[squid-users] Fwd: Squid does not pass HTTPS traffic transparently

Resending it without an image On Mon, Oct 16, 2023 at 1:59 PM Bud Miljkovic wrote: > Here is my system configuration > - > The setup and the problem > >- The HW box tries to establish an HTTPS transparent connection with a >server located within Internet. >- It uses the Local Server

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

Thank you very much for you answer and explanation Yep, I don’t use name “proxy” for annotations, it was just for example only . Bets regards! Alexg On Wed, 26 Apr 2023 at 18:34, Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 4/26/23 08:08, Alexeyяр Gruzdov wrote: > > Oh...

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 4/26/23 08:08, Alexeyяр Gruzdov wrote: Oh... Looks like I just need to send as answer the list of my policy acl, for example user1 wanted to go over peer1 and peer3 the answer from external script must be like  "OK proxy=peer1 proxy=peer3"  and looks like it works well like I need. User

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

Oh... Looks like I just need to send as answer the list of my policy acl, for example user1 wanted to go over peer1 and peer3 the answer from external script must be like "OK proxy=peer1 proxy=peer3" and looks like it works well like I need. User will go over peer1 and peer3 only by round-robin.

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

Hello! Yes! Thank you! One more question pls: For example I have five of cache_peers and ACL associated with some cache peer. As you know - I used the my external ACL script and now I can put the policy to answer fo my script and squid will get an answer and used the correct ACL for username.

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 4/23/23 14:28, Alexeyяр Gruzdov wrote: One more may be last thing:  - I found the strange behavior  - if I make changes at my ext ACL script (its python ) and then "squid -k reconfigure"  then I can see that my script appears in the "TOP" of process and loads CPU to 100% Check how your

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 24/04/2023 6:28 am, Alexeyяр Gruzdov wrote: Oh Guys ! you are wizards. Works like I wanted.. One more may be last thing:  - I found the strange behavior  - if I make changes at my ext ACL script (its python ) and then "squid -k reconfigure"  then I can see that my script appears in

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

Oh Guys ! you are wizards. Works like I wanted.. One more may be last thing: - I found the strange behavior - if I make changes at my ext ACL script (its python ) and then "squid -k reconfigure" then I can see that my script appears in the "TOP" of process and loads CPU to 100%, if to

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 23/04/2023 5:27 pm, Alexeyяр Gruzdov wrote: Hello Guys! Thank you very much! For now all works like I needed! But I have an one more  questions about how I could to use the kv-pair: ... and then ACL with “note proxy all “ But how the kv-pair must to be looked for this my tag ? I have

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

Hello Guys! Thank you very much! For now all works like I needed! But I have an one more questions about how I could to use the kv-pair: >From wiki : Defined keywords: user= The users name (login) password= The users password (for login= cache_peer option)

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 4/20/23 16:18, Amos Jeffries wrote: On 21/04/2023 6:31 am, Alex Rousskov wrote: On 4/20/23 13:14, Alexeyяр Gruzdov wrote: Tell me please If I right understood I could to get answer like "name=value" from my ACL ext script, instead of "OK" or "ERR", right? Not "instead", but in addition

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 21/04/2023 6:31 am, Alex Rousskov wrote: On 4/20/23 13:14, Alexeyяр Gruzdov wrote: Tell me please If I right understood I could to get answer like "name=value" from my ACL ext script, instead of "OK" or "ERR", right? Not "instead", but in addition to either OK or ERR. Unfortunately, our

Re: [squid-users] Fwd: cache_peer_access by dynamic ACL

On 4/20/23 13:14, Alexeyяр Gruzdov wrote: Tell me please If I right understood I could to get answer like "name=value" from my ACL ext script, instead of "OK" or "ERR", right? Not "instead", but in addition to either OK or ERR. Unfortunately, our documentation of the external ACL helper

[squid-users] Fwd: cache_peer_access by dynamic ACL

Ok. The last issues fixed. Thank you ! Tell me please If I right understood I could to get answer like "name=value" from my ACL ext script, instead of "OK" or "ERR", right? And does it means - I could to get answer depends from what users authorises in to proxy. For example: If user "Jon" -

