Re: [squid-users] Transparent proxy http 3xx status issues

By the help of God. I'm using squid 4.15 When I said transparent proxy I meant to say that I'm using tproxy configuration with iptables redirection. Squid returns http 503 and when bypassing squid I see http 302. What do you think is the best way to overcome this problem? Thanks, Ben ‫בתאריך

Re: [squid-users] Transparent proxy http 3xx status issues

On 2/09/21 10:43 pm, Ben Goz wrote: By the help of God. I configured squid to be transparent proxy with ssl bump I saw that when the users trying to access next.co.il or pinterest.com They observed squid errors sometimes it's connection refused sometimes connection timed out But when I bypass s

[squid-users] Transparent proxy http 3xx status issues

By the help of God. I configured squid to be transparent proxy with ssl bump I saw that when the users trying to access next.co.il or pinterest.com They observed squid errors sometimes it's connection refused sometimes connection timed out But when I bypass squid proxy it's working fine. I saw t

Re: [squid-users] transparent proxy upgrade 3.5 to 4.12, Error parsing SSL Server Hello Message on FD XX

On 23/06/20 2:50 am, Tanner wrote: > I have squid set up as a transparent outbound proxy using version 3.5. > When upgrading to 4.12, I am seeing an error "Error parsing SSL Server > Hello Message on FD XX" that did not happen before. Here is my config: > ... > > Previous to 4.12, if I tried to

[squid-users] transparent proxy upgrade 3.5 to 4.12, Error parsing SSL Server Hello Message on FD XX

I have squid set up as a transparent outbound proxy using version 3.5. When upgrading to 4.12, I am seeing an error "Error parsing SSL Server Hello Message on FD XX" that did not happen before. Here is my config: http_port 3129 intercept cache_effective_user squid cache_effective_group squid worke

Re: [squid-users] Transparent proxy for WiFi users

On 03/01/18 10:15, Yuri wrote: 03.01.2018 02:13, Amos Jeffries пишет: On 03/01/18 02:48, Roberto Carna wrote: Dear, I've setup a Squid transparent proxy + Squidgard on pfSEnse 2.4 in order to filter HTTP and HTTPS web content for different types of WiFi clients on my company: - Android (diffe

Re: [squid-users] Transparent proxy for WiFi users

03.01.2018 02:13, Amos Jeffries пишет: > On 03/01/18 02:48, Roberto Carna wrote: >> Dear, I've setup a Squid transparent proxy + Squidgard on pfSEnse 2.4 >> in order to filter HTTP and HTTPS web content for different types of >> WiFi clients on my company: >> >> - Android (different versions) >> -

Re: [squid-users] Transparent proxy for WiFi users

On 03/01/18 02:48, Roberto Carna wrote: Dear, I've setup a Squid transparent proxy + Squidgard on pfSEnse 2.4 in order to filter HTTP and HTTPS web content for different types of WiFi clients on my company: - Android (different versions) - Notebooks Windows 7/10 - Iphone - Etc. In some cases, d

[squid-users] Transparent proxy for WiFi users

Dear, I've setup a Squid transparent proxy + Squidgard on pfSEnse 2.4 in order to filter HTTP and HTTPS web content for different types of WiFi clients on my company: - Android (different versions) - Notebooks Windows 7/10 - Iphone - Etc. In some cases, depending on the device Operating System, s

Re: [squid-users] Transparent Proxy in AWS

On Fri, Dec 2, 2016 at 6:27 AM, klops wrote: > Does this mean the squid box has to be the overall gateway for the internal > network for transparrancy to work? > > The reason the proposed setup the way it is is because AWS VPC service has > a service based NAT gateway which we have not low level

Re: [squid-users] Transparent Proxy in AWS

On 2/12/2016 6:27 a.m., klops wrote: > Does this mean the squid box has to be the overall gateway for the internal > network for transparrancy to work? That is just one option. The other two are routing or tunnel, as I mentioned in the second sentence. > > The reason the proposed setup the way i

