Re: [squid-users] Unable to Disable sslv3

2018-09-12 Thread Amos Jeffries
On 13/09/18 12:54 PM, Alex Rousskov wrote: > On 09/12/2018 03:47 PM, squid wrote: > >> We are using squid as reverse proxy and we have disabled SSLv3 : > >> https_port XXX.XXX.XXX.XXX:443 accel defaultsite=www.example.com >> vhost cert=/etc/cert.pem key=/etc/privkey.pem >>

Re: [squid-users] About SSL peek-n-splice/bump configurations

2018-09-12 Thread Julian Perconti
> I am afraid you do not. You are probably missing the fact that, at each step, > the rules after the matching applicable rule are not checked. > Also, you seem to insert some implicit peeking rules that are never there. > Finally, there may be some confusion regarding how multiple ACLs on one >

Re: [squid-users] Unable to Disable sslv3

2018-09-12 Thread Alex Rousskov
On 09/12/2018 03:47 PM, sq...@buglecreek.com wrote: > We are using squid as reverse proxy and we have disabled SSLv3 : > https_port XXX.XXX.XXX.XXX:443 accel defaultsite=www.example.com > vhost cert=/etc/cert.pem key=/etc/privkey.pem >

[squid-users] Unable to Disable sslv3

2018-09-12 Thread squid
I asked this some time ago and am bringing it up again to see if there are any suggestions since we haven't been able to fix it. We are using squid as reverse proxy and we have disabled SSLv3 : https_port XXX.XXX.XXX.XXX:443 accel defaultsite=www.example.com vhost cert=/etc/cert.pem

Re: [squid-users] About SSL peek-n-splice/bump configurations

2018-09-12 Thread Alex Rousskov
On 09/12/2018 08:28 AM, Julian Perconti wrote: > Please, let me know if I understand why those cfg are equals I am afraid you do not. You are probably missing the fact that, at each step, the rules after the matching applicable rule are not checked. Also, you seem to insert some implicit

Re: [squid-users] Squid Cache Server

2018-09-12 Thread Amos Jeffries
On 13/09/18 2:16 AM, Mujtaba Hassan Madani wrote: > Dear Squid Team, > >      how does content provider prevent it from been cached while passing > through squid proxy it's by a copy right law No. Contents which can be transferred through a proxy are implicitly licensed for re-distribution.

Re: [squid-users] About SSL peek-n-splice/bump configurations

2018-09-12 Thread Julian Perconti
> > So, in a brief the confi is: > > > > ssl_bump peek step1 all > > ssl_bump peek step2 noBumpSites > > ssl_bump stare step2 all > > ... which should be equivalent to an even simpler config: > > ssl_bump peek step1 > ssl_bump peek noBumpSites > ssl_bump stare all Yes, i've tested and

Re: [squid-users] Squid Cache Server

2018-09-12 Thread Mujtaba Hassan Madani
Dear Squid Team, how does content provider prevent it from been cached while passing through squid proxy it's by a copy right law or some encryption is implemented in the traffic ? and where can I find the contents that been cached on my squid proxy ? thanks for your assistant Mujtaba

Re: [squid-users] [NOC] Using Nfqueue or DAQ in squid

2018-09-12 Thread Amos Jeffries
On 12/09/18 7:17 AM, morteza1131 wrote: > Tanks for your response. > I totally understand how iptables work. Then you should already know very well the answers to all these questions you ask, including why Squid cannot do what you want. You attempting to troll? > are you familiar with snort!?