Re: [squid-users] access log without hostname

I upgraded Squid to 3.5.28 September 2019 and compiled it with SSL. Now it's working for both Http and Https site, also logging traffic with hostname. For example, when I write "hotmail.com" in a fresh browser address bar and press Enter, it shows this: Our services aren't available right now

Re: [squid-users] access log without hostname

Okay, I'm using this configuration. For config 1 and 2, there is no difference in access log. For config 3, site is not loading... How to optimize it for a better result? My goal is here, get as much as info about client without issuing a client certificate. --- http_port 3128 http_port 3129

[squid-users] access log without hostname

I'm using squid 3.5.3 to intercept https without issuing the client certificate. https_port 3127 intercept ssl-bump generate-host-certificates=off cert=certs/squid.pem ssl_bump none all So my squid access log is similar to this. Is there any way to make it more meaningful? perhaps hostname?

Re: [squid-users] Non-Transparent HTTP+HTTP Proxy

[Updated] I'm trying to configure Squid 3.5.3 for access controller/captive portal last few days. #1 For this config, on client device: *URL could not be retrieved - Invalid Url* http_port 3128 #2 Squid log throws an Error - No forward port http_port 3128 intercept #3 On client device:

Re: [squid-users] Non-Transparent HTTP+HTTP Proxy

I'm trying to configure Squid 3.5.3 for access controller/captive portal last few days. #1 For this config, on client device: *URL could not be retrieved - Invalid Url* http_port #2 Squid log throws an Error - No forward port http_port 3128 intercept #3 On client device: *URL could not

Re: [squid-users] Non-Transparent HTTP+HTTP Proxy

So my straight-forward goal is here, i. Non-transparent proxy ( transparent doesn't work with captive portal ) ii. LOG HTTP and HTTPS traffic ( for HTTPS hostname will do ) iii. Without issuing any certificate in client device Is it possible with Squid 3.5? -- Sent from:

[squid-users] Non-Transparent HTTP+HTTP Proxy

This is the configuration for my HTTP+HTTPS transparent proxy. I'm using this for logging HTTP and HTTPS traffic without issuing a client certificate. How to modify this configuration to make it NON-TRANSPARENT? In WEB-PROXY which is based on Squid, we can disable it by adding

Re: [squid-users] Squid Transparent Proxy with Coovachilli is not working

So I was testing from a client device(10.1.0.2) which is connected over WiFi to an AP and that AP is connected to eth1 physically. In case you're wondering, eth1 is connected to the server physically. Trying to connect an HTTP website from the above-mentioned client device...

Re: [squid-users] Squid Transparent Proxy with Coovachilli is not working

eht1 is not useless really, Coovachilli created tun0 under eth1. Yes, I've heard about stateful firewall, though this is not my domain of expertise. /CoovaChilli takes control of the internal interface (eth1) using a raw promiscuous socket. It then uses the vtun kernel module to bring up a

Re: [squid-users] Squid Transparent Proxy with Coovachilli is not working

Sorry if I make it more puzzled. Here full packets and config : https://paste.grasehotspot.org/view/raw/384d2a8b Here full iptable rules : https://paste.grasehotspot.org/view/raw/eaf29a16 -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html

Re: [squid-users] Squid Transparent Proxy with Coovachilli is not working

Hello Amos, Okay, ports are fixed from here and forwarded 80 to 3127 in iptables. http_port 3128 # for proxy client http_port 3127 intercept # for http intercept When a user tries to connect an HTTP site, tcpdump -vv -ni eth1 port 80 >>> https://paste.grasehotspot.org/view/raw/f81a60e4

Re: [squid-users] Squid Transparent Proxy with Coovachilli is not working

Hello reinerotto, I've been stuck here for 3 days! This is complete iptable rules after coova-chilli starts : https://paste.grasehotspot.org/view/raw/529efd6c Please have a look at it. -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html

Re: [squid-users] intercept vs. accel vhost allow-direct

Hello, Okay, forward proxy port updated to 3128. This is my scenario here: Internet <> eth0 LAN port <> Server WIFI AP-User <> WIFI AP <> eth1 LAN port <> Server So my AP-USER can browse HTTPS for now, but not HTTP. And Squid3 is handling HTTP transparent proxy here. If I remove Squid3 from the

Re: [squid-users] intercept vs. accel vhost allow-direct

Hello Amos, For clarification, I'm running an AP-Hotspot server(coovachilli, freeradius, squid, etc.) with two NIC(eth0 and eth1). eth0 is for WAN(internet) and eth1 is for managing LAN(APs). Coovachilli is created tun0 under the eth1 interface. I'm using squid-3.4.8 as an HTTP transparent proxy.

[squid-users] Squid Transparent Proxy with Coovachilli is not working

I'm running an AP-Hotspot server(coovachilli, freeradius, squid, etc.) with two NIC(eth0 and eth1). eth0 is for WAN(internet) and eth1 is for managing LAN(APs). Coovachilli is created tun0 under the eth1 interface. I'm using squid3 as an HTTP transparent proxy. Hardware Setup Diagram

Re: [squid-users] intercept vs. accel vhost allow-direct

Hello, etho0 is for WAN and eth1 is for LAN side. and more detailed firewall settings: # Generated by iptables-save v1.4.21 on Thu Sep 12 15:46:58 2019 *nat :PREROUTING ACCEPT [3911:298328] :INPUT ACCEPT [384:30494]

[squid-users] intercept vs. accel vhost allow-direct

I'm running a hotspot(CoovaChilli, Freeradius, etc.) server where Squid-3.4.8(SSL enabled) for caching and logging. My machine is running on Debian 8.1.1 with 2 NIC card. One for WAN and another for LAN to manage hotspot AP(s). ERROR The requested URL could not be retrieved Below configuration