Re: [squid-users] Transparent Proxy in AWS

Does this mean the squid box has to be the overall gateway for the internal network for transparrancy to work? The reason the proposed setup the way it is is because AWS VPC service has a service based NAT gateway which we have not low level control over and it is the default gateway. We want to

Re: [squid-users] Transparent Proxy in AWS

On 29/11/2016 10:33 a.m., kevin2345 wrote: Hello, new to squid here. I'm trying to setup a transparent proxy with squid for my internal hosts to reach outbound destinations. We are hosted in AWS with a VPC setup and multiple subnets. The squid host is in a "public" subnet that has outbound ac

[squid-users] Transparent Proxy in AWS

Hello, new to squid here. I'm trying to setup a transparent proxy with squid for my internal hosts to reach outbound destinations. We are hosted in AWS with a VPC setup and multiple subnets. The squid host is in a "public" subnet that has outbound access, while the other subnets are "private" wi

Re: [squid-users] Transparent Proxy

On 8/09/2016 11:54 p.m., John Sayce wrote: > Yeah, that was the key. I was expecting my firewall to be doing NAT but > destination NAT rather than source NAT. I hadn't realised this was > completely wrong. > > Got it working now. Source-NAT is fine and sometimes needed to translate between

Re: [squid-users] Transparent Proxy

g] On Behalf Of Antony Stone Sent: 08 September 2016 10:00 To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Transparent Proxy On Thursday 08 September 2016 at 10:44:12, John Sayce wrote: > After I wrote this I realised it should be changing the mac not the > ip, which is

Re: [squid-users] Transparent Proxy

d of policy routing. Regards, Antony. > -Original Message- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Antony Stone Sent: 08 September 2016 09:36 > To: squid-users@lists.squid-cache.org > Subject: Re: [squid-users] Transparent Proxy >

Re: [squid-users] Transparent Proxy

Stone Sent: 08 September 2016 09:36 To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Transparent Proxy On Thursday 08 September 2016 at 10:12:48, John Sayce wrote: > For testing purposes I've reduced it to the following: > > http_port 3128 intercept > #dns_v4

Re: [squid-users] Transparent Proxy

On Thursday 08 September 2016 at 10:12:48, John Sayce wrote: > For testing purposes I've reduced it to the following: > > http_port 3128 intercept > #dns_v4_first on > dns_nameservers 10.8.2.3 194.168.4.100 10.8.2.2 8.8.8.8 > acl wifi src 10.8.14.0/24 > acl all src all > http_access allow all > m

Re: [squid-users] Transparent Proxy

header? Thanks -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Antony Stone Sent: 07 September 2016 10:27 To: 'squid-users@lists.squid-cache.org' Subject: Re: [squid-users] Transparent Proxy On Wednesday 07 September 2016 at 10:51:4

Re: [squid-users] Transparent Proxy

On 7/09/2016 9:27 p.m., Antony Stone wrote: > On Wednesday 07 September 2016 at 10:51:49, John Sayce wrote: > FYI: Jon. Please be careful about yoru use of teh word "forward" and "forwarding". Both NAT and routing are methods of forwarding, but which one is used at each particular step of the pa

Re: [squid-users] Transparent Proxy

On Wednesday 07 September 2016 at 10:51:49, John Sayce wrote: > I believe so. The specific command I used was: > > iptables -t nat -A PREROUTING -i ens33 -p tcp --dport 80 -j REDIRECT > --to-port 3128 > > (For some reason my adapter is ens33, I have no idea why it's not eth0. > Squid is set to

Re: [squid-users] Transparent Proxy

he address translation? when the packet is sent back to the client? -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Antony Stone Sent: 07 September 2016 09:28 To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Transpa

