On 7/25/18 7:07 PM, Andrea Venturoli wrote:
On 7/25/18 6:46 PM, Amos Jeffries wrote:
What is your "squid -v" output?
If --disable-http-violations is used then relaxed parser will not
include those "must never be transmitted in un-escaped form" (RFC 2396)
characters.
It's there!!!
Thanks for
Before destroying our Squid proxy with an ACL, I'd like to LOG ACL hits
instead of using "http_access deny" straight away:
--- nsip ---
acl markURLhaus annotate_transaction accessRule=URLhaus
acl URLhaus url_regex "/etc/squid5/generated-urlhaus.acl"
http_access deny URLhaus markURLhaus
--- nsip --
On 26.07.18 15:15, Ralf Hildebrandt wrote:
Before destroying our Squid proxy with an ACL, I'd like to LOG ACL hits
instead of using "http_access deny" straight away:
--- nsip ---
acl markURLhaus annotate_transaction accessRule=URLhaus
acl URLhaus url_regex "/etc/squid5/generated-urlhaus.acl"
htt
On 07/26/2018 07:15 AM, Ralf Hildebrandt wrote:
> Before destroying our Squid proxy with an ACL, I'd like to LOG ACL hits
> instead of using "http_access deny" straight away:
>
> --- nsip ---
> acl markURLhaus annotate_transaction accessRule=URLhaus
> acl URLhaus url_regex "/etc/squid5/generated-u
Hi to all.
Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
I follow a lot of tutorial... and cant do it.
The best i have is this (and is strange).
When the pc start i see in log of squid the ip of that pc.
tail -f /var/log/squid/access.log | grep 192.168.6.22
1532616150
On Thursday 26 July 2018 at 17:06:20, erdosain9 wrote:
> Hi to all.
> Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
> I follow a lot of tutorial... and cant do it.
> The best i have is this (and is strange).
> When the pc start i see in log of squid the ip of that pc.
Hi, thanks
I try Explorer 8.0 and Chrome 68.0...
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-use
On 26.07.2018 17:32, erdosain9 wrote:
Hi, thanks
I try Explorer 8.0 and Chrome 68.0...
this can be deactivated on browser side; then wpad is for the cats ...
Walter
smime.p7s
Description: S/MIME Cryptographic Signature
___
squid-users mailing l
Hi,
Resuming the above conversation; When looking at the cache log and the
code, I find that when peek is done at step 1 and then bumped, the
connection gets pinned after *httpsPeeked() *is called.
Log:
*2018/07/23 11:40:29.572 kid1| 17,4| AsyncCallQueue.cc(55) fireNext:
entering ConnStateData::
On 07/26/2018 02:49 PM, Vishali Somaskanthan wrote:
> 1. Are there any security reasons behind /pinning the connection/ when a
> peek is done at Step1
I doubt there is some fundamental _security_ reason to pin if you bump
without forwarding the TLS client information to the server. The reasons
to
Hi,
FYI, in all my examples below, one have the same client and same server
By re-use I meant to say that the server-connection S (TCP + SSL) is
re-used across 2 client connections (C1 and C2), from the same client one
after the other is torn down. I, presume that “*server_persistent_connection
On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
> By re-use I meant to say that the server-connection S (TCP + SSL) is
> re-used across 2 client connections (C1 and C2), from the same client
> one after the other is torn down. I, presume that
> “/server_persistent_connection on/” allows for su
On 27/07/18 03:06, erdosain9 wrote:
> Hi to all.
> Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
> I follow a lot of tutorial... and cant do it.
> The best i have is this (and is strange).
> When the pc start i see in log of squid the ip of that pc.
>
> tail -f /var/l
On 27/07/18 13:31, Alex Rousskov wrote:
> On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
>
>> By re-use I meant to say that the server-connection S (TCP + SSL) is
>> re-used across 2 client connections (C1 and C2), from the same client
>> one after the other is torn down. I, presume that
>> “
I'm running squid4.1 interception peek+splice mode.
Some sites with HSTS(max-age=0) will not work whenever squid is on, HSTS
max-age=0 is supposed to turn off HSTS, but chrome/firefox will keep
redirecting https<-->http until it failed(too many redirects). Once Squid
is removed all is good.
I als
On 07/26/2018 09:15 PM, Amos Jeffries wrote:
> On 27/07/18 13:31, Alex Rousskov wrote:
>> On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
>>
>>> By re-use I meant to say that the server-connection S (TCP + SSL) is
>>> re-used across 2 client connections (C1 and C2), from the same client
>>> one
On 27/07/18 16:10, Gordon Hsiao wrote:
> I'm running squid4.1 interception peek+splice mode.
>
> Some sites with HSTS(max-age=0) will not work whenever squid is on, HSTS
> max-age=0 is supposed to turn off HSTS, but chrome/firefox will keep
> redirecting https<-->http until it failed(too many redi
On 27/07/18 16:18, Alex Rousskov wrote:
> On 07/26/2018 09:15 PM, Amos Jeffries wrote:
>> On 27/07/18 13:31, Alex Rousskov wrote:
>>> On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
>>>
By re-use I meant to say that the server-connection S (TCP + SSL) is
re-used across 2 client connec
18 matches
Mail list logo
