On 25/04/2012 5:44 p.m., anita wrote:
Hi Amos,
Thanks for the reply. I could now understand the meaning of transparent
proxy wrt DNS lookups !
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0801
In order to prevent malicious clients using the proxy to bypass browser
security, firewal
On 25/04/2012 5:41 p.m., Kirk Hoganson wrote:
On 04/24/2012 10:17 PM, Amos Jeffries wrote:
On 25/04/2012 2:54 p.m., Kirk Hoganson wrote:
I modified the squid.conf to add support for TPROXY:
http_port 3128 transparent
http_port 3129 tproxy
Or:
http_port 3128 tproxy
Both changes result in th
Looking at the explanation you gave it seems that forward_proxy is not
a necessary if my setup allows for it. My case is that of simple
forward proxy. I do not have any proxy peers, nor am i accessing the
cachemgr.cgi. So in the case of normal webpage requests e.g
www.google.com none of these shoul
Hi Eliezer ..
Thanks! I get a better picture of the client/DNS lookups now.!
- Anita
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/DNS-Squid-tree-with-parent-child-tp4573394p4585613.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Hi Amos,
Thanks for the reply. I could now understand the meaning of transparent
proxy wrt DNS lookups !
Regards,
Anita
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/DNS-Squid-tree-with-parent-child-tp4573394p4585612.html
Sent from the Squid - Users mailing
On 04/24/2012 10:17 PM, Amos Jeffries wrote:
On 25/04/2012 2:54 p.m., Kirk Hoganson wrote:
I modified the squid.conf to add support for TPROXY:
http_port 3128 transparent
http_port 3129 tproxy
Or:
http_port 3128 tproxy
Both changes result in the following error when attempting to start
the
On 25/04/2012 12:48 a.m., Jose A. Vidal wrote:
Hi all,
I have a transparent configuration of squid 2.6.STABLE21 without
SquidGuardian
nor other addons.
Tried an upgrade? 2.7.STABLE9 at minimum, although even that is about to
get deprecated now.
I have configured the iptables to redirect
On 25/04/2012 2:54 p.m., Kirk Hoganson wrote:
I modified the squid.conf to add support for TPROXY:
http_port 3128 transparent
http_port 3129 tproxy
Or:
http_port 3128 tproxy
Both changes result in the following error when attempting to start
the daemon:
* Starting Squid HTTP Proxy 3.0 squid
On 4/24/12 4:52 PM, Andrew Beverley wrote:
Hi, I’m very sorry it took so long for me to test this and reply;
unfortunately, under 3.2.0.16 and 3.2.0.17 I still don’t see
clientside_tos ever marking packets. My clientside_tos configuration
has been working perfectly with 3.0.STABLE26 for the last
On 25/04/2012 6:02 a.m., Eliezer Croitoru wrote:
as for some people asking me recently about youtube cache i have
checked again and found that youtube changed their video uris and
added an argument called "range" that is managed by the youtube player.
the original url\uri dosnt include range but
On 25/04/2012 1:40 a.m., Ahmed Talha Khan wrote:
On Tue, Apr 24, 2012 at 5:37 PM, Amos Jeffries wrote:
On 24/04/2012 10:32 p.m., Ahmed Talha Khan wrote:
Hey All,
Does squid cache web-pages when configured in the forward interception
proxy mode i.e http_port x:y intercept.? If so how can it be
I modified the squid.conf to add support for TPROXY:
http_port 3128 transparent
http_port 3129 tproxy
Or:
http_port 3128 tproxy
Both changes result in the following error when attempting to start the
daemon:
* Starting Squid HTTP Proxy 3.0 squid3
FATAL: Bungled squid.conf line 880: http_port
On 25/04/2012 1:48 a.m., Ahmed Talha Khan wrote:
Hey Amos,,
Can you explain a little how this forward-proxy will be used by squid?
So i might be able to make a plausible cause for my setup not working.
Sure.
1) When producing an error page there are CSS embeded images(s),
2) When generating F
On 25/04/2012 3:34 a.m., Eliezer Croitoru wrote:
On 24/04/2012 18:14, Muhammad Yousuf Khan wrote:
ok i trim down config file to this as you suggested of blocking
whitelist to local net.. let see how things work tommorw. ill update.
but block list is like 10MB big do you think it could be the
pr
> >> Hi, I’m very sorry it took so long for me to test this and reply;
> >> unfortunately, under 3.2.0.16 and 3.2.0.17 I still don’t see
> >> clientside_tos ever marking packets. My clientside_tos configuration
> >> has been working perfectly with 3.0.STABLE26 for the last month.
> >
> > Can you
ok Thanks ill lookinto that as well
Thanks for letting me know
On Wed, Apr 25, 2012 at 1:01 AM, Marcus Kool
wrote:
> A 10 MB flat file of domains contains roughly 50 domains.