Re: [squid-users] Transparent Proxy

On Wednesday 07 September 2016 at 10:23:02, John Sayce wrote: > I'm trying to set up a transparent proxy but I'm fairly sure I'm missing > something. > > I've followed the instructions on the juniper website along with a couple > of other blogs as per: > https://damn.technology/using-squid-junipe

[squid-users] Transparent Proxy

I'm trying to set up a transparent proxy but I'm fairly sure I'm missing something. I've followed the instructions on the juniper website along with a couple of other blogs as per: https://damn.technology/using-squid-juniper-pbr-transparent-proxy http://davehope.co.uk/Blog/implementing-pbr-and-s

Re: [squid-users] Transparent Proxy on OSX Yosemite

> -Original Message- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf > Of Amos Jeffries > Sent: Thursday, September 1, 2016 11:05 AM > To: squid-users@lists.squid-cache.org > Subject: [EXTERNAL] Re: [squid-users] Transparent Proxy on OS

Re: [squid-users] Transparent Proxy on OSX Yosemite

On 1/09/2016 5:59 a.m., Shively, Gregory wrote: >> On 31/08/2016 11:19 a.m., Shively, Gregory wrote: > >>> I'm attempting to get a squid working as a transparent proxy on >>> OSX > >>> Yosemite. Every attempt ended with a "Forward loop detected". I > >>> initially started with the version from h

Re: [squid-users] Transparent Proxy on OSX Yosemite

> On 31/08/2016 11:19 a.m., Shively, Gregory wrote: > > I'm attempting to get a squid working as a transparent proxy on OSX > > Yosemite. Every attempt ended with a "Forward loop detected". I > > initially started with the version from homebrew and moved to just > > compiling myself to see if I

Re: [squid-users] Transparent Proxy on OSX Yosemite

On 31/08/2016 11:19 a.m., Shively, Gregory wrote: > I'm attempting to get a squid working as a transparent proxy on OSX > Yosemite. Every attempt ended with a "Forward loop detected". I > initially started with the version from homebrew and moved to just > compiling myself to see if I could figure

[squid-users] Transparent Proxy on OSX Yosemite

I'm attempting to get a squid working as a transparent proxy on OSX Yosemite. Every attempt ended with a "Forward loop detected". I initially started with the version from homebrew and moved to just compiling myself to see if I could figure out what was going on. Being new to both pf network and

Re: [squid-users] Transparent proxy and non-transparent proxy on the same squid.

On Thursday 11 August 2016 at 22:15:12, Daniel Reif wrote: > There is any way to run squid in transparent mode and non-transparent > mode in the same squid? Yes - you define one listener on port 80 for the intercept traffic (which *must* be redirected on the Squid box, so it must either be in t

[squid-users] Transparent proxy and non-transparent proxy on the same squid.

There is any way to run squid in transparent mode and non-transparent mode in the same squid? I searched the internet and not found anything about it The transparent proxy is necessary because there are some applications that run on my network that do not have proxy configuration. But the non-tr

Re: [squid-users] Transparent proxy with Ubuntu 15.04 and Squid3

On 2/10/2015 8:15 a.m., Jake wrote: > I have a Squid/Dansguardian proxy server that successfully works when > the client web browser is manually configured to use the proxy address:port. > > What I want to do is configure a transparent proxy server, presuming I > wouldn't have to manually configur

[squid-users] Transparent proxy with Ubuntu 15.04 and Squid3

I have a Squid/Dansguardian proxy server that successfully works when the client web browser is manually configured to use the proxy address:port. What I want to do is configure a transparent proxy server, presuming I wouldn't have to manually configure browsers. My LAN environment diagram: http:

Re: [squid-users] Transparent proxy before NAT

On 14/07/2015 8:34 a.m., John Pearson wrote: > Thanks Yuri for the response, I understand. I do have Shorewall configured > and I understand the security implications. My Router is also the Wireless > AP, so I want to try out this setup without having to buy another Wireless > AP. > > I don't mind

Re: [squid-users] Transparent proxy before NAT

I use a bit another configuration: http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2 As you can see, squid box placed between two routers. Front router uses NAT to white IP, back router has no NAT and configured with WCCPv2 redirection. DMZ configured between two routers.

