Hi have spent two days googling and going through these forums and have not
been able to get https filtering working. I am new to all of this kind of
networking stuff. So i do need a lot of help :)
I have a gateway machine which is my rotuer. On this same gateway i have
squid and qlproxy installed
I got this working. The single change i made was adding the statement
ssl_bump server-first all
if i tried anything else other than "all" it did not work, https did
filtering did not happen. Does anyone know if there is some kind of bug?
--
View this message in context:
http://squid-web-proxy
So if i want to ssl_bump only google, will the following statements work?
acl https_targets dstdomain .google.com
ssl_bump server-first https_targets
I already tried it, and they don't seem to work. What would be a working
configuration if i wanted only google.com to be bumped?
ssl_bump server-f
Does this mean that dstdomain does not work with ssl-bump?
My other reason for not using "ssl-bump server-first all" is that the kindle
fire stops working. I read that it was because of something called ssl
pinning. So i do need to get some kind of targeted bumping to happen.
--
View this mes
Hi Everyone,
I know this has been addressed before, but i am getting this error with just
making one change to the squid.conf file. The system filelimit is set at
16384 and squid at 4096.
Here is my squid.conf
acl localnet src 192.168.13.0/24
acl localnet src 127.0.0.1
acl SSL_ports port 443
acl
I guess i should have mentioned something about the load. It is a home
machine for now. There are 4 of us, me, my wife, a 7 year old and a 4 year
old :) So the load could not have been huge. At the most i was
sharing/torrenting fedora 20 images. The system that squid is running on is
also fedora 20
Yes this is a gateway machine. Here is my long iptables. Thanks for helping.
# Generated by iptables-save v1.4.19.1 on Mon Jun 16 08:10:44 2014
*nat
:PREROUTING ACCEPT [155329:13831056]
:INPUT ACCEPT [163339:10275649]
:OUTPUT ACCEPT [168487:10350058]
:POSTROUTING ACCEPT [544:45054]
:OUTPUT_direct
Hi Eliezer
Here is what network looks like
internet == Router/gateway/squid machine === client machines
The output from my ifconfig is
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 0 (Local Loopback)
RX packets 2068317 bytes 928114310 (885.
Hi Eliezer,
Have you been able to figure out if there is a loop, or do you think
something else is wrong?
sam
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/WARNING-Your-cache-is-running-out-of-filedescriptors-tp4666357p4666414.html
Sent from the Squid - U
