Re: [squid-users] ERROR: Unsupported TLS option SINGLE_ECDH_USE

On 2024-07-05 11:35, Jonathan Lee wrote: tls_outgoing_options options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE ERROR: Unsupported TLS option SINGLE_ECDH_USE Your OpenSSL version defines SSL_OP_SINGLE_ECDH_USE name but otherwise ignores SSL_OP_SINGLE_ECDH_USE. OpenSSL behavior that was

Re: [squid-users] ERROR: Unsupported TLS option SINGLE_ECDH_USE

Does anyone know how to activate the TLS1.3 ciphers? Per lists.squid-cache.org Ref: https://lists.squid-cache.org/pipermail/squid-users/2018-February/017640.html https://openssl.org/blog/blog/2017/05/04/tlsv1.3/ And CVE-2016-0701 "Yes. Due to CVE-2016-0701 the

Re: [squid-users] ERROR: Unsupported TLS option SINGLE_ECDH_USE

Wireshark shows Cipher Suite: TLS_AES_128_GCM_SHA256 is being used How would I append the TLS13-AES-256-CGM-SHA384 cipher suite for use with TLSv1.3 as it states change cipher spec on wireshark > On Jul 5, 2024, at 08:46, Jonathan Lee wrote: > > More details for Unsupported TLS option > >

Re: [squid-users] ERROR: Unsupported TLS option SINGLE_ECDH_USE

More details for Unsupported TLS option When running squid -k parse 2024/07/05 08:40:43| Processing: http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB cert=/usr/local/etc/squid/serverkey.pem cafile=/usr/local/share/certs/ca-root-nss.crt

[squid-users] ERROR: Unsupported TLS option SINGLE_ECDH_USE

tls_outgoing_options cipher=HIGH:MEDIUM:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSStls_outgoing_options options=NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USEDifferent thread for ciphers issuesERROR: Unsupported TLS option SINGLE_ECDH_USEI found researching in lists-squid-cache.org that someone

Re: [squid-users] Error Question

On 2024-06-13 11:07, Jonathan Lee wrote: Bug #1: Coredumps not functional for non-root processes. https://redmine.pfsense.org/issues/1#change-73638 There is a bug in pfSense not allowing core dumps. Glad you are making progress! Since pfSense folks believe this bug is not specific to

Re: [squid-users] Error Question

Bug #1: Coredumps not functional for non-root processes. - pfSense - pfSense bugtrackerredmine.pfsense.orgThere is a bug in pfSense not allowing core dumps. Sent from my iPhoneOn Jun 12, 2024, at 17:58, Jonathan Lee wrote:Shell Output - ls -l /var/log/squid/try.sh-rwxrwxrwx 1 root squid

Re: [squid-users] Error Question

Shell Output - ls -l /var/log/squid/try.sh -rwxrwxrwx 1 root squid 46 Jun 12 17:55 /var/log/squid/try.sh > On Jun 12, 2024, at 15:38, Alex Rousskov > wrote: > > If same user does not expose the difference, start the test script from the > directory where you told Squid to dump core.

Re: [squid-users] Error Question

If same user does not expose the difference, start the test script from the directory where you told Squid to dump core. Shell Output - /var/log/squid/try.sh sh: /var/log/squid/try.sh: Permission denied I can’t run it I have set it to chmod 777 and running it as root. I do not have the sudo

Re: [squid-users] Error Question

On 2024-06-12 17:51, Jonathan Lee wrote: when killing squid I only get the following and no core dumps core does does work Glad you have a working "sanity check" test! I agree with FreeBSD forum folks that you have proven that your OS does have core dumps enabled (in general). Now we need to

Re: [squid-users] Error Question

when killing squid I only get the following and no core dumps core does does work I have tested it with a sanity check with the help of FreeBSD forum users. However it just does not show a core dump for me on anything kill -11 kill -6 killall or kill -SIGABRT. I have it set in the config to use

Re: [squid-users] Error Question

You know what it was, it needed to be bound to the loopback and not just the LAN, again I am still working on getting a core dump file manually. Will update once I get one. Chmod might be needed. Sent from my iPhone > On Jun 12, 2024, at 06:13, Alex Rousskov > wrote: > > On 2024-06-11

