Re: [squid-users] problem whith squid 3.3.1 in transparent mode

2014-06-12 Thread Giles Coochey
estion mark :-) It would be a good idea to have a look at some packet captures and see what is going on. It's been about a decade since I worked with transparent proxies, but remember it being a bit of a pain in certain circumstances. -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpe

Re: [squid-users] problem whith squid 3.3.1 in transparent mode

2014-06-12 Thread Giles Coochey
do Source NAT, don't you? -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk gi...@coochey.net smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] Squid configuration

2014-04-30 Thread Giles Coochey
t, if it is not then perhaps you would want something like this: ISP | | ISP Router | | Your FirewallDMZYour Proxy | | | Switch | Your LAN PCs. On Wed, Apr 30, 2014 at 4:32 PM, Giles Coochey wrote: On 30/04/2014 11:57, Dwijadas Dey wrote: ISP | | | Linksys Router | |

Re: [squid-users] Squid configuration

2014-04-30 Thread Giles Coochey
over the IP of the proxy and gain access to the Internet for itself. If you put the proxy in a DMZ then it is further protected from this kind of attack. -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7983 877438 http://www.coochey.net http

Re: [squid-users] Question for Squid hardware requirement for 600k user - transparent proxy only, no caching

2013-06-18 Thread Giles Coochey
But wait, what other requirements do you have that a HTTP proxy server can provide? If you don't have any, you don't need a proxy server because it will only get in the way. Perhaps circumventing a national firewall??? -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 7

Re: [squid-users] Linux + TPROXY + Remote Squid

2012-05-25 Thread Giles Coochey
On 25/05/2012 15:35, Thomas York wrote: I have a lab environment set up using two Debian Wheezy servers (Squeeze doesn't have a new enough kernel or iptables to do TPROXY properly). One of the servers is a router and the other is a proxy server. There are several clients connected to the router t

Re: [squid-users] Cache of port 443 with SSL Reverse Proxy

2012-05-16 Thread Giles Coochey
On 16/05/2012 13:39, Sylvio Cesar wrote: 2012/5/15 Amos Jeffries: On 16.05.2012 13:32, Sylvio Cesar wrote: Thanks Amos, 2012/5/15 Amos Jeffries: On 16.05.2012 09:20, Sylvio Cesar wrote: Hi, - It possible do cache of port 443 with SSL Reverse Proxy? Yes. Where I find information a

Re: [squid-users] sŽsquidù(131) connection reset by peer(145) Connection timed out the„$š

2012-05-14 Thread Giles Coochey
On 14/05/2012 19:06, ql li wrote: 搏�'濈-妷雤黔o*^z皑瀢湺*'�)瀡嫮��//== Hi, I don't know if you can try English (however bad it might be?). Thanks Giles smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] Transparent proxy and IP address rotation

2012-05-01 Thread Giles Coochey
you a way. -- Best Regards, Giles Coochey, CCNA Security, CCNA NetSecSpec Ltd giles.cooc...@netsecspec.co.uk Tel: +44 (0) 7983 877 438 Live Messenger: gi...@coochey.net http://www.netsecspec.co.uk http://www.coochey.net smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] UNSUBSCRIBE!!!!

2012-01-24 Thread Giles Coochey
On 24/01/2012 19:20, Oliver Marshall wrote: Nope. Shouldn't really have to hunt in the headers. There should be clear unsubscribe information present within the email body itself. Enough, it's an FAQ http://www.comfsm.fm/computing/squid/FAQ-1.html#ss1.10 smime.p7s Description: S/MIME Cryp

Re: [squid-users] Running squid out of the router/gateway

2012-01-19 Thread Giles Coochey
On 2012-01-19 17:37, Sebastian muniz wrote: Reading at squid site, looks like NATting outgoing connections to a squid running on an other box is not a good idea. Questions: What is the suggested way to implement this scenario? How can I get rid of the loop? THanks in advance. You might look

