at 12:26 PM Patrícia Sousa wrote:
> I think so.
>
> Here is the conf file: https://pastebin.com/DKMbwNV6
>
> Felipe Arturo Polanco escreveu no dia quinta,
> 13/02/2020 à(s) 16:22:
>
>> Did you configure Squid to accept both HTTP and HTTPS ports?
>>
>
Squid machine does not goes through the proxy. Any idea why?
>
> Felipe Arturo Polanco escreveu no dia quinta,
> 13/02/2020 à(s) 15:32:
>
>> Hi,
>>
>> For this, you need to use IPtables to block at the network level.
>>
>> SSH uses port 22/tcp but wget us
Hi,
For this, you need to use IPtables to block at the network level.
SSH uses port 22/tcp but wget uses HTTP, it should have been blocked by
squid.
Enabled debug_options in squid to see why it was allowed.
On Thu, Feb 13, 2020 at 11:10 AM Patrícia Sousa wrote:
> I'm using the squid proxy an
Thanks for the reply,
Is there a documentation for squid 5 on this feature?
On Sat, Feb 8, 2020, 8:34 PM Amos Jeffries wrote:
> On 9/02/20 5:17 am, Felipe Arturo Polanco wrote:
> > Hi,
> >
> > Can squid be set up as a transparent proxy for HTTP and HTTPS and at
>
Hi,
Can squid be set up as a transparent proxy for HTTP and HTTPS and at
the same time use an upstream proxy?
It means converting GET request from a client to a CONNECT request to an
upstream server.
Thanks,
___
squid-users mailing list
squid-users@lis
connection aborted??
On Wed, Nov 27, 2019 at 12:44 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/27/19 11:01 AM, Felipe Arturo Polanco wrote:
>
> > How can we then terminate an ICAP 200 OK transaction to squid without
> > sending the complete body back to
Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/26/19 4:12 PM, Felipe Arturo Polanco wrote:
>
> > The flow is the following:
> > ICAP transaction is sent to ICAP server with a PREVIEW header
> > ICAP server sends ICAP header 100 Continue
> > ICAP
nding the last chunk since the file is a virus.
On Tue, Nov 26, 2019 at 4:52 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/26/19 2:52 PM, Felipe Arturo Polanco wrote:
>
> > We are sending an encapsulated HTTP 307 redirect webpage header whenever
> &
, 2019 at 3:44 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/26/19 10:15 AM, Felipe Arturo Polanco wrote:
>
> > While we can successfully scan our files and do content adaptation, we
> > have been struggling to find a way to close the ICAP transactio
Hi,
We have an ICAP server for Squid 4.
While we can successfully scan our files and do content adaptation, we have
been struggling to find a way to close the ICAP transaction before passing
the whole body back to squid and at the same time avoid squid marking one
icap failure.
This is for an IC
Thanks for the information Alex, we will handle this at ICAP level then.
Regards,
On Wed, Nov 6, 2019 at 2:24 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/6/19 1:03 PM, Felipe Arturo Polanco wrote:
> > 4.7 from this branch:
> >
> https://github
4.7 from this branch:
https://github.com/measurement-factory/squid/tree/SQUID-323-WebSocket-support
On Wed, Nov 6, 2019 at 12:47 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/6/19 8:49 AM, Felipe Arturo Polanco wrote:
> > I have this warning in the logs:
reply access lists to work?
On Tue, Nov 5, 2019 at 6:01 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/5/19 4:23 PM, Felipe Arturo Polanco wrote:
> > I tried 200 status code from the
> > webserver directly and doesn't work either.
>
> Sounds like a
It comes from an Icap server but I tried 200 status code from the webserver
directly and doesn't work either.
On Tue, Nov 5, 2019 at 4:43 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 11/5/19 3:06 PM, Felipe Arturo Polanco wrote:
>
> > I have been tryi
Hi,
I have been trying to match http_status acl in my squid.conf file but it
has no effect.
My goal is to add a given header to specific HTTP return codes.
eg:
This works:
acl user1 src 192.168.0.6/32
reply_header_add Cache-Control "no-store" user1
This doesn't work:
acl 307_redirect http_statu
uss...@measurement-factory.com> wrote:
> On 9/30/19 12:23 PM, Felipe Arturo Polanco wrote:
>
> > Does anyone know if Squid support early ICAP responses from the ICAP
> > server in the middle of a body transfer?
>
> I do not know for sure. A source code comment implies that Squ
Hi,
Does anyone know if Squid support early ICAP responses from the ICAP server
in the middle of a body transfer?
If so, can anybody provide an example of early responses? I have Squid
sending me a TCP Reset whenever I send out an early response in the middle
of a transfer.
Thanks,
_
asurement-factory.com> wrote:
> On 9/16/19 2:58 PM, Felipe Arturo Polanco wrote:
>
> > In our case we don't need to modify the initial 10MB, just scan it for
> > virus and if found, send a reset back to squid to not transmit the file.
>
> Yes, my original response
Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 9/16/19 10:37 AM, Felipe Arturo Polanco wrote:
>
> > We would like to add some logic to our custom made ICAP server, one of
> > these logics is to analyze up to 10MB of data of a given file and if the
> > file is
Hi,
We would like to add some logic to our custom made ICAP server, one of
these logics is to analyze up to 10MB of data of a given file and if the
file is larger than that, squid should not keep sending it to icap,
basically, a 204 message should be returned.
We understand this is not possible w
Hi,
Is it possible to use SQUID ACL inside ClamAV or any other ICAP server?
The idea is to have a list of file types to be denied for some users and
allowed for some others.
Thanks,
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://
Hi,
I'm trying to find a way to get the HTTP traffic analysed after being
decrypted, by using Snort.
Does someone know how to do this? I can redirect IP traffic with regular
HTTP into Snort but I haven't found a way inside squid to do the same.
Thanks!
___
04/03/2019 19:27, Felipe Arturo Polanco escreveu:
>
> Hi,
>
> I have been trying to block https://web.whatsapp.com/ from squid and I
> have been unable to.
>
> So far I have this:
>
> I can block other HTTPS websites fine
> I can block www.whatsapp.com fine
> I cann
Hi,
I have been trying to block https://web.whatsapp.com/ from squid and I have
been unable to.
So far I have this:
I can block other HTTPS websites fine
I can block www.whatsapp.com fine
I cannot block web.whatsapp.com
I have HTTPS transparent interception enabled and I am bumping all TCP
conn
I see.
Are you aware of any unofficial patch or something to tunnel
websockets over HTTPS in squid?
On Thu, Feb 21, 2019 at 5:33 PM Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 2/21/19 2:11 PM, Felipe Arturo Polanco wrote:
>
> > I have been trying to make we
Hi,
I have been trying to make websockets work over HTTPS but so far I haven't
been able to.
I'm trying the following websites that use websockets and none of them work:
speedtest.net
web.whatsapp.com
https://slack.com/help/test
If I explicitly splice those domain names in squid.conf they work f
26 matches
Mail list logo