Re: [squid-users] Error Question

On 2024-06-11 23:32, Jonathan Lee wrote: So I just run this on command line SIGABRT squid? On Unix-like systems, the command to send a process a signal is called "kill": https://www.man7.org/linux/man-pages/man1/kill.1p.html For example, if you want to abort a Squid worker process that has

Re: [squid-users] Error Question

So I just run this on command line SIGABRT squid? It’s funny as soon as I enabled the sysctl command and set the directory it won’t crash anymore. I also changed it to reside on the loopback before it was only on my lan interface. I run an external drive as my swap partition or a swap drive, it

Re: [squid-users] Error Question

On 2024-06-11 18:09, Jonathan Lee wrote: When I run sysctl debug.kdb.panic=1 I get a crash report for pfsense in var/crash should my path for core dumps use my swap drive too? It is a pfsense-specific question that I do not know the answer for. Perhaps others do. However, you may be able to

Re: [squid-users] Error Question

When I run sysctl debug.kdb.panic=1 I get a crash report for pfsense in var/crash should my path for core dumps use my swap drive too? > On Jun 11, 2024, at 14:42, Alex Rousskov > wrote: > > On 2024-06-11 17:06, Jonathan Lee wrote: > >> I can’t locate the dump file for segmentation fault

Re: [squid-users] Error Question

On 2024-06-11 17:06, Jonathan Lee wrote: I can’t locate the dump file for segmentation fault it never generates one. I assume that you cannot locate the core dump file because your OS/environment is not configured to produce core dump files. Enabling core dumps is a sysadmin task that is

Re: [squid-users] Error Question

I can’t locate the dump file for segmentation fault it never generates one. I am running cache it shows a swap file however it is not readable. I fixed the other issues. > On Jun 11, 2024, at 14:00, Alex Rousskov > wrote: > > On 2024-06-11 14:46, Jonathan Lee wrote: >> 2024-05-16 14:10:23

Re: [squid-users] Error Question

On 2024-06-11 14:46, Jonathan Lee wrote: 2024-05-16 14:10:23 [60780] loading dbfile /var/db/squidGuard/Nick_Blocks/urls.db 2024/06/11 10:23:05 kid1| FATAL: Received Segment Violation...dying. 2024/06/11 10:23:25 kid1| Starting Squid Cache version 5.8 for aarch64-portbld-freebsd14.0...

Re: [squid-users] Error Question

2024-05-16 14:10:23 [60780] loading dbfile /var/db/squidGuard/Nick_Blocks/urls.db 2024/06/11 10:23:05 kid1| FATAL: Received Segment Violation...dying. 2024/06/11 10:23:25 kid1| Starting Squid Cache version 5.8 for aarch64-portbld-freebsd14.0... 2024/06/11 10:23:25 kid1| Service Name: squid

Re: [squid-users] Error Question

thanks i have enabled coredump_dir /var/squid/logs I will submit a dump as soon as it occurs again > On Jun 11, 2024, at 11:17, Jonathan Lee wrote: > > I have attempted to upgrade the program fails to recognize ”DHParamas Key > Size” and will no longer use my certificates and shows many

Re: [squid-users] Error Question

I have attempted to upgrade the program fails to recognize ”DHParamas Key Size” and will no longer use my certificates and shows many errors. I am kind of stuck on 5.8 I do not know where the core dump would be located on pfSense let me research this and get back to you. > On Jun 11, 2024,

Re: [squid-users] Error Question

On 2024-06-11 13:24, Jonathan Lee wrote: FATAL: Received Segment Violation...dying. Does any know how to fix this?? Please post full backtrace from this failure: https://wiki.squid-cache.org/SquidFaq/BugReporting#crashes-and-core-dumps The other information you have already provided may

Re: [squid-users] Error Question

> Can you give any more information such as: > > 1. Which version of Squid is this? > >   squidclamav-7.2      > squid_radius_auth-1.10      > squid-5.8     

Re: [squid-users] Error Question

On Tuesday 11 June 2024 at 19:24:43, Jonathan Lee wrote: > FATAL: Received Segment Violation...dying. connection: conn749025 > local=192.168.1.1:3128 remote=192.168.1.5:59502 flags=1 > > Does any know how to fix this?? Can you give any more information such as: 1. Which version of Squid is