Re: [squid-users] Writing squid's IP as a response header

2011-03-22 Thread Giles Coochey
erent hostnames. -- Best Regards, Giles Coochey NetSecSpec Ltd NL T-Systems Mobile: +31 681 265 086 NL Mobile: +31 626 508 131 GIB Mobile: +350 5401 6693 Email/MSN/Live Messenger: gi...@coochey.net Skype: gilescoochey smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] SQUID transparent, HTTP/1.0, HTTP/1.1

2011-02-02 Thread Giles Coochey
use real problems. I agree that policy routing is a better implementation, although a lot more complex for some to set up and, I'm guessing, would probably require a custom kernel recompile for many distributions. -- Best Regards, Giles Coochey NetSecSpec Ltd NL T-Systems Mobile: +31 681 2

Re: [squid-users] SQUID transparent, HTTP/1.0, HTTP/1.1

2011-02-01 Thread Giles Coochey
s to 6.1?? -- Best Regards, Giles Coochey NetSecSpec Ltd NL T-Systems Mobile: +31 681 265 086 NL Mobile: +31 626 508 131 GIB Mobile: +350 5401 6693 Email/MSN/Live Messenger: gi...@coochey.net Skype: gilescoochey smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] My compiled 3.2.0.4 version says it is 2.6

2011-01-27 Thread Giles Coochey
ing for Ralf to correct me on that one!! ;-) -- Best Regards, Giles Coochey NetSecSpec Ltd NL T-Systems Mobile: +31 681 265 086 NL Mobile: +31 626 508 131 GIB Mobile: +350 5401 6693 Email/MSN/Live Messenger: gi...@coochey.net Skype: gilescoochey smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] My compiled 3.2.0.4 version says it is 2.6

2011-01-27 Thread Giles Coochey
On 27/01/2011 15:21, Ralf Hildebrandt wrote: * Giles Coochey: On 27/01/2011 15:08, Ralf Hildebrandt wrote: E.g. in Debian it's squid and squid3 -- just check which one is running right now He compiled from source though... Well yes, but if he/she had been running Debian, then the pac

Re: [squid-users] My compiled 3.2.0.4 version says it is 2.6

2011-01-27 Thread Giles Coochey
On 27/01/2011 15:08, Ralf Hildebrandt wrote: E.g. in Debian it's squid and squid3 -- just check which one is running right now He compiled from source though... -- Best Regards, Giles Coochey NetSecSpec Ltd NL T-Systems Mobile: +31 681 265 086 NL Mobile: +31 626 508 131 GIB Mobile:

Re: [squid-users] Squid 2.7 & sync outside time server

2010-10-15 Thread Giles Coochey
On 15/10/2010 13:54, jose perez wrote: Hello. I run a squid proxy server 2.7 and several pcs access to internet through it on a network environment. My windows xp clients cannot time sync to the outside world (time.nist.gov , time-a.nist.gov). It is using 3128 port and internet navigation is rig

Re: [squid-users] Change EXTERNAL IP address with Squid 3.1.8

2010-10-06 Thread Giles Coochey
http://en.wikipedia.org/wiki/X-Forwarded-For You can turn it off with: forwarded_for off http://www.squid-cache.org/Doc/config/forwarded_for/ > On 6/10/2010, at 10:36 PM, Giles Coochey wrote: > >> On Wed, October 6, 2010 11:25, Daniel Herbert-Ward wrote: >>> Hi guys, I woul

Re: [squid-users] Change EXTERNAL IP address with Squid 3.1.8

2010-10-06 Thread Giles Coochey
On Wed, October 6, 2010 11:25, Daniel Herbert-Ward wrote: > Hi guys, I would like to change the external IP address of my whole > network by using squid 3. As in, I know there is a way to show the clients > IP address of THEIR machine when they go to a site like www.whatismyip.com > But I have no i

Re: [squid-users] Connection speed problem with Squid.

2010-09-29 Thread Giles Coochey
On Wed, September 29, 2010 11:03, Daniel Herbert-Ward wrote: > I have a internet connection speed of 15mbps. I have a iMac with 512mb of > ram, with the squid proxy running on that machine (Mac OSX 10.4) The > machine is setup for others to transparently connect to the proxy via that > machine. The