Yes Dave,
in squid.conf i set
acl myLan src 192.168.1.0/24
and
http_access deny myLan
to try if squid stops me but i can browse. I don't understand why
My iptables rule:
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp
dpt:htt
On 8/10/2013 8:07 a.m., Jury Bogdanov wrote:
Yeah, you was right. When I replaced
ssl_bump server-fist vk
With
ssl_bump server-first all
it works. But I can't understand how to fix that. I don't want bump
all connections.
That change was just a test to verify Alex theory was correct.
On 8/10/2013 2:10 p.m., Gregory K. Spranger wrote:
hi there .. here are my details:
squid/OS details
squid 3.3.9 compiled from source with:
./configure --prefix=/usr \
--includedir=/usr/include \
--datadir=/usr/share/squid \
--bindir=/usr/sbin \
--libexecdir=/usr/lib/s
On 8/10/2013 12:58 p.m., Dave Burkholder wrote:
No squid is not bypassed. The order flow is:
Browser -> Dansguardian -> Squid -> Internet
If you're wanting to limit access via squid ACLs, that's another
aspect altogether.
acl myLan src 10.0.4.0/24
http_access deny myLan all
Do you have s
On 8/10/2013 4:22 a.m., John Gardner wrote:
This email has been classified as: NOT PROTECTIVELY MARKED
This email has been classified as: PROTECT I wonder if someone can help me out
with an issue that has come to light with a new application we are running
behind our Squid 2.6 Reverse Proxy Se
On 8/10/2013 3:01 a.m., IggyDolby wrote:
Hi I'm a Squid newbie and need to configure Squid to proxy HTTP and HTTPS
(Tunnel) requests from external users on Browsers and iPads and resolve to
an IP address were the DNS has not been switched yet.
We can manually change the iPads proxy configuration
On 7/10/2013 10:54 p.m., Vonlanthen, Elmar wrote:
Hello all
There are some problems with the helper module ntlm_fake_auth. I did the tests
with Squid-3.2.13 but 3.3.9 is affected as well.
Hi Volanthen,
First off thank you for testing this in such detail.
FYI: in future this type of code re
hi there .. here are my details:
squid/OS details
squid 3.3.9 compiled from source with:
./configure --prefix=/usr \
--includedir=/usr/include \
--datadir=/usr/share/squid \
--bindir=/usr/sbin \
--libexecdir=/usr/lib/squid \
--localstatedir=/var/run/squid \
--sysconfd
No squid is not bypassed. The order flow is:
Browser -> Dansguardian -> Squid -> Internet
If you're wanting to limit access via squid ACLs, that's another aspect
altogether.
acl myLan src 10.0.4.0/24
http_access deny myLan all
Do you have something like that in squid.conf?
On 10/7/2013 5
I'm sorry Dave, but, in this way squid proxy doesn't affect browsing.
Trying to deny the access to all my network (deny myLan) on
squid.conf, it doesn't stop me and i can browse as i want!
At the moment every http request (dport 80) is redirected --to-port
8080 (dansguardian). Is squid bypassed?
Yeah, you was right. When I replaced
ssl_bump server-fist vk
With
ssl_bump server-first all
it works. But I can't understand how to fix that. I don't want bump
all connections.
Thx,
Jury
> 07.10.2013 20:35 пользователь "Alex Rousskov"
> написал:
>
>> > On 10/07/2013 09:19 AM, Alex Roussko
> On 10/07/2013 09:19 AM, Alex Rousskov wrote:> On 10/07/2013 03:29 AM, Jury
> Bogdanov wrote:
>>> Hello. I have some problems with ssl-bump mode. Can you help me, please?
>>> My configuration:
>>
>>> https_port 192.168.56.100:3130 transparent ssl-bump
>>> generate-host-certificates=on dynamic_ce
This email has been classified as: NOT PROTECTIVELY MARKED
This email has been classified as: PROTECT I wonder if someone can help me out
with an issue that has come to light with a new application we are running
behind our Squid 2.6 Reverse Proxy Server.
At the moment we have a situation shown
On 10/07/2013 03:29 AM, Jury Bogdanov wrote:
> Hello. I have some problems with ssl-bump mode. Can you help me, please?
> My configuration:
> https_port 192.168.56.100:3130 transparent ssl-bump
> generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
> cert=/home/mut/squid.pem key=/home/mut
Hi I'm a Squid newbie and need to configure Squid to proxy HTTP and HTTPS
(Tunnel) requests from external users on Browsers and iPads and resolve to
an IP address were the DNS has not been switched yet.
We can manually change the iPads proxy configuration to point to this proxy.
The site has a Br
Hey Alfredo,
The question you are asking is related to the MAC address level of the
bridge..
The bride flood the ports with the data..
Since the traffic comes to the port of the Proxy machine it gets the MAC
level by demand..
There is no real need for the proxy machine to ask for arp unless there
Hello all
There are some problems with the helper module ntlm_fake_auth. I did the tests
with Squid-3.2.13 but 3.3.9 is affected as well.
The first problem is that the NTLM response header of type "TT" will be
generated wrong.
This one has been generated with the new helper ntlm_fake_auth:
ntl
Hello. I have some problems with ssl-bump mode. Can you help me, please?
My configuration:
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210
18 matches
Mail list logo