Re: [squid-users] Squid reverse-proxy. How it decides when to refresh?

It's all pretty clear to me now after I read RFC and found relationship between that and refresh_pattern usage. Thank you. On Fri, Sep 1, 2017 at 4:46 PM, Amos Jeffries wrote: > On 02/09/17 00:18, Alexander Lazarev wrote: > >> Well. looks like squid using heuristics after

Re: [squid-users] Squid reverse-proxy. How it decides when to refresh?

On 02/09/17 00:18, Alexander Lazarev wrote: Well. looks like squid using heuristics after all: 2017/09/01 14:49:12.296 kid2| 22,3| refresh.cc(291) refreshCheck: checking freshness of 'http://mydomain.zone/1.txt' 2017/09/01 14:49:12.296 kid2| 22,3| refresh.cc(312) refreshCheck: Matched ' 0 20%%

Re: [squid-users] Squid reverse-proxy. How it decides when to refresh?

Well. looks like squid using heuristics after all: 2017/09/01 14:49:12.296 kid2| 22,3| refresh.cc(291) refreshCheck: checking freshness of 'http://mydomain.zone/1.txt' 2017/09/01 14:49:12.296 kid2| 22,3| refresh.cc(312) refreshCheck: Matched ' 0 20%% 259200' 2017/09/01 14:49:12.296 kid2| 22,3|

Re: [squid-users] Squid reverse-proxy. How it decides when to refresh?

Thank you for reply! I still don't understand what's happening. I create file 1.txt with a little bit of text data. Request it with curl. Web-server returns it without any cache related headers to squid, squid returns it to me. Getting it with curl one more time, squid serves it straight from

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

] Sent: Wednesday, August 30, 2017 4:56 PM To: Olivier MARCHETTA <olivier.marche...@outlook.com>; squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Reverse Proxy and WebDAV caching On 31/08/17 03:35, Olivier MARCHETTA wrote: > Hello, > > I've made many test, but it se

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 31/08/17 03:35, Olivier MARCHETTA wrote: Hello, I've made many test, but it seems not wanting to deliver from the cache. I think the objects are in the cache, I have modified the cache in memory object size. And now I can see the memory being filled up as I transfer / GET the files from

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 30/08/17 22:17, Olivier MARCHETTA wrote: Hello Amos, This morning, for some reasons, I can't reproduce the Hits in the memory. Squid is only routed for tenant.sharepoint.com so I don't know what I was Hitting yesterday. But I have collected extended info. I repeatedly loaded the same .jpg

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

Hello Amos, This morning, for some reasons, I can't reproduce the Hits in the memory. Squid is only routed for tenant.sharepoint.com so I don't know what I was Hitting yesterday. But I have collected extended info. I repeatedly loaded the same .jpg file several times. Always a Miss (high

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 30/08/17 04:02, Olivier MARCHETTA wrote: Hello, Sorry for posting fast. But if I have done another test using Internet Explorer to download the files instead of WebDAV. And now I will see the cache Hits raising up to 100% in the memory. Yay.

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

.nz>; squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Reverse Proxy and WebDAV caching Hello again, I have quickly setup a Squid version 3.5.26 on Windows and with a minimalist config file: --- acl allsrc s

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

squid-users@lists.squid-cache.org Subject: RE: [squid-users] Squid Reverse Proxy and WebDAV caching Hello Amos, Thank you for your answer. I have applied the configuration updates you recommended. My squid config file is more simple now. But unfortunately, I can see the cache filling

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

-Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Amos Jeffries Sent: Saturday, August 26, 2017 5:21 AM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Reverse Proxy and WebDAV caching On 26/08/17 00:49, Olivier MARCHETTA

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 26/08/17 00:49, Olivier MARCHETTA wrote: Hello, Finally Squid is caching my SharePoint online documents. But it doesn't work yet. If I enable offline mode, the WebDAV client will not be able to download documents from the cache. That directive was designed for HTTP/1.0 behaviours and only

Re: [squid-users] Squid reverse-proxy. How it decides when to refresh?

