[squid-users] Random trouble with image downloads

OK, I've got Squid mostly working fine, but have noticed a problem with certain image downloads, which in at least one case are coming from storage.googleapis.com. (Profile images for a forum.) It's as if Squid sometimes randomly fails to download and correctly cache a given image, and instead

Re: [squid-users] Getting SSL Connection Errors

Hey Usama, There are more missing details on the system. If you provide the OS and squid details I might be able to provide a script that will pull most of the relevant details on the system. I don’t know about this specific issue yet and it seems like there is a SSL related issue and it mi

Re: [squid-users] is there any squid 4.x version has delay_pools working?

Hey Ahmad, Can you please give more details on the specific issue or issues you have verified in 4.17? What exactly doesn't work in delay_pools? Plain HTTP download or upload speed? Is it only on HTTP or also on CONNECT or HTTPS or SSL-BUMP connections? Eliezer * I was thinking

[squid-users] is there any squid 4.x version has delay_pools working?

I tried many squid 4.x versions and none of them has delay_pools to work . I have it to work on 3.x versions . is there any specific 4.x version that ws tested with delay pools to work ? i would like to report it as bug at least in squid-4.17

Re: [squid-users] Trying to set up SSL cache - solved!

On Thu, 24 Feb 2022 15:07:53 -0500 Alex Rousskov wrote: > > What is the replacement for client-first? > > A "good" answer depends on what exactly you are trying to achieve; > details matter. A "dumb" answer (i.e. a direct replacement without > considering your true needs and Squid bugs) is: >

[squid-users] Getting SSL Connection Errors

Hi I have a squid running on a linux box ( about 16GB ram and 4 cpu ) -- it runs fine for the most part but when I am launching multiple jobs that are connecting with salesforce BulkAPI, sometimes connections are dropped. its not predictable and happens only when there is so much load on squid. Can

Re: [squid-users] Trying to set up SSL cache - solved!

On 2/24/22 14:38, Dave Blanchard wrote: > ssl_bump client-first all What is the replacement for client-first? A "good" answer depends on what exactly you are trying to achieve; details matter. A "dumb" answer (i.e. a direct replacement without considering your true needs and Squid bugs) is:

Re: [squid-users] Trying to set up SSL cache - solved!

On Thu, 24 Feb 2022 14:22:25 -0500 Alex Rousskov wrote: > [...] > > action is supposed to be doing. Legacy actions mentioned there, > including client-first, should be treated as unsupported, having unknown > side effects, and meant to be removed from Squid (yesterday). YMMV. What is the repla

Re: [squid-users] Trying to set up SSL cache - solved!

On 2/24/22 13:24, Dave Blanchard wrote: ssl_bump client-first all ssl_bump stare all ssl_bump splice localhost Bugs notwithstanding, the above configuration is equivalent to the configuration below: ssl_bump client-first all The following wiki page can be used to find out what each ssl_

Re: [squid-users] Trying to set up SSL cache - solved! - correction

On Thu, 24 Feb 2022 12:24:35 -0600 Dave Blanchard wrote: > (Note for any other confused noobs reading this: this configuration > apparently requires Squid to be compiled with --with openssl and > --with-ssl-crtd options on the 'configure' command line; or at least it did > in older versions, a

Re: [squid-users] Trying to set up SSL cache - solved!

On Thu, 24 Feb 2022 11:08:48 -0500 Alex Rousskov wrote: > On 2/23/22 22:09, Dave Blanchard wrote: > > OK--I solved the problem by removing the "ssl_bump bump all" line. > > Works fine now. > > > Damn, this proxy is a TOTAL PAIN IN THE ASS!! to configure. It seems > > like 90% of the tutorials ou

Re: [squid-users] Trying to set up SSL cache - solved!

On 2/23/22 22:09, Dave Blanchard wrote: OK--I solved the problem by removing the "ssl_bump bump all" line. Works fine now. Damn, this proxy is a TOTAL PAIN IN THE ASS!! to configure. It seems like 90% of the tutorials out there are junk, largely because things keep changing from version to ver

[squid-users] Squid Question regarding tcp handshake

Hi, A question Regarding TCP handshake. Does squid first complete the tcp handshake on its users and then a second handshake on the destination IP or as soon as it receives the TCP SYN flag it does the same with the destination. This is for transparent mode. Thanks,

Re: [squid-users] Trying to set up SSL cache - solved!

Hi Eliezer, this is on a custom Linux distro. I was using Traffic Server after the failed initial foray into Squid-land, but it also wasn't caching SSL, and it's even more poorly documented. Also, annoyingly, TS was updating its on-disk stat file every five seconds, slowly but steadily wearing o

Re: [squid-users] Trying to set up SSL cache - solved!

On 23.02.22 21:09, Dave Blanchard wrote: OK--I solved the problem by removing the "ssl_bump bump all" line. Works fine now. Damn, this proxy is a TOTAL PAIN IN THE ASS!! to configure. configuring proxy is very easy, bumping SSL is not. Since SSL is designed to encrypt traffic between ende -