Re: [squid-users] Fwd: WebSocket support in v4

Hi Amos, Thank you for your reply. Currently WebSockets failover is not a requirement for me. I have a followup question. For HTTPS web sockets as it uses TCP tunnel, it should work on all the versions of Squid proxy, is my understanding correct? Also For HTTP websockets is there any squid(v6)

Re: [squid-users] Fwd: WebSocket support in v4

On 27/01/2023 8:18 pm, sreekanth guru wrote: Hi, Could you please let me know if squid v4 release supports websockets. WebSockets is only supported in so far as it is rejected in the manner to correctly trigger WebSockets failover mechnism. That goes for Squid-5 as well. The upcoming

[squid-users] Fwd: WebSocket support in v4

Hi, Could you please let me know if squid v4 release supports websockets. Thank you. -Sreekanth ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Fwd: Squid shutdown on web request of type http://ftp.domain.country

On 9/22/22 18:07, Francisco wrote: I have compiled and installed Squid proxy (version 5.6) on Debian 11. When I enable certain response size control rules (/*reply_body_max_size*/), Squid stops instantly when making a web request to web-serving FTPs (for example: http://ftp.sld.cu it´s a FTP

[squid-users] Fwd: Squid shutdown on web request of type http://ftp.domain.country

I have compiled and installed Squid proxy (version 5.6) on Debian 11. When I enable certain response size control rules (*reply_body_max_size*), Squid stops instantly when making a web request to web-serving FTPs (for example: http://ftp.sld.cu it´s a FTP site served as HTTP), only happen with

Re: [squid-users] Fwd: Sqid uses all RAM / killed by OOM

On 25/07/22 17:59, Ronny Preiss wrote: Hello all, I have now compiled and installed squid 4.17 as a transition solution on ubuntu 22.04. Can someone support me regarding my question about compiling squid 5.6 on ubuntu 22.04? Since my previous attempts also have the "memory leak" on ubuntu

Re: [squid-users] Fwd: Sqid uses all RAM / killed by OOM

@lists.squid-cache.org Subject: Re: [squid-users] Fwd: Sqid uses all RAM / killed by OOM On 7/25/22 01:59, Ronny Preiss wrote: Can someone support me regarding my question about compiling squid 5.6 on ubuntu 22.04? There is probably some misunderstanding: You are expecting some kind of a patch

Re: [squid-users] Fwd: Sqid uses all RAM / killed by OOM

704261 Email: ngtech1...@gmail.com Web: https://ngtech.co.il/ My-Tube: https://tube.ngtech.co.il/ -Original Message- From: squid-users On Behalf Of Alex Rousskov Sent: Monday, 25 July 2022 23:05 To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Fwd: Sqid uses all RAM / killed

Re: [squid-users] Fwd: Sqid uses all RAM / killed by OOM

On 7/25/22 01:59, Ronny Preiss wrote: Can someone support me regarding my question about compiling squid 5.6 on ubuntu 22.04? There is probably some misunderstanding: You are expecting some kind of a patch for Squid v5.6, but I do not know what patch you are talking about. I am aware of one

[squid-users] Fwd: Sqid uses all RAM / killed by OOM

Hello all, I have now compiled and installed squid 4.17 as a transition solution on ubuntu 22.04. Can someone support me regarding my question about compiling squid 5.6 on ubuntu 22.04? Since my previous attempts also have the "memory leak" on ubuntu 22.04 and squid 5.6 problem again. Kind

[squid-users] Fwd: Sqid uses all RAM / killed by OOM

Hello All, Amos or Alexander can you help me to compile a working squid 5.6 version on Ubuntu 22.04 without this "memory leak". I would need a patch here. As you can see in the mail history below, between me and Eliezer, I have a memory leak problem with Ubuntu 22.04 and the squid 5.2 from the

Re: [squid-users] Fwd: Need help squid with whitelist

On 07.11.21 10:56, prasad mavuluru wrote: I have a squid proxy running on port 3128 allowing whitelisted file to allow specific sites. Is it possible to have another port squid proxy to allow different whitelist files ?. Is there any other approach to achieve this? you can define multiple

[squid-users] Fwd: Need help squid with whitelist

Hi All, I have a squid proxy running on port 3128 allowing whitelisted file to allow specific sites. Is it possible to have another port squid proxy to allow different whitelist files ?. Is there any other approach to achieve this? Thanks, Prasad ___