On 26/08/17 00:37, Alexander Lazarev wrote: Hello guys! I'm using squid as a reverse-proxy. And I can't understand how squid decides when to check for fresh version of file from origin server. It looks like for some documents it sends 'If-Modified-Since' or similar headers and if it gets 304,

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

Hello, Finally Squid is caching my SharePoint online documents. But it doesn't work yet. If I enable offline mode, the WebDAV client will not be able to download documents from the cache. And I will see the following errors in the log:

[squid-users] Squid reverse-proxy. How it decides when to refresh?

Hello guys! I'm using squid as a reverse-proxy. And I can't understand how squid decides when to check for fresh version of file from origin server. It looks like for some documents it sends 'If-Modified-Since' or similar headers and if it gets 304, it serves file from cache. And for some

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 25/08/17 20:18, Olivier MARCHETTA wrote: Hello Amos, Thank you for your help. I have probably misconfigured the refresh_pattern in my config file. Below more information. My squid conf file: - http_port 10.10.10.10:3128

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

-Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Amos Jeffries Sent: Thursday, August 24, 2017 11:59 PM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid Reverse Proxy and WebDAV caching On 25/08/17 04:16, Olivier MARCHETTA

Re: [squid-users] Squid Reverse Proxy and WebDAV caching

On 25/08/17 04:16, Olivier MARCHETTA wrote: Hello Squid Users, I have configured a squid reverse proxy to access Microsoft SharePoint Online with the aim of caching the document libraries into the squid cache for a branch office. But so far I can see the access log with the GET HTTP

[squid-users] Squid Reverse Proxy and WebDAV caching

Hello Squid Users, I have configured a squid reverse proxy to access Microsoft SharePoint Online with the aim of caching the document libraries into the squid cache for a branch office. But so far I can see the access log with the GET HTTP requests from the users but none will be stored into

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Amos Jeffries > > Reason #1 is that the TLS protocol is a security protocol for securing a > single 'hop' (just one TCP connection). So ideally TLS details would not > be remembered at all, it's a dangerous thing in security to remember

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

I'm sorry to interrupt, gentlemen - but Microsoft does not use certificate pinning in OWA? 01.02.2017 22:19, Amos Jeffries пишет: > On 27/01/2017 9:31 p.m., Vieri wrote: >> >> >> >> - Original Message - From: Alex Rousskov >> >> It's interesting to

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 27/01/2017 9:31 p.m., Vieri wrote: > > > > > - Original Message - From: Alex Rousskov > > >>> It's interesting to note that the following actually DOES give >>> more information (unsupported > >>> protocol):> >> * If the server sent nothing, then

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Alex Rousskov >> It's interesting to note that the following actually DOES give more >> information (unsupported >> protocol):> > * If the server sent nothing, then Curl gave you potentially incorrect > information

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 01/26/2017 03:16 AM, Vieri wrote: > I'm guessing that it > should be possible for Squid to tell OpenSSL to report what it > actually said to the server without the need for an admin to do a > traffic dump and analysis. Your are correct, but, in most cases, it is a lot easier to dump and

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Alex Rousskov > If my reconstruction of the events was correct, then OpenSSL supplied as > much information as it could -- the "unsupported TLS/SSL versions" is > _your_ conclusion based on the information that neither Squid

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 01/25/2017 12:45 AM, Vieri wrote: > From: Alex Rousskov >> The peer at 10.215.144.21:443 accepted Squid connection and then closed >> it, probably before sending anything to Squid > It seems that Squid delegates SSL to OpenSSL and it's really too bad > the latter can't be a little bit more

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Alex Rousskov > > The peer at 10.215.144.21:443 accepted Squid connection and then closed > it, probably before sending anything to Squid Thanks Alex. I was lucky enough to try the following options in cache_peer:

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 01/24/2017 01:02 AM, Vieri wrote: > 2017/01/24 07:58:57.076 kid1| 83,5| bio.cc(139) read: FD 18 read 0 <= 65535 The peer at 10.215.144.21:443 accepted Squid connection and then closed it, probably before sending anything to Squid (you did not show enough FD 18 history to confirm that with

