Re: [squid-users] How to definitively disable IPv6

On 26/01/19 5:00 am, Amos Jeffries wrote: > On 25/01/19 11:29 pm, Troiano Alessio wrote: >> Hello, >> >> I need to definitively solve the ipv6 (un)reachbility issue. >> >> I state I read this topic: >> http://squid-web-proxy-cache.1019090.n4.nabble.com/dns-v4-first-on-ignored-td4658427.html >> but

Re: [squid-users] Only allow specific Users per Port

On 26/01/19 4:19 pm, Schokobecher wrote: > Hello, > > I'm struggling quite a bit with transitioning from basic_ncsa_auth to > basic_db_auth. > I have some ports where only certain users (sometimes just one) is > allowed to connect/pass the ACL check. > > I'm running Squid 3.28 on Ubuntu   > > I

Re: [squid-users] YouTube cache

On 26/01/19 6:30 am, Մուշեղ Դավթյան wrote: > Hi dear squid users. Somebody can help me to make youtube online videos > cache? Anybody have experience in 2019? Thanks a lot > The situation with YouTube cacheability has not changed in several years. The many discussions and tools mentioned on this

[squid-users] Only allow specific Users per Port

Hello, I'm struggling quite a bit with transitioning from basic_ncsa_auth to basic_db_auth. I have some ports where only certain users (sometimes just one) is allowed to connect/pass the ACL check. I'm running Squid 3.28 on Ubuntu I have lines like this: acl userA proxy_auth_regex -i userA

Re: [squid-users] Using a static wildcard certificate with ssl-bump in explicit forward proxy mode

On 26/01/19 5:51 am, Bill Bernsen wrote: > Hi, > > I have squid running as an explicit forward proxy on the > host example.com  controlling access to all hosts > in *.example.com . All the hosts in *.example.com >  have self-signed

Re: [squid-users] Fwd: Https blocked sites getting ssl error , with connection abruptly ending - Peek and splice feature

On 1/25/19 10:18 AM, bandeep2000 wrote: > Have configured squid proxy with https whitelisted sites using ssl bump, > peek and splice feature in transparent mode. > Is there a way to terminate the connection with access denied message > gracefully(with 403 error code) Yes, there is, but it

[squid-users] Fwd: Https blocked sites getting ssl error , with connection abruptly ending - Peek and splice feature

Hi Everyone, Have configured squid proxy with https whitelisted sites using ssl bump, peek and splice feature in transparent mode. Although non whitelisted site are getting blocked, but it is not graceful, with 'ssl connect error' and no 403 message(using curl). For http, it is working fine

[squid-users] Using a static wildcard certificate with ssl-bump in explicit forward proxy mode

Hi, I have squid running as an explicit forward proxy on the host example.com controlling access to all hosts in *.example.com. All the hosts in *.example.com have self-signed certificates that I want to appear as trusted to user browsers. I don't have the option of obtaining a trusted CA. I do,

Re: [squid-users] How to definitively disable IPv6

On 25/01/19 11:29 pm, Troiano Alessio wrote: > Hello, > > I need to definitively solve the ipv6 (un)reachbility issue. > > I state I read this topic: > http://squid-web-proxy-cache.1019090.n4.nabble.com/dns-v4-first-on-ignored-td4658427.html > but not found a solution. Amos wrote “Squid tests

Re: [squid-users] How to definitively disable IPv6

On 1/25/19 3:29 AM, Troiano Alessio wrote: > I need to definitively solve the ipv6 (un)reachbility issue. You can * build Squid with --disable-ipv6 * try an experimental (and unofficial) Squid branch that implements the TCP part of the Happy Eyeballs algorithm:

Re: [squid-users] HELP! Ssl_bump - acl , dstdomain , denied by fqdn need ip

On 1/25/19 1:15 AM, Александр Александрович Березин wrote: > 0 192.168.50.10 TCP_DENIED/200 0 CONNECT 208.64.202.87:443 - HIER_NONE/- - Looks like your http_access rules deny some (or all) CONNECT requests, probably during SslBump step1. This is not related to your ssl_bump rules. Examine those

Re: [squid-users] HELP! Ssl_bump - acl , dstdomain , denied by fqdn need ip

On 25/01/19 9:15 pm, Александр Александрович Березин wrote: > Please HELP! >   > Hello dear members of the community > excuse me for disturbing me, but I could not find an answer to the > question, so I speak to you, sorry again >   > i have >   ... > > in /etc/squid.conf > > ... > > acl

[squid-users] R: How to definitively disable IPv6

Thank you Bruno for the answer. The DNS returns both IPv6 and IPv4 addresses, but it depends on the request (A or ). Squid should do both and prefer in order the IPv4 answer. I added the IPV6INIT=no on my interface and http_port 172.31.1.68:8080, restarted squid, but same behavior. Il

Re: [squid-users] How to definitively disable IPv6

Em 25/01/2019 08:29, Troiano Alessio escreveu: What can I do? My ISP is IPv4 only. I'm not completely sure but it looks more like a DNS issue than the IP binding on Squid server. But check if your 'ifcfg-ethX' has IPV6INIT=no. Also, is Squid listening on all local IPs? If yes, then try

[squid-users] How to definitively disable IPv6

Hello, I need to definitively solve the ipv6 (un)reachbility issue. I state I read this topic: http://squid-web-proxy-cache.1019090.n4.nabble.com/dns-v4-first-on-ignored-td4658427.html but not found a solution. Amos wrote “Squid tests for IPv6 ability automatically by opening a socket on a

[squid-users] HELP! Ssl_bump - acl , dstdomain , denied by fqdn need ip

Please HELP! Hello dear members of the communityexcuse me for disturbing me, but I could not find an answer to the question, so I speak to you, sorry again i have #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018 x86_64 x86_64 x86_64 GNU/LinuxNo LSB modules are available.Distributor ID: