., Sébastien WENSKE wrote:
Hey,
It would be great if this feature becomes available !!!
Then please submit a Feature Request bug.
acl aclname_1 type_1
acl aclname_2 type_2
acl aclname_3 type_3
acl aclname_4 type_4
[...]
http_access allow|deny aclname_*
Cheers!
-Message d'origine
Hey,
It would be great if this feature becomes available !!!
acl aclname_1 type_1
acl aclname_2 type_2
acl aclname_3 type_3
acl aclname_4 type_4
[...]
http_access allow|deny aclname_*
Cheers!
-Message d'origine-
De : Nick Cairncross [mailto:nick.cairncr...@condenast.co.uk]
Envoyé :
Hi List,
I just install from sources the last 3.2.9 squid with ssl-bump feature.
It works fine, except that I get random crashes as you can see below:
[...]
2013/03/14 16:48:45 kid1| assertion failed: client_side.cc:3584:
!switchedToHttps_
2013/03/14 16:48:48 kid1| Starting Squid Cache version
Hi Hasanen,
All certificates are generated on-the-fly by your Squid CA - who is
sefl-signed.
So you have to install/deploy this self-signed Root CA on all your clients.
Cheers!
Sebastien WENSKE
-Message d'origine-
De : Hasanen AL-Bana [mailto:hasa...@gmail.com]
Envoyé : jeudi 14 mars
Hope this can help :)
http://www.sw-servers.net/how-to-pass-pci-tests-with-squid/
Best Regards,
Sebastien WENSKE
, Sébastien WENSKE wrote:
Hope this can help :)
http://www.sw-servers.net/how-to-pass-pci-tests-with-squid/
Best Regards,
Sebastien WENSKE
Just wondering how it helps in these tests?
Since not everybody knows the reason you should explain the cause and the
result of the patch.
Regards,
Eliezer
, Sébastien WENSKE wrote:
Hope this can help :)
http://www.sw-servers.net/how-to-pass-pci-tests-with-squid/
Best Regards,
Sebastien WENSKE
Wouldn't just compiling against OpenSSL build that has had zlib compression
disabled get the same end result, without requiring a patch and editing your
[mailto:elie...@ngtech.co.il]
Envoyé : mercredi 12 décembre 2012 16:33
À : squid-users@squid-cache.org
Cc : Sébastien WENSKE
Objet : Re: [squid-users] tcp_outgoing_mark + https
On 12/12/2012 09:44 AM, Sébastien WENSKE wrote:
Eliezer,
I'm running Debian 6 with a 3.6.9 kernel, Shorewall
Hi List,
I'm trying the tcp_outgoing_mark feature with dstdomain acls in order to
route web traffic on several WAN links, but I noticed that it doesn't
works with https requests.
Does someone know how to achieve this?
Many Thanks.
Sebastien
smime.p7s
Description: S/MIME cryptographic
ROUTE web traffic over WAN connections.
Do you have preference for specific routes? maybe you just want to
load-balance?
Maybe your approach is not in the right direction anyway?
Regards,
Eliezer
On 12/11/2012 4:00 PM, Sébastien WENSKE wrote:
Hi List,
I'm trying the tcp_outgoing_mark feature
-
De : Eliezer Croitoru [mailto:elie...@ngtech.co.il]
Envoyé : mardi 11 décembre 2012 20:43
À : Sébastien WENSKE
Cc : squid-users@squid-cache.org
Objet : [squid-users] Re: RE : [squid-users] tcp_outgoing_mark + https
Hey Sébastien,
What linux and what squid version?
It's different if your
Cheers,
Sebastien W.
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: mercredi 14 mars 2012 22:33
To: squid-users@squid-cache.org
Subject: Re: [squid-users] RE: TLS v1.2 support
On 15.03.2012 05:16, Sébastien WENSKE wrote:
OpenSSL 1.0.1 (not 10.0.1
@squid-cache.org
Subject: Re: [squid-users] RE: TLS v1.2 support
On 15/03/2012 8:41 p.m., Sébastien WENSKE wrote:
Hello Amos,
I probably did a mistake because I built openssl 10.0.1 in /lib_indep and
specified the path in ./configure with
--with-openssl=/lib_indep/include/openssl
Squid
To: Sébastien WENSKE
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] RE: TLS v1.2 support
On 16/03/2012 1:09 a.m., Sébastien WENSKE wrote:
Thanks Amos for your quick reply,
I tried your recommendations but nothing works, I can't get TLS 1.2 to
work
I get a 404 error on your patch link
Hi guys,
OpenSSL 10.01 just released, it seems that it supports TLS v1.2.
What about Squid?