Re: [squid-users] Transparent proxy before NAT

Thanks Yuri for the response, I understand. I do have Shorewall configured and I understand the security implications. My Router is also the Wireless AP, so I want to try out this setup without having to buy another Wireless AP. I don't mind it being complex, do you have any suggestions on getting

Re: [squid-users] Transparent proxy before NAT

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ah, forgot about: Your squid in scheme I wrote will have static gray IP. And this IP must be excluded from DHCP pool on router. 14.07.15 2:15, John Pearson пишет: > Hi Everyone, > > My setup is: Internet <--> Squid-eth0 <--> Squid-eth1 <--> Rout

Re: [squid-users] Transparent proxy before NAT

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 And beware: Your current configuration is insecure. Very insecure. Especially if you haven't firewall configured on squid box. 14.07.15 2:15, John Pearson пишет: > Hi Everyone, > > My setup is: Internet <--> Squid-eth0 <--> Squid-eth1 <--> Router

Re: [squid-users] Transparent proxy before NAT

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Note: If you want to use two NIC onto Squid box, you need to configure this box TCP stack as a static router. But more better to aggregate both NIC and connect router and squid box with switch. 14.07.15 2:15, John Pearson пишет: > Hi Everyone, >

Re: [squid-users] Transparent proxy before NAT

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Too complex setup for simple task. You can simple re-connect squid box before router and configure it as gateway for devices. And setup NAT redirection directly onto squid box. Something like this: Internet <-> Router + DHCP + NAT <--> S

[squid-users] Transparent proxy before NAT

Hi Everyone, My setup is: Internet <--> Squid-eth0 <--> Squid-eth1 <--> Router <--> Devices Currently the Router is doing NAT and DHCP for the devices connected to it. Squid is in transparent mode. I set up a bridge ( br0). I set up the ebtables and iptables. It works but I want to figure out a w

Re: [squid-users] transparent proxy splice using dstdomain issue

On 8/07/2015 1:54 a.m., S.Kirschner wrote: > Amos Jeffries wrote >> On 7/07/2015 11:45 p.m., S.Kirschner wrote: >>> I think the issues exist because the reverse lookup dont got the anwser >>> "sparkasse.de", but why it does not use the hostname from the dns request >>> to >>> the dns-server ? >> >>

Re: [squid-users] transparent proxy splice using dstdomain issue

Amos Jeffries wrote > On 7/07/2015 11:45 p.m., S.Kirschner wrote: >> I think the issues exist because the reverse lookup dont got the anwser >> "sparkasse.de", but why it does not use the hostname from the dns request >> to >> the dns-server ? > > Because Squid is not a DNS server. > > The HTTP m

Re: [squid-users] transparent proxy splice using dstdomain issue

On 7/07/2015 11:45 p.m., S.Kirschner wrote: > Hi I´m using squid version 3.5.3 as transparent proxy in pfsense and got an > issue with my configuration. > > I would like to bump ssl connections and some should be spliced(for the > example I used "sparkasse.de"), in my case banking sites should be

[squid-users] transparent proxy splice using dstdomain issue

Hi I´m using squid version 3.5.3 as transparent proxy in pfsense and got an issue with my configuration. I would like to bump ssl connections and some should be spliced(for the example I used "sparkasse.de"), in my case banking sites should be spliced. Its working fine when i use IP´s for the acl

Re: [squid-users] Transparent Proxy Configuration

On 1/07/2015 6:21 a.m., Chris Greene wrote: > I’ve had Squid running on Ubuntu for a few weeks. I’d configured the > proxy settings in the browsers. Everything has been working well and > I've been pleased with the results. But now I need to make this a > transparent proxy and I’m running into t