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Amos Jeffries > > You could try with a newer Squid version since the bio.cc code might be > making something else happen in 3.5.23. If that still fails the 4.0 beta > has different logic and far better debug info in this area. Hi

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Amos Jeffries > > You could try with a newer Squid version since the bio.cc code might be > making something else happen in 3.5.23. If that still fails the 4.0 beta > has different logic and far better debug info in this area. I tried

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 01/20/2017 02:13 AM, Amos Jeffries wrote: > The key part is the "Error negotiating SSL on FD 16: > error::lib(0):func(0):reason(0) (5/0/0)" > > Which is OpenSSL's very obtuse way of telling Squid "an error > rhappened". With no helpful details about what error it was. Actually, this

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 20/01/2017 10:44 p.m., Vieri wrote: > > - Original Message - > From: Amos Jeffries > >> Firstly remove the ssloptions=ALL from your config. >> > >> Traffic should be able to go through at that point. > > Thanks for the feedback. > > I tried it again, but this time with a non-OWA

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Amos Jeffries > Firstly remove the ssloptions=ALL from your config. > > Traffic should be able to go through at that point. Thanks for the feedback. I tried it again, but this time with a non-OWA IIS HTTPS server. Here's the

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

On 20/01/2017 1:03 p.m., Vieri wrote: > Hi, > > I'm trying to set up Squid as a reverse proxy on a host with IP address > 10.215.144.91 so that web browsers can connect to it on port 443 and request > pages from an OWA server at 10.215.144.21:443. > > I have this in my squid.conf: > >

[squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

Hi, I'm trying to set up Squid as a reverse proxy on a host with IP address 10.215.144.91 so that web browsers can connect to it on port 443 and request pages from an OWA server at 10.215.144.21:443. I have this in my squid.conf: https_port 10.215.144.91:443 accel

Re: [squid-users] Squid reverse proxy: www.site1.com to www.site2.com/foo/

On 30/04/2016 1:16 a.m., Roberto Carna wrote: > Dear, I'm using Squid in reverse proxy mode. > > Everything is OK, but now I have to do this: > > If a user put in the browser: > > http://www.site1.com > > Squid reverse has to redirect to: > > http://www.site2.com/foo/ > > How can I do

[squid-users] Squid reverse proxy: www.site1.com to www.site2.com/foo/

Dear, I'm using Squid in reverse proxy mode. Everything is OK, but now I have to do this: If a user put in the browser: http://www.site1.com Squid reverse has to redirect to: http://www.site2.com/foo/ How can I do this??? Special thanks, Roberto

Re: [squid-users] Squid reverse proxy and WebSockets.

On 11/03/2016 1:02 a.m., Trent Renshaw wrote: > Hi, > > We are able to pass and perform a WebSocket connection upgrade to a backend > server using Nginx without any issue. > > However, we use Squid as a reverse proxy in our a production environment and > cannot find any documentation on how

[squid-users] Squid reverse proxy and WebSockets.

Hi, We are able to pass and perform a WebSocket connection upgrade to a backend server using Nginx without any issue. However, we use Squid as a reverse proxy in our a production environment and cannot find any documentation on how to pass and/or perform the connection upgrade in Squid.

[squid-users] Squid reverse proxy cache_peer failover

Hi, I did read documentation and googled for that, but did not find anything really useful. I'm using Squid 3.5.13 and trying to achieve that with multiple cache_peer parents, only one is used if it is available. Only when it's not available, secondary is used. Something like this in

Re: [squid-users] Squid reverse proxy cache_peer failover

On 20/01/2016 1:05 a.m., Veiko Kukk wrote: > Hi, > > I did read documentation and googled for that, but did not find anything > really useful. > > I'm using Squid 3.5.13 and trying to achieve that with multiple > cache_peer parents, only one is used if it is available. Only when it's > not