Cheers,
Sebastien W.
smime.p7s
Description: S/MIME cryptographic signature
OpenSSL 1.0.1 (not 10.0.1)
-Original Message-
From: Sébastien WENSKE [mailto:sebast...@wenske.fr]
Sent: mercredi 14 mars 2012 17:14
To: squid-users@squid-cache.org
Subject: [squid-users] TLS v1.2 support
Hi guys,
OpenSSL 10.01 just released, it seems that it supports TLS v1.2.
What
Hi guys,
Hope you are well !
I'm searching wich program I can use with this directive
sslpassword_program ? I want to put manually the key but I don't want that
squid runs foreground.
Thanks a lot!
Sebastian.
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent:
Hi Dale,
I think that you can achieve that with dynamic stuff like PHP and browser
headers.
Sebastian
-Message d'origine-
De : Dale Mahalko [mailto:dmaha...@gmail.com]
Envoyé : lundi 10 octobre 2011 19:33
À : squid-users@squid-cache.org
Objet : [squid-users] Splash page -- detect if
: mardi 16 novembre 2010 16:13
À : Sébastien WENSKE
Cc : squid-users@squid-cache.org
Objet : RE: [squid-users] RE: RE : [squid-users] [Squid 3.1.9] SSL Reverse
PROXY - Insecure Renegotiation Supported
Hi Amos,
Glad to hear you, I have already try and retry this one, but no changes
Hello guys,
I have set up a squid as SSL reverse proxy, it works very fine.
I have checked SSL security against Qualys and they report me that the
server is vulnerable to MITM attacks because it supports insecured
renegotiation
There is my SSL relating configuration:
https_port
2010
(IIS 7.5)
Maybe I miss something, how can I see which version of openssl is use in squid ?
Tanks,
Sebastian.
-Message d'origine-
De : Dean Weimer [mailto:dwei...@orscheln.com]
Envoyé : lundi 15 novembre 2010 16:42
À : Sébastien WENSKE
Objet : RE: RE : [squid-users] [Squid 3.1.9] SSL
novembre 2010 19:56
À : Sébastien WENSKE; squid-users@squid-cache.org
Objet : RE: [squid-users] RE: RE : [squid-users] [Squid 3.1.9] SSL Reverse
PROXY - Insecure Renegotiation Supported
-Original Message-
From: Sébastien WENSKE [mailto:sebast...@wenske.fr]
Sent: Monday, November 15, 2010 11
is compiled???
Because à every time squid will run correctly in ssl mode... :-/
Man thanks,
Sebastian
-Message d'origine-
De : Amos Jeffries [mailto:squ...@treenet.co.nz]
Envoyé : lundi 15 novembre 2010 23:55
À : Sébastien WENSKE
Cc : Dean Weimer; squid-users@squid-cache.org
Objet : RE
...@treenet.co.nz]
Envoyé : vendredi 12 novembre 2010 02:36
À : squid-users@squid-cache.org
Objet : Re: [squid-users] Squid compression in reverse mode
On 12/11/10 10:39, Sébastien WENSKE wrote:
Hi All,
Below, is what I setup today:
browser--- HTTPS reverse proxy (squid 3.1.9) HTTP
Hi All,
Below, is what I setup today:
browser --- HTTPS reverse proxy (squid 3.1.9) HTTP - OWA
2010
All work fine, but I want be able to compress data on the fly (text,
image...) between squid and browsers (internet clients):
browser --- HTTPS [compression] reverse proxy
connection with a huge amount of 304 queries.
My question is: Is it possible to tell Squid to not check the parent (my
local web server) if an object has been modified for a while? by directory
or mime type?
Cheers,
Sébastien WENSKE.
smime.p7s
Description: S/MIME cryptographic signature
. Either you supplied the wrong credentials (e.g., bad password), or
your browser doesn't understand how to supply the credentials required.
Is it something special to do, on the squid box?
Many thanks,
Sébastien WENSKE
://gallery.wenske.fr/wallpapers/holland_dream_2560x1600.jpg.html?)
I suppose that's due to this directive in the squid.conf:
hierarchy_stoplist cgi-bin ?
Is it possible to enable caching for this kind of url? Maybe with a regex?
Thanks for your help,
Sébastien WENSKE
Sorry I've make a mistake, the url to get the original picture is
http://gallery.wenske.fr/wallpapers/holland_dream_2560x1600.jpg.html?zp=full-image
This will force the download of the picture.
Regards,
Sebastien WENSKE
-Message d'origine-
De : Sébastien WENSKE [mailto:sebast
- - [23/Nov/2009:17:39:23 +0100] GET / HTTP/1.0 200 6761
I've tried some configurqtion with forwarded-for and follow_x_forwarded_for
with no success.