Re: [squid-users] Fwd: Getting a squid clients list

Thanks so much Amos, really appreciate it. It also turns out that I did have the squidclient tool on my squid server, it just wasn't in the path :) I ran:  squidclient mgr:client_list | grep "Address" and it gave me 28 IPs, then I also ran mgr:info and that too showed "Number of clients

Re: [squid-users] Fwd: Getting a squid clients list

Can anyone help with running squidclient remotely and getting the list of clients, or any other way to get the list of clients? Thanks very much On Tuesday, August 31, 2021, 05:50:12 PM GMT+3, U Zee wrote: Thanks for the pointer Eliezer. I installed it on an Ubuntu 20 machine and

Re: [squid-users] Fwd: Getting a squid clients list

On 3/09/21 1:28 am, U Zee wrote: Can anyone help with running squidclient remotely and getting the list of clients, or any other way to get the list of clients? You just need to adjust the squid.conf of the running Squid to allow management access to the machine you are fetching from.

Re: [squid-users] Fwd: Getting a squid clients list

Thanks for the pointer Eliezer. I installed it on an Ubuntu 20 machine and tried but it didn't seem to work: root@ub20-srv1:~# squidclient -h squid.mydomain.com mgr:client_listHTTP/1.0 403 ForbiddenServer: squid/2.6.STABLE13Date: Tue, 31 Aug 2021 14:45:09 GMTContent-Type:

[squid-users] Fwd: Getting a squid clients list

Hey Uzee, You can use squidclient from another machine to access this machine. I do not remember how by heart but Amos might know if I am guessing right. Eliezer בתאריך יום ב׳, 30 באוג׳ 2021, 14:44, מאת U Zee ‏: > I know and sadly installing it is not possible either. Without > going into the

[squid-users] Fwd: Squid domain block feature is at DNS level ?

Hey, Squid can Intercept both http(port 80) and https(port 443) traffic. When Squid does these it can enforce on both dns and url level. Specifically on https there are technical limitations in some cases. Depends on the setup you can try to test it and make sure it does what you would expect.

[squid-users] Fwd: Squid Proxy Ignoring Hosts File?

Hi, I am having issues configuring Squid using a proxy to resolve host names specified in a host file. While using the proxy I can navigate to other website domains successfully, however when I try to use a name specified in my hosts file then I receive this page in my browser: I have configured

[squid-users] Fwd: The user/password pair is correct, yet squid keeps sending me TCP_DENIED/407

I just realized gmail was using the wrong reply address. Sorry about that. > > acl GRP2 external ADGroup CN=UsuariosInternet,OU=UsersOU,DC=example,DC=com > > acl GRP3 external ADGroup CN=GRP3,OU=UsersOU,DC=example,DC=com > > acl GRP4 external ADGroup CN=GRP4,OU=UsersOU,DC=example,DC=com > >

Re: [squid-users] Fwd: HTTP X-FORWARDED HEADER

On 21/06/20 10:40 pm, Amos Jeffries wrote: > On 21/06/20 10:27 pm, Monika Avalur wrote: >> Hello, >> >> I am using squid proxy to test some application in my company. >> >> I have a use cases where I need to use the X-Forwarded-For header from >> squid proxy  >> >> I tried by editing the squid

Re: [squid-users] Fwd: HTTP X-FORWARDED HEADER

On 21/06/20 10:27 pm, Monika Avalur wrote: > Hello, > > I am using squid proxy to test some application in my company. > > I have a use cases where I need to use the X-Forwarded-For header from > squid proxy  > > I tried by editing the squid configuration file and including > > acl localhost

[squid-users] Fwd: HTTP X-FORWARDED HEADER

Hello, I am using squid proxy to test some application in my company. I have a use cases where I need to use the X-Forwarded-For header from squid proxy I tried by editing the squid configuration file and including acl localhost src 127.0.0.1 forwarded_for on follow_x_forwarded_for allow

Re: [squid-users] Fwd: Squid 4.8 with OpenSSL 1.1.1d

Alex Really looking forward to this patch being submitted and hopefully accepted. Let me know if it would be helpful for me to do some independent testing of the patch. John > On 6 Jan 2020, at 14:53, Alex Rousskov > wrote: > > On 1/3/20 8:40 AM, Yaroslav Pushko wrote: > >> During