Re: [squid-users] squid reverse proxy and client certs

Hi Thanks I thought that might be the issue. could you point me to an example for requesting client certs for a directory Thanks Alex On 30 December 2015 at 21:56, Matus UHLAR - fantomas wrote: > On 30.12.15 15:11, Alex Samad wrote: >> >> I have squid 3.5.12 working as a

Re: [squid-users] squid reverse proxy and client certs

On 30.12.15 15:11, Alex Samad wrote: I have squid 3.5.12 working as a reverse proxy cache_peer 127.0.0.1 \ parent 443 0 proxy-only no-query no-digest originserver \ login=PASS \ ssl \ sslcafile=/etc/pki/tls/certs/ca-bundle.crt \ sslflags=DONT_VERIFY_PEER \ name=webServer This points to httpd

[squid-users] squid reverse proxy and client certs

Hi I have squid 3.5.12 working as a reverse proxy cache_peer 127.0.0.1 \ parent 443 0 proxy-only no-query no-digest originserver \ login=PASS \ ssl \ sslcafile=/etc/pki/tls/certs/ca-bundle.crt \ sslflags=DONT_VERIFY_PEER \ name=webServer This points to httpd which has a

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 2015-12-10 10:29 pm, Alex Samad wrote: Hi I did the change over today. Tested with Window 7 + exchange 2010 and it wouldn't connect whilst there was no tls1 ! interesting IE worked against the web site so .. Did you come across this issues ? On 11 December 2015 at 11:09, dweimer

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 09/12/2015 12:49, Alex Samad wrote: Hi Can't seem to find 3.5.12 for centos pre compiled at http://www1.ngtech.co.il/repo/centos/6/x86_64/ Since it's in testing I have built and tested for CentOS 7 but yet to publish them. It will take a week or more. Eliezer

Re: [squid-users] squid reverse proxy infront of exchange 2010

Thanxs everyone i will try the changes and try with the debug options Tls1 might be an issue. Might have to look at the ssl offloading config so squid to exchange can be http instead of ssl Eliezer hopefuly you'll do a centos 6. Any chance you can let me have a non released .12 save me

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 10/12/2015 6:29 p.m., Alex Samad wrote: > Hi > > config > https_port 22.4.2.5:443 accel > cert=/etc/httpd/conf.d/office.abc.com.crt > key=/etc/httpd/conf.d/office.abc.com.key defaultsite=office.abc.com > options=NO_SSLv2,NO_SSLv3 > dhparams=/etc/squid/squid-office-dhparams.pem >

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Answer my own question http://www.squid-cache.org/Versions/v3/3.5/cfgman/http_port.html seems like there is a no-vhost, I presume vhost turns it on On 11 December 2015 at 09:23, Alex Samad wrote: > Hi > > > On 10 December 2015 at 23:44, dweimer

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi On 10 December 2015 at 23:44, dweimer wrote: > https_port 10.50.20.12:443 accel defaultsite=mail.mydomain.com \ > cert=/certs/wildcard.certificate.crt \ > key=/certs/wildcard.certificate.key \ > options=NO_SSLv2:NO_SSLv3:NO_TLSv1:SINGLE_DH_USE:CIPHER_SERVER_PREFERENCE

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi So I have taken this config done some slight customization for my site and it appears to be working Thanks for this .. On 10 December 2015 at 23:44, dweimer wrote: > On 2015-12-09 11:29 pm, Alex Samad wrote: >> >> Hi >> >> config >> https_port 22.4.2.5:443 accel >>

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 2015-12-10 4:24 pm, Alex Samad wrote: Hi Answer my own question http://www.squid-cache.org/Versions/v3/3.5/cfgman/http_port.html seems like there is a no-vhost, I presume vhost turns it on On 11 December 2015 at 09:23, Alex Samad wrote: Hi On 10 December 2015 at

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 2015-12-09 11:29 pm, Alex Samad wrote: Hi config https_port 22.4.2.5:443 accel cert=/etc/httpd/conf.d/office.abc.com.crt key=/etc/httpd/conf.d/office.abc.com.key defaultsite=office.abc.com options=NO_SSLv2,NO_SSLv3 dhparams=/etc/squid/squid-office-dhparams.pem

