching the document libraries into the squid cache for a branch office. But so far I can see the access log with the GET HTTP requests

Re: [squid-users] Block WebRTC Leak using Squid

On 25/08/17 03:21, Sekar Duraisamy wrote: I am using http_port 3128 ( direct proxy ) Then: # to hide the proxy via off forwarded_for transparent # to hide the client via on forwarded_for delete request_header_access User-Agent deny all As you may be able to tell from those you canno

[squid-users] Squid Reverse Proxy and WebDAV caching

Hello Squid Users, I have configured a squid reverse proxy to access Microsoft SharePoint Online with the aim of caching the document libraries into the squid cache for a branch office. But so far I can see the access log with the GET HTTP requests from the users but none will be stored into th

Re: [squid-users] Block WebRTC Leak using Squid

I am using http_port 3128 ( direct proxy ) On Thu, Aug 24, 2017 at 5:33 PM, Eliezer Croitoru wrote: > Hey, > > Is the proxy a simple forward proxy or a transparent? > Ie what "http_port" line looks like? > > Also, you should never use this: > request_header_access Host deny all > > if you want ht

[squid-users] http://bugs.squid-cache.org times out

its ben cpl day wen i use search Gateway Timeout The gateway did not receive a timely response from the upstream server or application. Apache/2.4.7 (Ubuntu) Server at bugs.squid-cache.org Port 80 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/http-bugs-

Re: [squid-users] Squid stopped writing the log files... just for a while.

About the FD limit, it's pretty safe to use a big number of FD limit such as 65k(65535) for a period of time and if it works fine then leave it as is. Is Jessie using a systemd unit file? If it's using a system unit try to add into the service file under the service section: [Service] LimitNOFILE

Re: [squid-users] Block WebRTC Leak using Squid

Hey, Is the proxy a simple forward proxy or a transparent? Ie what "http_port" line looks like? Also, you should never use this: request_header_access Host deny all if you want http to work properly. I am not sure if it's possible to apply this rule. Try to use: forwarded_for delete All The Be

[squid-users] Block WebRTC Leak using Squid

Hello All, I have configured squid with the following configuration. via off forwarded_for off request_header_access X-Forwarded-For deny all request_header_access Host deny all Squid Version : squid-3.5.20 But still my local IP address and my public IP address are leaked when i test through We

[squid-users] Block WebRTC leak using Suid

Hello All, I have configured squid with the following configuration. via off forwarded_for off request_header_access X-Forwarded-For deny all request_header_access Host deny all Squid Version : squid-3.5.20 But still my local IP address and my public IP address are leaked when i test through We

[squid-users] How to block WebRTC leak using Squid - Local IP information and Public IP information

Hello All, I have configured squid with the following configuration. via off forwarded_for off request_header_access X-Forwarded-For deny all request_header_access Host deny all Squid Version : squid-3.5.20 But still my local IP address and my public IP address are leaked when i test through We