Re: [squid-users] Transparent Proxy Configuration

On 2015-06-30 12:21 PM, Chris Greene wrote: I’ve had Squid running on Ubuntu for a few weeks. I’d configured the proxy settings in the browsers. Everything has been working well and I've been pleased with the results. But now I need to make this a transparent proxy and I’m running into trouble

[squid-users] Transparent Proxy Configuration

I’ve had Squid running on Ubuntu for a few weeks. I’d configured the proxy settings in the browsers. Everything has been working well and I've been pleased with the results. But now I need to make this a transparent proxy and I’m running into trouble & need some help. I’ve got a Destination

Re: [squid-users] transparent proxy

ay, May 13, 2015 12:48:45 PM Subject: Re: [squid-users] transparent proxy On 13/05/2015 8:45 p.m., Simon Dcunha wrote: > Dear All, > > I want to implement transparent proxy with wccp2. kindly appreciate if > someone can advise me a link explaining the steps to follow > That would

Re: [squid-users] transparent proxy

On 13/05/2015 8:45 p.m., Simon Dcunha wrote: > Dear All, > > I want to implement transparent proxy with wccp2. kindly appreciate if > someone can advise me a link explaining the steps to follow > That would be the Squid wiki. Amos ___

[squid-users] transparent proxy

Dear All, I want to implement transparent proxy with wccp2. kindly appreciate if someone can advise me a link explaining the steps to follow regards simon -- - Network Administrator Kuwait Municipality!!! -- This message has been scanned for viruses and dangerous content by MailSc

Re: [squid-users] transparent proxy original_dst err

Hi Amos, We've got response from Cisco team and they've agreed that destination IP gets changed when request passes through Cisco ISG. They are taking reference for configuration from this doc http://www.cisco.com/c/en/us/td/docs/ios/isg/configuration/guide/15_0s/isg_15_0s_book/isg_l4_redirect.

Re: [squid-users] transparent proxy original_dst err

On 22/04/2015 7:31 a.m., jaykbvt wrote: > Hi Amos, > > Thanks for reply, > > I think I got ur point. If I understood correctly, > > if a user makes request for http://www.wikipedia.org then the client request > header should look like: > > src: client_IP:random_port > dst: wikipedia.org(ip_addr

Re: [squid-users] transparent proxy original_dst err

Hi Amos, Thanks for reply, I think I got ur point. If I understood correctly, if a user makes request for http://www.wikipedia.org then the client request header should look like: src: client_IP:random_port dst: wikipedia.org(ip_address):http http request: http_request details. (host,url,etc..)

Re: [squid-users] transparent proxy original_dst err

On 22/04/2015 12:43 a.m., jaykbvt wrote: > Hi Amos, > > Thanks for reply. > > > local=*10.58.200.33:80 remote=10.210.83.249:*3375 FD 10 flags=33: accepted > > > since squid is able to understand which client is requesting and following > lines t

Re: [squid-users] transparent proxy original_dst err

Hi Amos, Thanks for reply. local=*10.58.200.33:80 remote=10.210.83.249:*3375 FD 10 flags=33: accepted since squid is able to understand which client is requesting and following lines talks about request.. parseHttpReque

Re: [squid-users] transparent proxy original_dst err

21.04.15 17:20, Amos Jeffries пишет: On 21/04/2015 10:44 p.m., jaykbvt wrote: Hi, My squid is configured in interception mode with http_port 3130 http_port 3129 intercept squid is running with single network card. request comes from the Cisco ISG and internet is also allowed from the same Cis

Re: [squid-users] transparent proxy original_dst err

On 21/04/2015 10:44 p.m., jaykbvt wrote: > Hi, > My squid is configured in interception mode with > > http_port 3130 > http_port 3129 intercept > > squid is running with single network card. request comes from the Cisco ISG > and internet is also allowed from the same Cisco ISG only. I think th