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi I did the change over today. Tested with Window 7 + exchange 2010 and it wouldn't connect whilst there was no tls1 ! interesting IE worked against the web site so .. Did you come across this issues ? On 11 December 2015 at 11:09, dweimer wrote: > On 2015-12-10

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Can't seem to find 3.5.12 for centos pre compiled at http://www1.ngtech.co.il/repo/centos/6/x86_64/ On 8 December 2015 at 19:34, Amos Jeffries wrote: > * try an upgrade to 3.5.12. There were some regressions in the .10/.11 > releases that can lead to really weird

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi config https_port 22.4.2.5:443 accel cert=/etc/httpd/conf.d/office.abc.com.crt key=/etc/httpd/conf.d/office.abc.com.key defaultsite=office.abc.com options=NO_SSLv2,NO_SSLv3 dhparams=/etc/squid/squid-office-dhparams.pem

Re: [squid-users] squid reverse proxy infront of exchange 2010

On 8/12/2015 7:35 p.m., Alex Samad wrote: > Hi > > Any suggestions on how to debug this... I wouldn't mind rolling > forward to 3.5 again > Some ideas inline. The main ones are: * re-enable cache.log. It is not optional. * try an upgrade to 3.5.12. There were some regressions in the .10/.11

Re: [squid-users] squid reverse proxy infront of exchange 2010

Hi Any suggestions on how to debug this... I wouldn't mind rolling forward to 3.5 again On 2 December 2015 at 20:39, Alex Samad wrote: > Just to add to this I have a lot of these in the log file > > TCP_MISS_ABORTED/000 0 RPC_IN_DATA > TCP_MISS_ABORTED/200 4322 RPC_OUT_DATA >

Re: [squid-users] Squid reverse proxy with SSL bump

On 09/08/2015 11:41 PM, Amos Jeffries wrote: > On 9/09/2015 8:14 a.m., Alex Rousskov wrote: >> On 09/08/2015 01:33 AM, Amos Jeffries wrote: >>> On 8/09/2015 6:45 p.m., joseph jose wrote: Is it possible to configure a squid reverse proxy with SSL-bump enabled? >> >> >>> The concept does not

[squid-users] Squid reverse proxy with SSL bump

Hi, I have tested squid reverse proxy mode and squid SSL bump both were successful and working fine. Is it possible to configure a squid reverse proxy with SSL-bump enabled? I tried configuring a squid instance in reverse proxy to bump specific domain traffic using following config

Re: [squid-users] Squid reverse proxy with SSL bump

On 8/09/2015 6:45 p.m., joseph jose wrote: > Hi, > > I have tested squid reverse proxy mode and squid SSL bump both were > successful and working fine. > > Is it possible to configure a squid reverse proxy with SSL-bump enabled? The concept does not make any sense. * accel / revers-proxy

Re: [squid-users] Squid reverse proxy with SSL bump

On 09/08/2015 01:33 AM, Amos Jeffries wrote: > On 8/09/2015 6:45 p.m., joseph jose wrote: >> Is it possible to configure a squid reverse proxy with SSL-bump enabled? > The concept does not make any sense. > * accel / revers-proxy traffic is destined to and terminated by the proxy. > * ssl-bump

Re: [squid-users] Squid reverse proxy with SSL bump

On 9/09/2015 8:14 a.m., Alex Rousskov wrote: > On 09/08/2015 01:33 AM, Amos Jeffries wrote: >> On 8/09/2015 6:45 p.m., joseph jose wrote: >>> Is it possible to configure a squid reverse proxy with SSL-bump enabled? > > >> The concept does not make any sense. >> * accel / revers-proxy traffic is

Re: [squid-users] Squid reverse proxy. Redirect based on http header

Hey never mind. I had the wrong idea by using deny_info. I've got it working now. Thanks for the help. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-reverse-proxy-Redirect-based-on-http-header-tp4673063p4673083.html Sent from the Squid - Users

