also how about if the tcp was tcp_tunnel
like below :
17/Jun/2018:08:18:09 -0400559 6xxx33833 x 2000 TCP_TUNNEL/200
1974 CONNECT www.google.com:443 xxxHIER_DIRECT/ www.google.com
2607:f8b0:4005:809::2004 c9f0:dfde:2da5:c4c0:7148:3646
all my logs from google is TCP_TUNNEL
hello folks
how debug google status codes in log file ?
in wiki i see we have :
1529368601.307 60038 184.154.133.146 TAG_NONE/503 0 CONNECT
www.google.com.et:443 fifoxy HIER_NONE/- -
the question is how can i see the http status code of connection in proxy ?
regards
__
Hi,
Can I leverage other information available in a server certificates's SAN field
to build my ACLs ?
Here's a sample from the SAN field ,
DNS Name=abc.example.com
IP Address=10.0.97.72
I haven't tried it but would using ssl::server_name_regex work to match
IP=10.0.97.* work?
Also I couldn't f
On 06/17/2018 02:28 AM, Stoica Bogdan Alexandru wrote:
> Thank you all for your suggestions. Polygraph is a good benchmark, but
> unfortunately it has a strict terms & conditions when it comes to
> publishing results and we plan to make the measurements part of a
> research paper.
Polygraph licens
Googling i foind this cfg lines:
acl SSLERR ssl_error X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN
sslproxy_cert_error allow SSLERR
sslproxy_cert_error deny all
The error " certificate verify failed has deissappeared, I refer to this error:
routines:CONNECT_CR_
have you tried -servername option for setting SNI extension?
On 18.06.18 08:31, Julian Perconti wrote:
How can i do this?
man s_client:\
-servername name
Set the TLS SNI (Server Name Indication) extension in the
ClientHello message.
--
Matus UHLAR - fantomas, uh
Hi guys.
Just wondering, if we want squid Authenticate users from our Active
Directory Windows 2012 server, do we need to have our Linux-Squid
3.5.x be part of the domain or a LDAP query can work without be part
of the domain?
Thanks.
___
squid-users ma
> have you tried -servername option for setting SNI extension?
How can i do this?
Well, debbuging cache.log i found this:
2018/06/18 08:22:08.822 kid1| 83,5| support.cc(300) ssl_verify_cb: Self signed
certificate in certificate chain: /CN=courier.push.apple.com/O=Apple
Inc./ST=California/C=U
On 18/06/18 16:54, Kedar K wrote:
> Hi Amos,
> Here is the topology:
>
> client (curl from host running docker) --> squid_child (docker, using
> ssl-bump with intercept) --> squid_parent (VM with internet connection,
> https_port without ssl-bump) --> origin server.
Consider where/how the child