Re: [squid-users] Fwd: Squid 4.8 with OpenSSL 1.1.1d

On 1/3/20 8:40 AM, Yaroslav Pushko wrote: > During establishing TLSv1.3 handshake after successfully send our Client > Hello, the server answers us with Hello Retry Request. HelloRetryRequest is a TLS v1.3 feature that tells the client to restart the negotiation (with additional info). Please

Re: [squid-users] Fwd: Squid 4.8 with OpenSSL 1.1.1d

Hi Alex, Thank you for the reply, we update our patch with provided changes. One more thing, with TLSv1.3. There is site https://3frontoffice.tre.se/login with specific behavior in the Chrome browser OS X El Capitan. During establishing TLSv1.3 handshake after successfully send our Client

Re: [squid-users] Fwd: Squid 4.8 with OpenSSL 1.1.1d

On 12/17/19 9:00 AM, Yaroslav Pushko wrote: > Hi All > > We use Squid 4.8 with OpenSSL 1.1.1d in a transparent mode for peek and > splice interception. > > With this version, we lost the possibility to connect to any HTTPS site. > > There are a few issues:  > > * support TLSv1.2 sites

[squid-users] Fwd: Squid 4.8 with OpenSSL 1.1.1d

Hi All We use Squid 4.8 with OpenSSL 1.1.1d in a transparent mode for peek and splice interception. With this version, we lost the possibility to connect to any HTTPS site. There are a few issues: - support TLSv1.2 sites (already discussed in thread

[squid-users] Fwd: 407 error

Hi Team, WE are using the squid proxy on Ubuntu. WE are facing a strange error when try to community through proxy. I am able to access the proxy in the server browser suing the username and password. When I try to push/enable an module throw the proxy we are getting the error message

Re: [squid-users] Fwd: Https blocked sites getting ssl error , with connection abruptly ending - Peek and splice feature

On 1/25/19 10:18 AM, bandeep2000 wrote: > Have configured squid proxy with https whitelisted sites using ssl bump, > peek and splice feature in transparent mode. > Is there a way to terminate the connection with access denied message > gracefully(with 403 error code) Yes, there is, but it

[squid-users] Fwd: Https blocked sites getting ssl error , with connection abruptly ending - Peek and splice feature

Hi Everyone, Have configured squid proxy with https whitelisted sites using ssl bump, peek and splice feature in transparent mode. Although non whitelisted site are getting blocked, but it is not graceful, with 'ssl connect error' and no 403 message(using curl). For http, it is working fine

Re: [squid-users] Fwd: ERROR: http_port or ACL larger than 65536 (short type)

On Friday 30 November 2018 at 19:07:58, kalice caprice wrote: > Hello, > > Inside my squid.conf I'm setting up ACL like this: > > http_port 0.0.0.0:20740 name=20740 So, you're using the name to represent the port number... > acl ip10740 myportname 20740 > > and then > > tcp_outgoing_address

[squid-users] Fwd: ERROR: http_port or ACL larger than 65536 (short type)

Hello, Inside my squid.conf I'm setting up ACL like this: http_port 0.0.0.0:20740 name=20740 acl ip10740 myportname 20740 and then tcp_outgoing_address x.x.x.x ip10740 I've got over 65536 (about 80k) ACL inside my squid.conf and squid throws this error: ERROR: The value '65536' is larger

Re: [squid-users] Fwd: Re: need help with cachemgr

On 11/27/18 11:50 AM, jmperrote wrote: > I try the sentence that > you send my and the problem its the same. You may have several problems. The commands I sent you fixed one of those problems. With those new commands, squidclient sends correct cache manager URL to Squid. > No data retrive from

[squid-users] Fwd: Re: need help with cachemgr

Hello Alex, a think that I dont understand you. I try the sentence that you send my and the problem its the same. No data retrive from cachemgr. squidclient -vv -p 1084 mgr:info verbosity level set to 2 Request: GET cache_object://localhost/info HTTP/1.0 Host: localhost User-Agent:

Re: [squid-users] Fwd: Encrypted browser-squid connection

On 11/12/18 12:52 AM, Alex Crow wrote: > > On 12/11/2018 02:45, supraja sridhar wrote: >> Hi, >> When I try out the encrypted browser-squid connection, no URL loads. I >> get the following error message in the squid access log. >> >> 1541989360.999      0 XXX.XX.XXX.XX NONE/000 0 NONE >>

Re: [squid-users] Fwd: Encrypted browser-squid connection

On 12/11/18 3:45 PM, supraja sridhar wrote: > > Can someone please help me debug this further? > First thing to do is convert your config file to plain-text (ASCII). Squid does not use RTF format config. Second your definition for "all" ACL is incorrect. Remove it and use the built-in one.

[squid-users] Fwd: Encrypted browser-squid connection

Hi, When I try out the encrypted browser-squid connection, no URL loads. I get the following error message in the squid access log. 1541989360.999 0 XXX.XX.XXX.XX NONE/000 0 NONE > error:transaction-end-before-headers - HIER_NONE/- - > I have Firefox-59.0.1 running on Ubuntu loaded with

[squid-users] Fwd: Squid-3.5.27 MITM stopped work after few minutes

cache.log squid.conf Such problem appears on Firefox browser too. P.S. Sorry for spamming of the same message copies

[squid-users] Fwd: (no subject)

Good day! I have a some problem with Squid-3.5.27: after working of 15-20 minutes appears problem with SubjectAlternativeName for any HTTPS websites (for more details see https://forum.netgate.com/topic/134054/squid-3-5-27-ssl-custom-works-few-minutes-mitm-breakdown ). P.S. I can attach logs of

[squid-users] Fwd: squid-3.5.27 pfSense

Good day! I have a some problem: after working of 15-20 minutes (with squid.conf) appears problem with SubjectAlternativeName for any HTTPS websites (for more details see https://forum.netgate.com/topic/134054/squid-3-5-27-ssl-custom-works-few-minutes-mitm-breakdown ). I attach configuration squid

[squid-users] Fwd: [squid-bugs] squid-3.5.27 pfSense

-- Forwarded message - From: Amos Jeffries Date: пн, 27 авг. 2018 г. в 19:55 Subject: Re: [squid-bugs] squid-3.5.27 pfSense To: Денис Степанов , < squid-b...@lists.squid-cache.org> Please be aware that Squid-3.5 is no longer supported. Especially when using SSL-Bump features.

Re: [squid-users] Fwd: Squid - Keepalive connections issue

On 24/04/18 10:46, Vishali Somaskanthan wrote: > Hi all, > > I am working on opening up a persistent connection from Squid -> server. > i have 2 questions.  > > 1. I find Squid sometimes sends a [FIN, ACK] signal to server as a > result of which, Squid sends RST and resets the connection.

[squid-users] Fwd: Squid - Keepalive connections issue

Hi all, I am working on opening up a persistent connection from Squid -> server. i have 2 questions. 1. I find Squid sometimes sends a [FIN, ACK] signal to server as a result of which, Squid sends RST and resets the connection. Ideally, for persistent connections, this shouldn't be the case. Can

Re: [squid-users] Fwd: Outbound IPv6/128 - Possible ?

On 08/04/18 21:04, kalice caprice wrote: > Hello, > > I'm trying to bound mutiples IPv4:Port entry to a different outbound > IPv6 this way: HTTP does not work that way. It is a stateless and multiplexing protocol. Inbound and outbound connections are independent of each other. > > http_port

[squid-users] Fwd: Outbound IPv6/128 - Possible ?

Hello, I'm trying to bound mutiples IPv4:Port entry to a different outbound IPv6 this way: http_port 94.xxx.xxx.204:10001 name=1 acl ip1 myportname 1 tcp_outgoing_address 2a01::::::eb7c:8336 ip1 http_port 94.xxx.xxx.204:10002 name=2 acl ip2 myportname 2 tcp_outgoing_address

[squid-users] [Fwd: VPN ON PROXY]

Original Message Subject: [squid-users] VPN ON PROXY From:abel...@cklass.com.mx Date:Wed, March 7, 2018 6:56 pm To: squid-users@lists.squid-cache.org --