Re: [squid-users] Squid reverse proxy. Redirect based on http header

Hi, I've managed to catch the requests with the following acl: # acl ios browser ^MYApp\/1\.3\.1 # And I am able to redirect them were I want them with the following: # deny_info http://my.other.domain ios http_reply_access deny ios # The requests are going through to the correct server, but the

Re: [squid-users] Squid reverse proxy. Redirect based on http header

Hi Amos, thanks for the prompt reply. So I could follow that example, but use this ACL instead: acl aclname req_header header-name [-i] any\.regex\.here # regex match against any of the known request headers. May be # thought of as a superset of "browser", "referer" and

Re: [squid-users] Squid reverse proxy. Redirect based on http header

On 3/09/2015 11:53 a.m., Sima Yi wrote: > We run several web servers behind a squid reverse proxy. Requests are > directed to a different web server depending on the domain name. > A new requirement has come up to temporarily redirect traffic with a > specific http header to a specific web

Re: [squid-users] Squid reverse proxy. Redirect based on http header

On 3/09/2015 1:44 p.m., PSA wrote: > Hi Amos, thanks for the prompt reply. > > So I could follow that example, but use this ACL instead: > > acl aclname req_header header-name [-i] any\.regex\.here > # regex match against any of the known request headers. May be > # thought

[squid-users] Squid reverse proxy in http https mode

Hi I'm trying to get most optimized solution for caching objects of cloud storage. The data flow I'd like to achieve is: http client http squid reverse mode cache https remote https storage server Common scenarios/examples of accel mode http(s) port include opposite direction of traffic

Re: [squid-users] Squid Reverse Proxy to Exchange 2010 OWA

On 03/11/2015 1:16 am, Alex Samad wrote: This is mine against 2008. haven't had any issues with attachments up to 10M cache_peer 127.0.0.1 parent 443 0 proxy-only no-query no-digest originserver login=PASS ssl sslflags=DONT_VERIFY_PEER sslcert=/etc/httpd/conf.d/o.crt

Re: [squid-users] Squid Reverse Proxy to Exchange 2010 OWA

On 12/03/2015 8:59 a.m., dweimer wrote: On 03/11/2015 1:16 am, Alex Samad wrote: This is mine against 2008. haven't had any issues with attachments up to 10M cache_peer 127.0.0.1 parent 443 0 proxy-only no-query no-digest originserver login=PASS ssl sslflags=DONT_VERIFY_PEER

Re: [squid-users] Squid Reverse Proxy to Exchange 2010 OWA

On 12/03/2015 11:15 a.m., Alex Samad wrote: I have to admit this was built from a lot of googling for a working config. On 11 March 2015 at 19:09, Amos Jeffries squ...@treenet.co.nz wrote: On 11/03/2015 7:16 p.m., Alex Samad wrote: [snip] # List of acceptable URLs to send to the Exchange

Re: [squid-users] Squid Reverse Proxy to Exchange 2010 OWA

On 11/03/2015 7:16 p.m., Alex Samad wrote: This is mine against 2008. haven't had any issues with attachments up to 10M Small audit with things to look at fixing to improve your security when you have some time. cache_peer 127.0.0.1 parent 443 0 proxy-only no-query no-digest originserver

Re: [squid-users] Squid Reverse Proxy Superset / Subset server scenario

On 10/14/2013 09:15 PM, zipped wrote: I need to setup a reverse proxy as follows. I have a master web server that has the superset of my website/database, server A. I also have another website that would have a subset of my website/database, server B. I need a proxy server that can send

[squid-users] Squid Reverse Proxy Superset / Subset server scenario

I've searched a bit and couldn't find the answer to my question. Sorry if this has been posed before. I need to setup a reverse proxy as follows. I have a master web server that has the superset of my website/database, server A. I also have another website that would have a subset of my

Re: [squid-users] Squid Reverse Proxy. Attempted connections to domains we do not host?

