-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
27.10.2016 4:37, Amos Jeffries пишет:
> On 27/10/2016 7:55 a.m., Yuri Voinov wrote:
>>
>> 27.10.2016 0:54, Jok Thuau пишет:
>>
>>> Setting up the client and the proxy to use a common infrastructure for
>>> DNS (dnsmasq on the network) helped a
On 27/10/2016 7:55 a.m., Yuri Voinov wrote:
>
> 27.10.2016 0:54, Jok Thuau пишет:
>
>> Setting up the client and the proxy to use a common infrastructure for
>> DNS (dnsmasq on the network) helped a lot.
>
> Yes, this is common and best practice already. I think, time to write
> article on Wiki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
27.10.2016 0:54, Jok Thuau пишет:
>
> On Wed, Oct 26, 2016 at 11:45 AM, Yuri Voinov > wrote:
>
>
>
> Jok,
>
> it can be DNS leak. Does you tested it? 8.8.8.8 can be poisoned
(probably) or
On Wed, Oct 26, 2016 at 11:45 AM, Yuri Voinov wrote:
>
>
> Jok,
>
> it can be DNS leak. Does you tested it? 8.8.8.8 can be poisoned (probably)
> or intercepted by ISP.
>
>
DNS is working fine and is not being poisoned/intercepted/messed with. The
records that come back from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jok,
it can be DNS leak. Does you tested it? 8.8.8.8 can be poisoned
(probably) or intercepted by ISP.
27.10.2016 0:01, Jok Thuau пишет:
> After being side-tracked with a few different project, I ended up with the
> config below. It appears to
After being side-tracked with a few different project, I ended up with the
config below. It appears to do the right things, though the ACL
organization could use some cleanup...
(Browsing to authorized sites works, browsing to something else, i get a
denied page from squid)
However, even though
On 6/04/2016 6:50 a.m., Jok Thuau wrote:
> On Mon, Apr 4, 2016 at 6:23 PM, Amos Jeffries wrote:
>
>
> If i remove *all* the http_access lines, then the behavior appears
correct
> (from a "splicing/bumping" standpoint).
>
Strange. Squid without
On Mon, Apr 4, 2016 at 6:23 PM, Amos Jeffries wrote:
> >>>
> >>> If i remove *all* the http_access lines, then the behavior appears
> >> correct
> >>> (from a "splicing/bumping" standpoint).
> >>>
> >>
> >> Strange. Squid without any http_access lines should be denying
On 5/04/2016 4:49 a.m., Jok Thuau wrote:
> On Sun, Apr 3, 2016 at 9:59 PM, Amos Jeffries wrote:
>
>> On 4/04/2016 4:18 p.m., Jok Thuau wrote:
>>> I'm attempting to build a transparent proxy (policy based routing on
>>> firewall to squid proxy) with the following behavior:
Thanks James! This is really close to what I need. Comparing this to my
existing config, it looks like i'm pretty close, except that i don't want
to "terminate" the sslbump, i need to send an error notification to the
end-user.
___
squid-users mailing
On Sun, Apr 3, 2016 at 9:59 PM, Amos Jeffries wrote:
> On 4/04/2016 4:18 p.m., Jok Thuau wrote:
> > I'm attempting to build a transparent proxy (policy based routing on
> > firewall to squid proxy) with the following behavior:
> >
> > 1) proxies http traffic for a given set
On Sun, 2016-04-03 at 21:18 -0700, Jok Thuau wrote:
> I'm attempting to build a transparent proxy (policy based routing on
> firewall to squid proxy) with the following behavior:
>
>
>
> 1) proxies http traffic for a given set of domains, provide an message
> otherwise such "domain not allowed"
On 4/04/2016 4:18 p.m., Jok Thuau wrote:
> I'm attempting to build a transparent proxy (policy based routing on
> firewall to squid proxy) with the following behavior:
>
> 1) proxies http traffic for a given set of domains, provide an message
> otherwise such "domain not allowed" or similar
> 2)
I'm attempting to build a transparent proxy (policy based routing on
firewall to squid proxy) with the following behavior:
1) proxies http traffic for a given set of domains, provide an message
otherwise such "domain not allowed" or similar
2) proxies https traffic for a given set of domains
14 matches
Mail list logo