[squid-users] [Fwd: Re: Problem using auth digest]

when i try to use a external application like Firefox.. Ex: Internet Download Manager, Putty, etc.. I config the proxy option and the proxy always refuse the credentials.. Best regards -- On 07/12/17 03:59, aismel.valle

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

On 30/11/17 01:34, minh hưng đỗ hoàng wrote: Dear Amos, Sorry for concluded hurriedly. When i do a test with 1 user, it's seem ok, no more Aler from cache.log. But when i test with more users, the Alert log from cache.log happen again. And so i can't access some https page as chatwork.com ,

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

Dear Amos, Sorry for concluded hurriedly. When i do a test with 1 user, it's seem ok, no more Aler from cache.log. But when i test with more users, the Alert log from cache.log happen again. And so i can't access some https page as chatwork.com , facebook.com 2017/11/29 18:06:41 kid1| SECURITY

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

Dear Amos, I solved my problem by following this : 1 - I used my Mikrotik router as a cache DNS 2 - Both Squid proxy and my client use Mikrotik' DNS => It no more take alert form cache.log Thanks alot :) -- Thanks & Best Regards, -- Đỗ Hoàng Minh Hưng Gmail : hoangminh...@gmail.com

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

> > Not just the Squid machine but *all* the clients going through your Squid >> also have to be using the same DNS resolver for that workaround. Any of >> them using other resolvers (eg 8.8.8.8 or similar services) *will* hit >> these errors. >> > > > And this is my dns config in squid.config :

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

On 25/11/17 19:40, minh hưng đỗ hoàng wrote: Dear Amos, thank you so much for your quickly reply . I have tried to replace my SSL config with your suggestion. But my squid get a error like this in cache.log: 2017/11/25 13:21:49 kid1| SECURITY ALERT: Host header forgery detected on

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

Dear Amos, thank you so much for your quickly reply . I have tried to replace my SSL config with your suggestion. But my squid get a error like this in cache.log: 2017/11/25 13:21:49 kid1| SECURITY ALERT: Host header forgery detected on local=216.58.199.110:443 remote=172.18.18.15:55704 FD 13

Re: [squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

On 25/11/17 02:04, minh hưng đỗ hoàng wrote: Dear Squid-users, I want to setup a Squid proxy in transparent mode http/https traffic without any config in Client site. I use Squid 3.5.20 on Centos7.I just install squid with default feature as *yum install squid.* * * I just do that , but i

[squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config

Dear Squid-users, I want to setup a Squid proxy in transparent mode http/https traffic without any config in Client site. I use Squid 3.5.20 on Centos7.I just install squid with default feature as *yum install squid.* I just do that , but i have some problem with my output logging in access.log

Re: [squid-users] [Fwd: Re: SSL Bump for regex URL comparison]

On 18/11/17 01:45, Joe Foster wrote: Good morning, I have tried the attached but I still receive the same result. I have attached a screen shot to show what happens, its like there is no connection. There isn't ... I have tried it with and without listing 3128 as a safe ssl port. I

[squid-users] [Fwd: Re: SSL Bump for regex URL comparison]

Good morning, I have tried the attached but I still receive the same result. I have attached a screen shot to show what happens, its like there is no connection. I have tried it with and without listing 3128 as a safe ssl port. I imagine its not needed as its generated from Squid. HTTPS

[squid-users] Fwd: ftp-relay squestion

Hi, we want to use https://wiki.squid-cache.org/Features/FtpRelay functions. I try to setup this feature but I have some troubles with it. When I connect to ftp with filezilla over proxy, squid says me about 407 error. Need authenticate. How I can authenticate with my proxy user/pass over ftp

[squid-users] Fwd: Display eCAP meta-information on Squid error-page

Hi Squid users I have a question concerning eCAP implementation in Squid 3.5. My goal is to display data which is provided by an eCAP adapter on a Squid error-page. My primary goal is to achieve this with the eCAP transaction meta-information which is provided by the eCAP adapter with

[squid-users] Fwd: Re: very slow squid response

Hi. Forwarding private reply back to the list in case it helps anyone reply with suggestions. Iraj - please reply to the list in future. Antony. -- Forwarded Message Starts -- Subject: Re: [squid-users] very slow squid response Date: Tuesday 19 September 2017 12:34:47 From:

Re: [squid-users] Fwd: Squid ACL Whitelist not working (?)