On 12/08/2013 7:18 p.m., PSA wrote: We are seeing entries like this in our squid access log: 1376290358.781151 198.2.208.203 TCP_MISS/200 916 GET http://toolbarqueries.google.com.hk/tbr? - HIER_DIRECT/74.125.237.18 text/html Did you get a resolution to this? The open-proxy relaying

[squid-users] Squid Reverse Proxy. Attempted connections to domains we do not host?

We are seeing entries like this in our squid access log: 1376290358.781151 198.2.208.203 TCP_MISS/200 916 GET http://toolbarqueries.google.com.hk/tbr? - HIER_DIRECT/74.125.237.18 text/html 1376290358.813150 198.2.208.203 TCP_MISS/200 916 GET http://toolbarqueries.google.com.hk/tbr? -

Re: [squid-users] Squid Reverse Proxy. Attempted connections to domains we do not host?

On Monday 12 August 2013 at 09:18:24, PSA wrote: We are seeing entries like this in our squid access log: 1376290358.781151 198.2.208.203 TCP_MISS/200 916 GET http://toolbarqueries.google.com.hk/tbr? - HIER_DIRECT/74.125.237.18 text/html People (or rather, bots) searching for open

Re: [squid-users] Squid Reverse Proxy. Attempted connections to domains we do not host?

On 08/12/2013 10:56 AM, Antony Stone wrote: On Monday 12 August 2013 at 09:18:24, PSA wrote: We are seeing entries like this in our squid access log: 1376290358.781151 198.2.208.203 TCP_MISS/200 916 GET http://toolbarqueries.google.com.hk/tbr? - HIER_DIRECT/74.125.237.18 text/html

[squid-users] Squid Reverse Proxy cannot open ports

I'm not sure if what I've done is correct but I've tried my best to follow the instructions found on the Squid documentation page. http://wiki.squid-cache.org/SquidFaq/ReverseProxy Basically I need to set up a reverse Squid proxy with the web server on the same server. Basically what I did was:

Re: [squid-users] Squid Reverse Proxy cannot open ports

Hey, if you insist on serving the local port 80 from the same server I would say you need to make sure the servers are listening to the current port using: netstat -ntlp what is the output?? Eliezer On 07/17/2013 12:00 AM, jc.yin wrote: I'm not sure if what I've done is correct but I've tried

Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

On 04/01/2012 03:21 AM, Amos Jeffries wrote: Other useful things to know; Generating an ETag label for each unique output helps caches detect unique versions without timestamp calculations. The easy ways to do this are to make ETag a MD5 hash of the body object. Or a hash of the Last-Modified

Fwd: Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

(re-send, sent off-list as a mistake) On 04/01/2012 03:21 AM, Amos Jeffries wrote: revalidation is more of a threshold which gets set on each object. Under the threshold no valdation takes place, above it every request gets validated. BUT ... a 304 response revalutating the object can change

Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

On 04/02/2012 02:04 AM, Amos Jeffries wrote: yes I experimented.. I think 60 seconds is perfect for max-age and I get rid of Expires time, it's overridden by the max-age anyway. For Squid-3.1+ yes that is true, older HTTP/1.0 software only obeys Expires:. So it is a matter of whether you want

Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

On 30/03/2012 12:47 p.m., Daniele Segato wrote: Hi, This is what I want to obtain: Environment: * everything on the same machine (Debian GNU\Linux) * server running on tomcat, port 8080 * squid running on port 280 * client can be anywhere, but for now it's on the localhost machine too I want

Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

On 03/31/2012 10:13 AM, Amos Jeffries wrote: On 30/03/2012 12:47 p.m., Daniele Segato wrote: Instead squid is ALWAYS requiring the resource to the server: $ curl -v -H 'If-Modified-Since: Thu, 29 Mar 2012 22:14:20 GMT' 'http://localhost:280/alfresco/service/catalog/products' * About to

Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

On 03/31/2012 05:01 PM, Daniele Segato wrote: On 03/31/2012 10:13 AM, Amos Jeffries wrote: max-age The max-age response directive indicates that the response is to be considered stale after its age is greater than the specified number of seconds. The logic goes like this: Object modified

Re: [squid-users] Squid Reverse Proxy (accel) always contacting the server

On 1/04/2012 3:53 a.m., Daniele Segato wrote: On 03/31/2012 05:01 PM, Daniele Segato wrote: On 03/31/2012 10:13 AM, Amos Jeffries wrote: max-age The max-age response directive indicates that the response is to be considered stale after its age is greater than the specified number of seconds.