[squid-users] Error Question

FATAL: Received Segment Violation...dying. connection: conn749025 local=192.168.1.1:3128 remote=192.168.1.5:59502 flags=1 Does any know how to fix this??___ squid-users mailing list squid-users@lists.squid-cache.org

Re: [squid-users] Error from icap during respmod

On 2024-05-06 19:39, Arun Kumar wrote: Are you aware of any compatible Python or Java based iCAP server implemenation? I am not aware of any Python- or Java-based ICAP service that I can recommend. AFAIK, most folks looking for a free ICAP service (that resist the temptation to reinvent a

Re: [squid-users] Error from icap during respmod

Thank you very much for the response. Are you aware of any compatible Python or Java based iCAP server implemenation? We want to implement custom virus scanning of the response. I got the book Squid: The Definitive Guide and going over for more understanding. Saw your name mentioned by the

Re: [squid-users] Error during ICAP RESPMOD

On 2024-04-24 21:23, Arun Kumar wrote: I managed to reproduce the problem in my personal setup. Please find the cache logs when the problem is reproduced. Squid version is 5.8 Just to close this old thread: My response[1] on a newer thread (analyzing the same log file you shared on this

Re: [squid-users] Error from icap during respmod

On 2024-04-29 13:06, Arun Kumar wrote: Configured python based icap server (pyicap) and getting 500 Internal Server error during respmod. AFAICT, this ICAP RESPMOD service is buggy: It sends what looks like an HTTP response body chunk after sending an ICAP 100 Continue control message.

[squid-users] Error from icap during respmod

Configured python based icap server (pyicap) and getting 500 Internal Server error during respmod.https://drive.google.com/file/d/19yirXfxKli7NXon4ewiy-v3GpLvECT1i/view?usp=sharing Squid configuration:icap_enable onicap_send_client_ip onicap_send_client_username onicap_client_username_encode

Re: [squid-users] Error during ICAP RESPMOD

I managed to reproduce the problem in my personal setup. Please find the cache logs when the problem is reproduced. Squid version is 5.8 https://drive.google.com/file/d/19yirXfxKli7NXon4ewiy-v3GpLvECT1i/view?usp=sharing On Wednesday, April 24, 2024 at 09:16:23 PM EDT, Arun Kumar wrote:

Re: [squid-users] Error during ICAP RESPMOD

I managed to reproduce the problem in my personal setup. Please find the cache logs when the problem is reproduced. Squid version is 5.8 cache.zip | | cache.zip | On Friday, March 22, 2024 at 11:02:51 PM EDT, Alex Rousskov wrote: On 2024-03-22 13:11, Arun Kumar wrote: > The

Re: [squid-users] Error during ICAP RESPMOD

On 2024-03-22 13:11, Arun Kumar wrote: The lines above are. The content-length is 138 (8a in hex), but the bytes are 144. Could this be the reason? parseMore: have 144 bytes to parse [FD 14;RBG/Comm(14)wr job24] parseMore: 8a^M {"activity":"Make a simple musical

Re: [squid-users] Error during ICAP RESPMOD

The lines above are. The content-length is 138 (8a in hex), but the bytes are 144. Could this be the reason? parseMore: have 144 bytes to parse [FD 14;RBG/Comm(14)wr job24]parseMore: 8a^M{"activity":"Make a simple musical

Re: [squid-users] Error during ICAP RESPMOD

On 2024-03-18 18:46, Arun Kumar wrote: Any idea, the reason for error in ModXact.cc parsePart fuction. Happening during parsing the response from ICAP parsePart: have 144 head bytes to parse; state: 0 parsePart: head parsing result: 0 detail: 600 AFAICT, Squid considers received ICAP

[squid-users] Error during ICAP RESPMOD

Any idea, the reason for error in ModXact.cc parsePart fuction.Happening during parsing the response from ICAP parsePart: have 144 head bytes to parse; state: 0parsePart: head parsing result: 0 detail: 600 ___ squid-users mailing list

Re: [squid-users] Error files removed from 6.7

On 15/02/24 05:01, Stephen Borrill wrote: I see the translations of error messages have been removed from 6.7 compared to 6.6 (and earlier), but I see no mention of this in the changelog: https://github.com/squid-cache/squid/blob/552c2ceef220f3bbcdbedf194eae419fc791098e/ChangeLog Was this

