Re: [squid-users] [External] Re: Need help

On 17/11/17 20:49, Vayalpadu, Vedavyas wrote: Hello All, Thanks for your help, we have resolved the issue once replaced the Old IP with the New IP under "cache_peer" in squid.conf file. You know that you can place a hostname there right? no need to manually configure the IP address. Amos

Re: [squid-users] [External] Re: Need help

Hello All, Thanks for your help, we have resolved the issue once replaced the Old IP with the New IP under "cache_peer" in squid.conf file. Regards Vyas -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Amos Jeffries Sent: Friday,

[squid-users] forward proxy to reverse proxy to app

Hi, I try to configure squid for a very special usecase but can't get it to work. So, if you could give me some hints on how to do it right, that would be great Here's what I try to achieve: the browser has proxy:8080 configured as manual proxy from the browser I access some websites when the

Re: [squid-users] squid 3.5.27 . https website

On 17/11/17 15:32, G~D~Lunatic wrote: i use squid 3.5.27 as a transparent proxy. Small correction: You have configured NAT interception proxy with SSL-Bump'ing. Not truly transparent. There are some vital differences. Most specific to your case is that interception proxies do alter the

Re: [squid-users] CONNECT + custom data

On 17/11/17 15:09, Richard Peeters wrote: Hi All, I have a requirement to forward proxy an opaque stream of data. One of the servers (acting as a client -A- to SQUID ) will use the CONNECT method to connect to SQUID (on server B) and squid will then proxy this data for A. My question is I want

Re: [squid-users] Deny ports to users

On 17/11/17 08:42, Yuri wrote: You choose not appropriate tool for you task. Squid is a proxy, not a firewall. Indeed. 17.11.2017 1:40, Jonathan thomas Cho пишет: Hello, I was curious how to restrict users from accessing ports . I have 4 workers and need them to have their own ports

Re: [squid-users] Proxy does not send response for internal host

On 17/11/17 03:57, tappdint wrote: I was able to get the proxy to work properly with the original settings I posted. The issue was with the docker network. There were multiple networks and the squid container ran on a separate network rather than the network where all the containers were

Re: [squid-users] [External] Re: Need help

On 17/11/17 02:08, Vayalpadu, Vedavyas wrote: Hello uhlar, No , I am bit new to squid proxy server, we have taken a TCP dump from the system and we see that. 1. From external application to proxy server the traffic is flowing, but from Proxy server to the internal application server traffic

Re: [squid-users] Is it possible to apply squid delay pools on users/groups from AD ?

On 17/11/17 03:40, Bike dernikov1 wrote: Thanks for info, we searched for solution but found that is not possible to combine delay polls, and forum is our last hope, so far we solved almost everything :) We have: Squid Object Cache: Version 3.5.23, so it could work. Can you give us example,

[squid-users] CONNECT + custom data

Hi All, I have a requirement to forward proxy an opaque stream of data. One of the servers (acting as a client -A- to SQUID ) will use the CONNECT method to connect to SQUID (on server B) and squid will then proxy this data for A. My question is I want to pass metadata from A to B which B will

Re: [squid-users] Slow speedtest results

On 11/16/2017 02:53 PM, Evan Pierce wrote: > I can't see anything but both are in production and being used while I > was testing so generated a lot of data Sorry, I did not realize you are using live Squids for these tests! Combining real and test traffic makes triage a lot harder and pretty

Re: [squid-users] Slow speedtest results

On 2017/11/16 10:55 PM, Alex Rousskov wrote: On 11/16/2017 12:18 PM, Evan Pierce wrote: Any idea why when using www.speedtest.net on my squid proxy ( squid 3.5.27 on Centos 6.9) gives consistently false/bad speeds while doing a speed test. The actual speed when downloading a file from a actual

Re: [squid-users] Slow speedtest results

On 11/16/2017 12:18 PM, Evan Pierce wrote: > Any idea why when using www.speedtest.net on my squid proxy ( squid > 3.5.27 on Centos 6.9) gives consistently false/bad speeds while doing a > speed test. The actual speed when downloading a file from a actual web > server like say the microsoft

Re: [squid-users] Slow speedtest results

On Thursday 16 November 2017 at 19:18:15, Evan Pierce wrote: > Hi all > > Any idea why when using www.speedtest.net on my squid proxy ( squid > 3.5.27 on Centos 6.9) gives consistently false/bad speeds while doing a > speed test. > A similarly configured squid on smaller hardware and the same

Re: [squid-users] Deny ports to users

You choose not appropriate tool for you task. Squid is a proxy, not a firewall. 17.11.2017 1:40, Jonathan thomas Cho пишет: > Hello, I was curious how to restrict users from accessing ports .  > > I have 4 workers and need them to have their own ports and not able to > use the other 3.   > > I

[squid-users] Deny ports to users

Hello, I was curious how to restrict users from accessing ports . I have 4 workers and need them to have their own ports and not able to use the other 3. I currently use : http_port 3128 name=ip2 http_port 3129 name=ip3 http_port 3130 name=ip4 acl ip2 myip x.x.x.2 acl ip3 myip x.x.x.3 acl ip4

[squid-users] Slow speedtest results

Hi all Any idea why when using www.speedtest.net on my squid proxy ( squid 3.5.27 on Centos 6.9) gives consistently false/bad speeds while doing a speed test. The actual speed when downloading a file from a actual web server like say the microsoft website is consistently good (30Mb/s fiber -

