> So I finally got the whitelist working, but now every other box on the
> "localnet", when trying to access the whitelist, gets a:
>
> 2018/05/14 07:40:18 kid1| SECURITY ALERT: on URL: www.ubuntu.com:443
> 2018/05/14 07:40:18 kid1| SECURITY ALERT: Host header forgery detected on
>
So I finally got the whitelist working, but now every other box on the
"localnet", when trying to access the whitelist, gets a:
2018/05/14 07:40:18 kid1| SECURITY ALERT: on URL: www.ubuntu.com:443
2018/05/14 07:40:18 kid1| SECURITY ALERT: Host header forgery detected on
local=91.189.89.118:443
>> It's like when the traffic is HTTP the whitelist is working, but when the
>> traffic is HTTPS the whitelist isn't working.
>
> Yes, that is exactly what is happening.
>
> * When intercepting HTTP (port 80) traffic the protocol is HTTP. Squid
> is receiving messages generated by the client
On 14/05/18 12:49, Martin Hanson wrote:
> I have enabled debugging and found something quite strange.
>
> In order to better debug I have limited the whitelist to two domains, one
> HTTP and one with HTTPS:
>
> acl whitelist ssl::server_name .ubuntu.com .sundkat.dk
>
> When I go to
> On 05/13/2018 06:15 PM, Martin Hanson wrote:
>
>> # THIS ISN'T WORKING!!!
>> # https://www.ubuntu.com is blocked with "Access Denied" from Squid.
>> http_access allow windows_boxes whitelist
>
> I suspect the request is blocked during SslBump step1 because there is
> not enough information in
On 13/05/18 23:22, Alex K wrote:
> Thanx Eliezer and Amos for the feedback. I just saw the logformat
> directive and will experiment with that.
> Yes, I have a small group of users (up to 30 - 40 devices) but the
> hardware is a relatively small appliance (4G RAM, 4 cores 2GHz, SSD).
>
That
On 14/05/18 12:35, Alex Rousskov wrote:
> On 05/13/2018 06:15 PM, Martin Hanson wrote:
>
>> # THIS ISN'T WORKING!!!
>> # https://www.ubuntu.com is blocked with "Access Denied" from Squid.
>> http_access allow windows_boxes whitelist
>
> I suspect the request is blocked during SslBump step1
I have enabled debugging and found something quite strange.
In order to better debug I have limited the whitelist to two domains, one HTTP
and one with HTTPS:
acl whitelist ssl::server_name .ubuntu.com .sundkat.dk
When I go to http://www.sundkat.dk, which is a HTTP domain, I get the following:
On 14/05/18 09:47, senor wrote:
> Hi All,
>
> I had to change a monitor script to use squidclient ping instead of
> 'squid -k check' because the check would succeed even if all workers had
> died except for the coordinator and disker. Obviously, the real problem
> is that the workers are dying
On 05/13/2018 03:47 PM, senor wrote:
> I'm looking for ATM is a way to
> restart individual workers. It seems a complete restart is necessary
> once the coordinator gives up after a few attempts. I'd like to trigger
> the coordinator to retry or something similar. Anything possible?
Yes, in
On 05/13/2018 06:15 PM, Martin Hanson wrote:
> # THIS ISN'T WORKING!!!
> # https://www.ubuntu.com is blocked with "Access Denied" from Squid.
> http_access allow windows_boxes whitelist
I suspect the request is blocked during SslBump step1 because there is
not enough information in the fake
>> This is my current squid.conf. I know I am overlooking something, but I
>> cannot figure out what I am doing wrong.
>
> The comments on this config tell a story of some misunderstandings ...
Thank you for all the valuable feedback. I originally set this up years ago. I
have updated the
I also tried the above, but the result is the same.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Hi All,
I had to change a monitor script to use squidclient ping instead of
'squid -k check' because the check would succeed even if all workers had
died except for the coordinator and disker. Obviously, the real problem
is that the workers are dying but what I'm looking for ATM is a way to
Thanx Eliezer and Amos for the feedback. I just saw the logformat directive
and will experiment with that.
Yes, I have a small group of users (up to 30 - 40 devices) but the hardware
is a relatively small appliance (4G RAM, 4 cores 2GHz, SSD).
Alex
On Sun, May 13, 2018, 11:37 Eliezer Croitoru
To lose the stress on the DB you can use a custom format as Amos suggested but..
I think that when you will define and write what you want to log exactly you
will get what you need and want.
The general squid access log is pretty lose and I believe that with these days
hardware the
On 13/05/18 10:55, Alex K wrote:
>
> Is there a way I format the log and pipe to DB only some interesting
> fields in order to lessen the stress to DB?
>
You can use the logformat directive to define a format of your choice
and log that instead of the default Squid format.
On 13/05/18 13:55, Martin Hanson wrote:
>
> This is my current squid.conf. I know I am overlooking something, but I
> cannot figure out what I am doing wrong.
>
The comments on this config tell a story of some misunderstandings ...
>
> acl step1 at_step SslBump1
> acl localnet src
On 13/05/18 14:17, Alex Rousskov wrote:
> On 05/12/2018 07:55 PM, Martin Hanson wrote:
>> # !!! THIS ISN'T WORKING !!! ubuntu.com, mojang.com still gets blocked on
>> these boxes.
>> http_access deny windows_boxes !whitelist
> ...
>> http_access deny all
>
> You have no rules that allow
19 matches
Mail list logo