> You also use time-based ACLs and ACLs based on IP address range.
>
> This config can be implemented using ufdbGuard
A 10 MB flat file of domains contains roughly 50 domains.
You also use time-based ACLs and ACLs based on IP address range.
This config can be implemented using ufdbGuard,
a free URL rewriter for Squid.
ufdbGuard is better maintained than squidGuard and has more
features.
Marcus
On 04/24/2
as for some people asking me recently about youtube cache i have checked
again and found that youtube changed their video uris and added an
argument called "range" that is managed by the youtube player.
the original url\uri dosnt include range but the youtube player is using
this argument to sav
On 24/04/2012 18:14, Muhammad Yousuf Khan wrote:
ok i trim down config file to this as you suggested of blocking
whitelist to local net.. let see how things work tommorw. ill update.
but block list is like 10MB big do you think it could be the
problem.as every query has to be matched with 10 MB
ok i trim down config file to this as you suggested of blocking
whitelist to local net.. let see how things work tommorw. ill update.
but block list is like 10MB big do you think it could be the
problem.as every query has to be matched with 10 MB database.
?
#-Allow All ACL
Hey Amos,,
Can you explain a little how this forward-proxy will be used by squid?
So i might be able to make a plausible cause for my setup not working.
-talha
On Tue, Apr 24, 2012 at 11:43 AM, Ahmed Talha Khan wrote:
> By did not work i mean that web pages are not getting
> processed.Initial
On Tue, Apr 24, 2012 at 5:37 PM, Amos Jeffries wrote:
> On 24/04/2012 10:32 p.m., Ahmed Talha Khan wrote:
>>
>> Hey All,
>>
>> Does squid cache web-pages when configured in the forward interception
>> proxy mode i.e http_port x:y intercept.? If so how can it be turned
>> off.?
>
>
> "cache deny al
What you need to do is to redirect your 443 traffic to https_port.
https_port option is required to intercept traffic on port 443. This
patch will resolve the url redirection loop error that your browser is
giving you.
Putting ssl-bump option in https_port doenot make much of a differnce
because p
No, i have no access to the content switch. And if a user does not use
the common address, but the own ip address of the server, than it is
useless.
Gellert
-- Forwarded message --
From: FredB
Date: 2012/4/24
Subject: Re: [squid-users] allow one connection for one authenticated
u
My problem is (actually it is not my problem, but i have to solve it)
that if a user sets the proxy in the browser for proxy4 on
workstation1 and on workstation2 he/she sets it to proxy5, he/she can
use it on 2 different workstations, which is not allowed.
How can i achieve that the restrictions a
> Hi,
>
> i have a very exciting question. (Well, actually it is exciting for
> me
> only). I have 3 identical squid servers with squid-2.7.STABLE5.
> There is a Cisco content switch witch a common ip address for the 3
> servers for load balancing and failover purposes.
> There is a common dns
Hi,
i have a very exciting question. (Well, actually it is exciting for me
only). I have 3 identical squid servers with squid-2.7.STABLE5.
There is a Cisco content switch witch a common ip address for the 3
servers for load balancing and failover purposes.
There is a common dns name for the proxy
Hi all,
I have a transparent configuration of squid 2.6.STABLE21 without
SquidGuardian
nor other addons.
I have configured the iptables to redirect tcp 80 to standard
Squid port and forwarded all other ports to reach destinations.
Everthing is fine:
1.-clients can open their hotmail/gmail a
On 24/04/2012 10:32 p.m., Ahmed Talha Khan wrote:
Hey All,
Does squid cache web-pages when configured in the forward interception
proxy mode i.e http_port x:y intercept.? If so how can it be turned
off.?
"cache deny all" does what you ask.
I actually want to bench-mark squid performance in
Hey All,
Does squid cache web-pages when configured in the forward interception
proxy mode i.e http_port x:y intercept.? If so how can it be turned
off.?
I actually want to bench-mark squid performance in terms of
requests-per-second that squid can support. I do not want squid to
cache the web pa
You might want to look at
http://bugs.squid-cache.org/show_bug.cgi?id=2976. There was a
quick-fix which caused even more problems. This is a hard-coded value
that causes all requests to be forcibly written to "http" even
"https". You can reverse it via this patch
http://bugs.squid-cache.org/attach
Hi guys and girls,
I've been trying to setup a "transparent"(from the users side) SSL
interception proxy, I realise this isn't advised as it's breaks SSL and
voids any user privacy etc, but this is for a school that needs to be able
to monitor and control social networking access for students and
are you taking about the delay pools rules?
also if it's a proxy that is open to the internet i would limit the
access to port 3128 to only lan.
your http_access rules are allowing anyone to use the proxy for the
whitelist.
Regards,
Eliezer
On 24/04/2012 09:06, Muhammad Yousuf Khan wrote:
o
33 matches
Mail list logo