Re: [squid-users] deny_info

On 11/16/2017 12:52 AM, Vieri wrote: > From: Amos Jeffries >> Because there are actually no custom deny_info attached to that >> "denied_restricted1_mimetypes_rep" ACL. > Right. I don't know how I missed that. Sorry. FWIW, I recommend avoiding "denied", "allowed", and

Re: [squid-users] block user agent

On 11/16/2017 01:44 AM, Vieri wrote: > Let me rephrase my previous question "So why does my first example > actually work even for https sites?" to "So why does my first example > actually work even for https sites in an ssl-bumped setup (the same > as in example 2)?" AFAICT, there is not enough

Re: [squid-users] Proxy does not send response for internal host

I was able to get the proxy to work properly with the original settings I posted. The issue was with the docker network. There were multiple networks and the squid container ran on a separate network rather than the network where all the containers were operating. To fix the issue I simply ran

Re: [squid-users] SQUID memory error after vm.swappines changed from 60 to 10

On Thu, Nov 16, 2017 at 8:58 AM, Amos Jeffries wrote: > On 16/11/17 01:32, Bike dernikov1 wrote: >> >> >> If i can ask under same title: >> Yesterday we had error in logs: syslog, cache.log, dmesg,access.log >> >> segfault at 8 ip ... sp . error 4 is squid >> process

Re: [squid-users] Is it possible to apply squid delay pools on users/groups from AD ?

Thanks for info, we searched for solution but found that is not possible to combine delay polls, and forum is our last hope, so far we solved almost everything :) We have: Squid Object Cache: Version 3.5.23, so it could work. Can you give us example, how to use it. Colleague searched for

Re: [squid-users] [External] Re: Need help

Hello uhlar, No , I am bit new to squid proxy server, we have taken a TCP dump from the system and we see that. 1. From external application to proxy server the traffic is flowing, but from Proxy server to the internal application server traffic is not flowing. 2. But from Proxy server to the

Re: [squid-users] block user agent

From: Amos Jeffries > > If you are decrypting the traffic, then it works as I said exactly the > same as for HTTP messages. > > If you are not decrypting the traffic, but receiving forward-proxy > traffic then you are probably blocking the

Re: [squid-users] Need help

On 16.11.17 09:42, Vayalpadu, Vedavyas wrote: Nov 16 10:17:20 dkbavlpxpxy01 squid[91497]: Failed to select source for 'https://dkbavwpato02.global.internal.carlsberggroup.com/SES/services/masterdata/administratorServices-1.0.wsdl' And customer is not able to connect to the application.

[squid-users] Need help

Hi All, Iam getting this error in /var/log/messages. Nov 16 10:17:20 dkbavlpxpxy01 squid[91497]: Failed to select source for 'https://dkbavwpato02.global.internal.carlsberggroup.com/SES/services/masterdata/administratorServices-1.0.wsdl' And customer is not able to connect to the application.

Re: [squid-users] SSL Bump for regex URL comparison

On 16.11.17 08:21, Joe Foster wrote: The problem is the connections are not getting through. It just acts like there is no WiFi connection. what exactly is the error? Does squid receive those connections? does squid reject them? -- Matus UHLAR - fantomas, uh...@fantomas.sk ;

Re: [squid-users] block user agent

On 16/11/17 21:29, Vieri wrote: From: Amos Jeffries The following works: acl denied_useragent browser Chrome acl denied_useragent browser MSIE acl denied_useragent browser Opera acl denied_useragent browser Trident [...] http_access

Re: [squid-users] block user agent

Let me rephrase my previous question "So why does my first example actually work even for https sites?" to "So why does my first example actually work even for https sites in an ssl-bumped setup (the same as in example 2)?" ___ squid-users mailing list

Re: [squid-users] cannot set pid_filename in an include

From: Amos Jeffries > > Note how the complaint is coming from your init script, not Squid. {Thanks,Sorry} again. Vieri ___ squid-users mailing list squid-users@lists.squid-cache.org

Re: [squid-users] block user agent

From: Amos Jeffries > >> The following works: >> >> acl denied_useragent browser Chrome >> acl denied_useragent browser MSIE >> acl denied_useragent browser Opera >> acl denied_useragent browser Trident >> [...] >> http_access deny

Re: [squid-users] cannot set pid_filename in an include

On 16/11/17 20:26, Vieri wrote: Hi, Correct me if I'm wrong, but this may be a parsing bug: # /etc/init.d/squid.test start * /etc/squid/squid.test.conf must set pid_filename to */run/squid.test.pid However, I have: # grep include /etc/squid/squid.test.conf include

Re: [squid-users] SSL Bump for regex URL comparison

Hello Amos, The problem is the connections are not getting through. It just acts like there is no WiFi connection. Adding the cert db every start up isn’t an issue. I was thinking of having a small cert cache locally instead thinking about it since. The connections just aren’t being made. No

Re: [squid-users] SSL Bump for regex URL comparison

On 16/11/17 02:32, Joe Foster wrote: Good afternoon, I have a small router onto which I have installed Squid. I am trying to filter HTTPS urls for bad words on a blocked list. It will require the client on the safe side of the router to install the certificate, this isn't an issue as it's an

Re: [squid-users] Is it possible to apply squid delay pools on users/groups from AD ?

On 16/11/17 01:43, Bike dernikov1 wrote: Hi, this is my second topic, i wouldn't wan to mix with first. I hope that is ok. i hope that someone succeeded to apply delay pools on users/groups from AD. We are now using delay pool on whole 10.0.0.0/8, but that is a problem as different users have