On 14/08/17 21:07, Federico Olivieri wrote: Hi all I have Squid proxy in transparent mode for HTTP/HTTPS with splice all mode. I want a bunch of URL to skip Squid so I thought to add the DNS record to the whitelist however it seems like the whitelist is ignored by squid Below my list

[squid-users] Fwd: Squid ACL Whitelist not working (?)

Hi all I have Squid proxy in transparent mode for HTTP/HTTPS with splice all mode. I want a bunch of URL to skip Squid so I thought to add the DNS record to the whitelist however it seems like the whitelist is ignored by squid Below my list .tdesktop.com .whatsapp.com .whatsapp.net

[squid-users] [Fwd: sponsorship for ssl-bump support for upstream proxy in transparent mode]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - Пересылаемое сообщение От: Alexandr Кому: squid-users@lists.squid-cache.org Тема: sponsorship for ssl-bump support for upstream proxy in transparent mode Дата: Sun, 02 Jul 2017 05:47:41 +0300 good day all.

Re: [squid-users] Fwd: reverse proxy HTTPS

On Thu, Mar 9, 2017 at 1:41 PM, Amos Jeffries wrote: > On 6/03/2017 11:21 p.m., sothy shan wrote: > > Hi, > > > > I can give precise what I am doing on this part.See the previous mail > below > > for my exact requirement. > > > > //create the keys. > > > > $openssl req -new

Re: [squid-users] Fwd: reverse proxy HTTPS

On 6/03/2017 11:21 p.m., sothy shan wrote: > Hi, > > I can give precise what I am doing on this part.See the previous mail below > for my exact requirement. > > //create the keys. > > $openssl req -new -keyout key.pem -nodes -x509 -days 365 -out cert.pem > > Both keys(cert.pem and key.pem) are

[squid-users] Fwd: reverse proxy HTTPS

Hi, I can give precise what I am doing on this part.See the previous mail below for my exact requirement. //create the keys. $openssl req -new -keyout key.pem -nodes -x509 -days 365 -out cert.pem Both keys(cert.pem and key.pem) are places in /etc/squid/. Then, I make following in squid.

Re: [squid-users] Fwd: Using Squid to redirect Steam CDNs using storeID_rewrite

On 13/11/2016 12:50 p.m., Stefan Wickstrom wrote: > Hello all, > Apologies for the possibly incorrect format/posting of this query; I am new > to this mode of discussion in relation to software. > > I am attempting to use Squid, in combination with storeID rewrite, to > redirect Steam CDN

[squid-users] Fwd: Using Squid to redirect Steam CDNs using storeID_rewrite

Hello all, Apologies for the possibly incorrect format/posting of this query; I am new to this mode of discussion in relation to software. I am attempting to use Squid, in combination with storeID rewrite, to redirect Steam CDN requests allowing multiple CDN requests to be served from the single

Re: [squid-users] Fwd: Squid ssl bumping. Ssl bumping not working on sites with ssl GOST cypher certificate

On 22/09/2016 1:41 a.m., Сергин Александр wrote: > Hi, can you please explain me, does squid support ssl bumping with site > signed with GOST certificate? > The crypto details in squid.conf are almost always passed directly to the crypto library. So Squid supports what the library does. I don't

[squid-users] Fwd: Squid ssl bumping. Ssl bumping not working on sites with ssl GOST cypher certificate

Hi, can you please explain me, does squid support ssl bumping with site signed with GOST certificate? I have OpenSSL 1.0.2d 9 Jul 2015 openssl engine (dynamic) Dynamic engine loading support *(gost) Reference implementation of GOST engine* *openssl ciphers | grep GOST*

[squid-users] Fwd: Limit Bandwith for youtube....