Re: [squid-users] transparent proxy original_dst err

So, what? What's the problem? 21.04.15 16:44, jaykbvt пишет: Hi, My squid is configured in interception mode with http_port 3130 http_port 3129 intercept squid is running with single network card. request comes from the Cisco ISG and internet is also allowed from the same Cisco ISG only. IPt

[squid-users] transparent proxy original_dst err

Hi, My squid is configured in interception mode with http_port 3130 http_port 3129 intercept squid is running with single network card. request comes from the Cisco ISG and internet is also allowed from the same Cisco ISG only. IPtables has been configured with following squidip = 10.58.200.33

Re: [squid-users] Transparent Proxy

Hi, first of all what error do you get at client side? Timeout? Blank Page? I'm also running squid in an ISG setup, my squid version is Squid Cache: Version 3.1.10 on Centos 6.5 Few things to check: 1) please ensure the iptables-rules are hit correctly by issuing .f.e: iptables -t mangle -vnL 2)i

Re: [squid-users] Transparent Proxy

Hi, As suggested by Amos...I've configured squid box with bellow mentioned config. I followed this doc http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat 1. Configured iptables as: Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination C

Re: [squid-users] Transparent Proxy

On 8/04/2015 9:20 p.m., Jaydeep Kubavat wrote: > Hi, > > I've configured a transparent squid proxy on a centos 6.6 with single NIC. > > There is Cisco ISG in between with L4 redirection on www traffic. > > The requests are coming on port 80 from client and ISG forwards that to > port 80 on my sq

[squid-users] Transparent Proxy

Hi, I've configured a transparent squid proxy on a centos 6.6 with single NIC. There is Cisco ISG in between with L4 redirection on www traffic. The requests are coming on port 80 from client and ISG forwards that to port 80 on my squid server. So there is no iptables configured on squid server

Re: [squid-users] Transparent proxy with Peek and Splice feature.

- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Vadim Rogoziansky > Sent: Friday, 19 December 2014 11:29 PM > To: squid-users@lists.squid-cache.org > Subject: Re: [squid-users] Transparent proxy with Peek and Splice feature. > > Any ideas

Re: [squid-users] Transparent proxy with Peek and Splice feature.

Any ideas, any thoughts? Thanks. 11/29/2014 6:17 AM, Amos Jeffries написав(ла): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/11/2014 2:48 a.m., Vadim Rogoziansky wrote: Hello Amos. Thank you for answer. There was made an investigation related to squid's peek and splice issues in tran

Re: [squid-users] Transparent proxy with Peek and Splice feature.

Yeap, squid perfectly "splice" the destination domain after step1 or step2 or step3 when the browser is set to use proxy directly. But, it does not work in case of transparent proxy. Squid uses the destination IP address instead of SNI details. The example of using client IP address is below: 2

Re: [squid-users] Transparent proxy with Peek and Splice feature.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/11/2014 2:48 a.m., Vadim Rogoziansky wrote: > Hello Amos. > > Thank you for answer. > > There was made an investigation related to squid's peek and splice > issues in transparent mode. One-line explanation is as follows - in > intercept mode s

Re: [squid-users] Transparent proxy with Peek and Splice feature.

Hello Amos. Thank you for answer. There was made an investigation related to squid's peek and splice issues in transparent mode. One-line explanation is as follows - in intercept mode squid can't get a server host name from the request header and uses clent IP address instead for both fake ce

Re: [squid-users] Transparent proxy with Peek and Splice feature.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 26/11/2014 7:22 a.m., Vadim Rogoziansky wrote: > Hello All. > > My goal is to do ssl bumping in transparent proxy mode with domain > exclude possibility. Let me tell you about squid's strange > behaviour when I'm trying to do it. > > In browsers

[squid-users] Transparent proxy with Peek and Splice feature.