[squid-users] Squid Reverse Proxy (accel) always contacting the server

Hi, This is what I want to obtain: Environment: * everything on the same machine (Debian GNU\Linux) * server running on tomcat, port 8080 * squid running on port 280 * client can be anywhere, but for now it's on the localhost machine too I want to set up an http cache to my tomcat server to

Re: [squid-users] Squid reverse proxy configuration

On 24/02/2012 11:35 a.m., Alex Barakov wrote: Hello. I want to set squid as a proxy server to my webserver I am using squid with the following config: http_port 80 accel defaultsite=domain.com vhost cache_peer IPADDRESS parent 80 0 no-query originserver name=myAccel acl our_sites dstdomain

[squid-users] Squid reverse proxy configuration

Hello. I want to set squid as a proxy server to my webserver I am using squid with the following config: http_port 80 accel defaultsite=domain.com vhost cache_peer IPADDRESS parent 80 0 no-query originserver name=myAccel acl our_sites dstdomain domain.com http_access allow our_sites

Re: [squid-users] SQUID Reverse Proxy not forwarding requests to Apache web server

On 3/01/2012 7:33 a.m., Roman Gelfand wrote: Now, you got me curious. k.. I would the reverse proxy to control which server a web request 1) in case of https, forwarded to a web server box based on path 2) in case of http, forwarded based on url and/or path. Once the request is inside a

Re: [squid-users] SQUID Reverse Proxy not forwarding requests to Apache web server

On 2/01/2012 1:52 p.m., Roman Gelfand wrote: My squid server 3.1.6 sits in dmz. On this server, I am running apache server 2.2.9. My goal is to a) cash owa responses b) forward https owa requests to the Apache server on port 8443 c) The Apache server forwards the request to internal exchange

Re: [squid-users] SQUID Reverse Proxy not forwarding requests to Apache web server

Now, you got me curious. k.. I would the reverse proxy to control which server a web request 1) in case of https, forwarded to a web server box based on path 2) in case of http, forwarded based on url and/or path. Please, let me know if this is doable with squid. If so, by all means, I would

[squid-users] SQUID Reverse Proxy not forwarding requests to Apache web server

My squid server 3.1.6 sits in dmz. On this server, I am running apache server 2.2.9. My goal is to a) cash owa responses b) forward https owa requests to the Apache server on port 8443 c) The Apache server forwards the request to internal exchange server. Below, is my squid reverse proxy

Re: [squid-users] Squid - Reverse Proxy

Thank you very much Amos When sibling realtionship is configured in cache_peer without any protocols( icp/htcp), whether squid sends GET request to peers instead of ICP/HTCP requests ? Eg. cache_peer 172.16.1.10 sibling 3128 0 no-query cache_peer 172.16.1.11 sibling 3128 0 no-query Thanks

Re: [squid-users] Squid - Reverse Proxy

On 14/07/11 23:45, viswanathan sekar wrote: Thank you very much Amos When sibling realtionship is configured in cache_peer without any protocols( icp/htcp), whether squid sends GET request to peers instead of ICP/HTCP requests ? Eg. cache_peer 172.16.1.10 sibling 3128 0 no-query cache_peer

[squid-users] Squid - Reverse Proxy

Hello All, I want to configure squid like following setup and please share your views to achieve it. Setup: Squid is configured as a reverse proxy with two Apache servers as parent. In both apache servers video content will be added continuously. Requirement: If the requested object is not

Re: [squid-users] Squid - Reverse Proxy

On 13/07/11 15:52, viswanathan sekar wrote: Hello All, I want to configure squid like following setup and please share your views to achieve it. Setup: Squid is configured as a reverse proxy with two Apache servers as parent. In both apache servers video content will be added continuously.

  1   2   3   >