Sent in private to Amos in error. There are known bugs in delay pools but they > cause very specific low number of multiples or fractions of the > configured pool size - not hundreds of KB faster rates. That's true for the latest version. A few many versions ago there were lots of bugs with

Re: [squid-users] Fwd: All website getting Blocked

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You haven't permissive rule for localnet. 03.08.2016 22:53, Harsha S Aryan пишет: > > -- Forwarded message -- > From: *Harsha S Aryan* > > Date: Wed, Aug 3, 2016 at 10:22

[squid-users] Fwd: All website getting Blocked

-- Forwarded message -- From: Harsha S Aryan Date: Wed, Aug 3, 2016 at 10:22 PM Subject: All website getting Blocked To: squid-users@lists.squid-cache.org Hi, All website getting Blocked using squid3 ubuntu 14.04 Squid Cache: Version 3.3.8 conf file

[squid-users] Fwd: Mark outgoing connection mark same as client side mark

> On 11/05/2016 8:19 p.m., Deniz Eren wrote: >> Hi, >> >> In my system I am using netfilter marks to shape traffic(SNAT, QoS, >> etc.) however when I redirect traffic to Squid using Tproxy I lose the >> mark value(obviously). > > Not obvious at all. The MARK vaue is available to Squid, and if >

Re: [squid-users] Fwd: Modifying squid

On 22/03/2016 10:07 p.m., Ģirts Dālbergs wrote: > Good day to You on the other side! > Not sure where to ask this, so I`m just going to do it here. If this is > the wrong place, please redirect me to the appropriate one. > I`m a squid user and an administrator in a company and I`ve been >

[squid-users] Fwd: Modifying squid

Good day to You on the other side! Not sure where to ask this, so I`m just going to do it here. If this is the wrong place, please redirect me to the appropriate one. I`m a squid user and an administrator in a company and I`ve been requested to produce a HTTPS traffic inspection tool. I`ve decided

Re: [squid-users] Fwd: Re: Authentification LDAP Exception for IP adresse

Thanks for your advice, your are a good community :-) Le 26 févr. 2016 17:57, "Amos Jeffries" a écrit : > On 26/02/2016 10:43 p.m., Jérôme Seuniac wrote: > > Thanks for your help. > > > > I have change my configuration with your advice. > > > > It's works ! > > > > :-) > >

Re: [squid-users] Fwd: Re: Authentification LDAP Exception for IP adresse

> Date: Friday 26 February 2016 10:17:18 > From: Jérôme Seuniac > > Sorry for my squid.conf, want those two IP addresses to be > allowed access without authentication. In that case simply define an ACL for those two addresses and add an http_access line for them before

[squid-users] Fwd: Re: Authentification LDAP Exception for IP adresse

Please also always reply to the list and never to individuals, unless expressly asked to :) Antony. -- Forwarded Message Starts -- Subject: Re: [squid-users] Authentification LDAP Exception for IP adresse Date: Friday 26 February 2016 10:17:18 From: Jérôme Seuniac

[squid-users] Fwd: Problem with sha1 certs and bump server first

Hi, I have some small problems: 1.) Squid generates dynamic certificates with the sha1 algorithm. Is this just a configuration issue or do I have to update to squid 3.5 to fix this? (When I upgrade: Do I still have to change the config?) 2.) When I use bump server-first squid doesn't check for

Re: [squid-users] Fwd: Re: Squid Log messages Database

On 2016-01-18 14:59, Antony Stone wrote: Forwarding private reply back to the list... -- Forwarded Message Starts -- Thanks for your answer. Sorry for my poor english, I'll try to reword because I'm not looking for a log analyzer. In fact, I don't even need Squid itself

Re: [squid-users] Fwd: Squid https bump and google apps

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 16.01.16 7:57, Lucas Castro пишет: > > > On 15-01-2016 17:26, Yuri Voinov wrote: >> >> # - >> # Access Control Lists >> # - >> acl localnet src 192.168.0.0/16# RFC1918

[squid-users] Fwd: Squid https bump and google apps

Amos, Sorry for emailing right to you. -- Forwarded message -- From: lucas castro Date: Fri, Jan 15, 2016 at 2:54 PM Subject: Re: [squid-users] Squid https bump and google apps To: Amos Jeffries Amos, I'm already using

Re: [squid-users] Fwd: Squid https bump and google apps

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 15.01.16 23:55, lucas castro пишет: > Amos, Sorry for emailing right to you. > -- Forwarded message -- > From: lucas castro > Date: Fri, Jan 15, 2016 at 2:54 PM > Subject: Re: [squid-users] Squid

  1   2   3   4   5   6   >