Hello All. My goal is to do ssl bumping in transparent proxy mode with domain exclude possibility. Let me tell you about squid's strange behaviour when I'm trying to do it. In browsers it says something like this: /This server could not prove that it is www.ukr.net; its security certificate i

Re: [squid-users] transparent proxy https and self signed certificate error

Ok, finally got the certificate installed properly and can proxy some https sites (gmail, google) but I get an error when going to a bank website. NET::ERR_CERT_COMMON_NAME_INVALID when I created the certificate, I purposefully left the common name blank as per several articles on ssl_bump. So

Re: [squid-users] transparent proxy https and self signed certificate error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6/10/2014 4:24 p.m., Robert Watson wrote: > still trying to get this working. To eliminate the self signed > certificate issue, I got a official signed certificate from > Starfield Tech. LLC. They've sent two certifcates but I'm unsure > how to use

Re: [squid-users] transparent proxy https and self signed certificate error

still trying to get this working. To eliminate the self signed certificate issue, I got a official signed certificate from Starfield Tech. LLC. They've sent two certifcates but I'm unsure how to use these certificates since the ssl_bump parameters only have one certificate as a parameter On Sun,

Re: [squid-users] transparent proxy https and self signed certificate error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/05/2014 01:22 PM, Amos Jeffries wrote: > MSIE 11 seems to be growing in popularity for some reason ;-) > > Amos And Still there is: http://bugs.squid-cache.org/show_bug.cgi?id=4115 For now I am using ssl_crtd of 3.4.5 for google ssl bump to wo

Re: [squid-users] transparent proxy https and self signed certificate error

mailto:rob...@gillecaluim.com>> Date: Sunday 5 October 2014 02:29 To: "squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org>" mailto:squid-users@lists.squid-cache.org>> Subject: [squid-users] transparent proxy https and self signed certificate error u

Re: [squid-users] transparent proxy https and self signed certificate error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 5/10/2014 7:30 p.m., Jason Haar wrote: > On 05/10/14 18:44, Amos Jeffries wrote: >> PS. Google with Chrome appear these days to be the champions of >> unbreakable TLS, their software is continually being updated to >> use/invent new TLS features t

Re: [squid-users] transparent proxy https and self signed certificate error

On 05/10/14 18:44, Amos Jeffries wrote: > PS. Google with Chrome appear these days to be the champions of > unbreakable TLS, their software is continually being updated to > use/invent new TLS features that close loopholes in TLS design which > allow ssl-bump to take place. What worked last month h

Re: [squid-users] transparent proxy https and self signed certificate error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 5/10/2014 1:29 p.m., Robert Watson wrote: > using squid 3.4.8, compiled from source with ./configure flags > --enable-icap-client --enable-ssl --enable-ssl-crtd configured > iptables for transparent proxy (redirect 80 to 3128) and everything > work

[squid-users] transparent proxy https and self signed certificate error

using squid 3.4.8, compiled from source with ./configure flags --enable-icap-client --enable-ssl --enable-ssl-crtd configured iptables for transparent proxy (redirect 80 to 3128) and everything works fine configured iptables for transparent proxy (redirect 443 to 3127) but can't get transparent pr

Re: [squid-users] Transparent proxy with squid and Dansguardian

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Please post a new thread email to the list instead of replying to an existing topic. This has nothing to do with YouTube access control. On 1/10/2014 11:23 p.m., Darren B. wrote: > > HI > > I am trying to set up a router that allows a group of devi

[squid-users] Transparent proxy with squid and Dansguardian

HI I am trying to set up a router that allows a group of devices on a network to access the internet via Dansguardian and squid. I am setting it up as a transparent proxy and locking down the ports with IPtables. I am using IPtables to redirect connections on port 80 from the client and r

[squid-users] Transparent proxy with squid and Dansguardian

HI I am trying to set up a router that allows a group of devices on a network to access the internet via Dansguardian and squid. I am setting it up as a transparent proxy and locking down the ports with IPtables. I am using IPtables to redirect connections on port 80 from the client and r