Thanks,
Sébastien WENSKE
: Sébastien WENSKE
Cc : squid-users@squid-cache.org
Objet : Re: [squid-users] RE: Squid 3.0 as reverse proxy
mån 2009-11-23 klockan 15:34 +0100 skrev Sébastien WENSKE:
Sorry I've make a mistake, the url to get the original picture is
http://gallery.wenske.fr/wallpapers/holland_dream_2560x1600.jpg.html
/blog.log reverse_proxy env=is-forwarder
CustomLog /var/log/apache2/blog.log combined env=!is-forwarder
This works pretty fine.
Best regards,
Sébastien WENSKE
-Message d'origine-
De : Henrik Nordstrom [mailto:hen...@henriknordstrom.net]
Envoyé : mardi 24 novembre 2009 00:25
À
Hi Amos,
I have just build the 3.1.0.5 (3.1.0.6 make error), it works fine with the same
configuration.
Ciao, Thx,
Sébastien.
-Message d'origine-
De : Amos Jeffries [mailto:squ...@treenet.co.nz]
Envoyé : lundi 2 mars 2009 01:42
À : Sébastien WENSKE
Cc : squid-users@squid-cache.org
: samedi 28 février 2009 23:51
À : Sébastien WENSKE
Cc : squid-users@squid-cache.org
Objet : Re: [squid-users] Squid NTLM + Windows Vista update
Sébastien WENSKE wrote:
Hi All,
I have some troubles to get update with windows vista when I use squid with
NTLM.
28/Feb/2009:19:04:39.534 2 10.0.0.11
Hi All,
I get error when try to built squid 3.1.0.6:
./configure --localstatedir=/var --prefix=/usr --includedir=/usr/include
--datadir=/usr/share --bindir=/usr/sbin --libexecdir=/usr/lib/squid
--exec-prefix=/usr --sysconfdir=/etc/squid --enable-icmp --enable-arp-acl
10.0.0.15 TCP_MISS/200 871 GET
http://www.google.fr/images/flags/zm_flag.png canardwc DIRECT/209.85.229.103
image/png
And there is no file in the cache dir
it worked before
what could be the cause?
Ask me for more details.
Many thanks,
Sébastien WENSKE
without the authentication
process?
Many thanks,
Sébastien WENSKE.
.
-Message d'origine-
De : crobert...@gci.net [mailto:crobert...@gci.net]
Envoyé : jeudi 8 janvier 2009 21:45
À : squid-users@squid-cache.org
Objet : Re: [squid-users] Squid failover between DIRECT connect and PARENT PROXY
Sébastien WENSKE wrote:
Hi all,
I've set a squid server to use direct
/10.151.8.10 text/html
1231335159.585 0 127.0.0.1 TCP_MISS/503 2373 POST
http://playlist.yacast.net/ - DIRECT/playlist.yacast.net text/html
---
Any ideas ???
Best Regards,
Sébastien WENSKE
Hi all,
I need to setup squid to use a parent proxy when direct connection failed.
--
acl playlist dstdomain .yacast.net
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access
Hi All,
I'm currently setting up a squid under windows with basic authentification.
The goal is to allow access to different cache peer regarding the logged
user.
squid.conf---
auth_param basic program c:/squid/libexec/ncsa_auth.exe
c:/squid/etc/proxy_users.pwd
Hi guys,
Iget some troubles with squid3-stable8 when I try ti enable it on boot
Starting squid: WARNING: Cannot write log file: /var/logs/cache.log
/var/logs/cache.log: Permission denied
[...]
squid: ERROR: Could not read pid file
/var/logs/squid.pid: (13) Permission denied
It work fine when I
: [squid-users] squid won't start on boot
On Wednesday 23 July 2008, Sébastien WENSKE wrote:
Hi guys,
Iget some troubles with squid3-stable8 when I try ti enable it on boot
Starting squid: WARNING: Cannot write log file: /var/logs/cache.log
/var/logs/cache.log: Permission denied
[...]
squid
127.0.0.1 TCP_MISS/403 550 POST
http://host.soecific.net/ - DIRECT/xxx.xxx.xxx.xxx text/html
Why POST method try DIRECT ? What's wrong?
Thanks in advance.
Best Regards,
Sébastien WENSKE
Nordstrom [EMAIL PROTECTED]
To: Sébastien WENSKE [EMAIL PROTECTED]
Cc: squid-users@squid-cache.org
Sent: Sunday, July 06, 2008 9:10 PM
Subject: Re: [squid-users] cache_peer_domain + POST
On sön, 2008-07-06 at 15:49 +0200, Sébastien WENSKE wrote:
Hi all,
I have set a cache_peer_domain to use
It works fine !! thank you so much !!!
- Original Message -
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Sébastien WENSKE [EMAIL PROTECTED]
Cc: squid-users@squid-cache.org
Sent: Sunday, July 06, 2008 10:51 PM
Subject: Re: [squid-users] cache_peer_domain + POST
On sön, 2008-07-06 at 21
46 matches
Mail list logo