[squid-users] Error files removed from 6.7

I see the translations of error messages have been removed from 6.7 compared to 6.6 (and earlier), but I see no mention of this in the changelog: https://github.com/squid-cache/squid/blob/552c2ceef220f3bbcdbedf194eae419fc791098e/ChangeLog Was this change intentional and, if so, why isn't it

Re: [squid-users] Error 503 accessing Instagram/facebook via IPv6

Hey, Is this a tproxy or intercept setup? Eliezer -Original Message- From: squid-users On Behalf Of marcelorodr...@graminsta.com.br Sent: Saturday, October 30, 2021 09:10 To: squid-users@lists.squid-cache.org Subject: [squid-users] Error 503 accessing Instagram/facebook via IPv6 Hi

Re: [squid-users] Error 503 accessing Instagram/facebook via IPv6

Hello, On 30/10/21 11:40 am, marcelorodr...@graminsta.com.br wrote: > Since last 3-4 days my customers haven't been able to access > www.instagram.com and Facebook throug IPv6s that were already working as > proxies for years. > > I only get 503 error after a time out. > The strangest thing is

[squid-users] Error 503 accessing Instagram/facebook via IPv6

Hi, I have been using squid for several years and am very grateful for the solution. Since last 3-4 days my customers haven't been able to access www.instagram.com and Facebook throug IPv6s that were already working as proxies for years. I only get 503 error after a time out. The

Re: [squid-users] Error negotiating SSL connection on FD 366 - cache.log

thanks Alex seems like one client (it shows the ip) is trying to get to this site but i havnt added it to my white list, so thats why its getting blocked events.gfe.nvidia.com thanks a bunch alex, your awesome On Wed, 30 Jun 2021 at 17:09, Alex Rousskov <

Re: [squid-users] Error negotiating SSL connection on FD 366 - cache.log

On 6/30/21 11:48 AM, robert k Wild wrote: > How do I enable all 9 debugging to find out what client ip it is thats > sending all these tls errors. 0. Start Squid if necessary. 1. Locate your Squid log file or equivalent. In this example, we will call it cache.log. 2. Run "tail -f cache.log >

Re: [squid-users] Error negotiating SSL connection on FD 366 - cache.log

Cool, so I put this in squid.conf debug_options 9 And then restart squid and tail the cache.log On Wed, 30 Jun 2021, 16:48 robert k Wild, wrote: > Thanks Alex, > > How do I enable all 9 debugging to find out what client ip it is thats > sending all these tls errors. > > There's a lot of

Re: [squid-users] Error negotiating SSL connection on FD 366 - cache.log

Thanks Alex, How do I enable all 9 debugging to find out what client ip it is thats sending all these tls errors. There's a lot of mac/pcs that are connected to this squid server and I have added the myca.der file to there machines as I'm doing ssl bumping. Thanks, Rob On Wed, 30 Jun 2021,

Re: [squid-users] Error negotiating SSL connection on FD 366 - cache.log

On 6/30/21 6:41 AM, robert k Wild wrote: > never really noticed this as i rarely "tail -f" the cache log but im > noticing these lines like every second > 2021/06/30 11:39:13 kid1| Error negotiating SSL connection on FD 266: > error:0001:lib(0):func(0):reason(1) (1/-1) > 2021/06/30 11:39:13

[squid-users] Error negotiating SSL connection on FD 366 - cache.log

hi all, never really noticed this as i rarely "tail -f" the cache log but im noticing these lines like every second 2021/06/30 11:39:13 kid1| Error negotiating SSL connection on FD 266: error:0001:lib(0):func(0):reason(1) (1/-1) 2021/06/30 11:39:13 kid1| Error negotiating SSL connection on

Re: [squid-users] ERROR connecting to squid proxy server

On 12/01/21 6:30 pm, Reshma V Kumar wrote: Hi ! This is the error from cache.log file 2021/01/11 23:21:07 kid1| idnsSendQuery FD -1: sendto: (0) No error. "-1" is a closed socket. It looks like there is no UDP port open for sending traffic to your DNS server(s). You are starting Squid

Re: [squid-users] ERROR connecting to squid proxy server

: Amos Jeffries Sent by: "squid-users" To: squid-users@lists.squid-cache.orgCc:Subject: [EXTERNAL] Re: [squid-users] ERROR connecting to squid proxy serverDate: Tue, Dec 1, 2020 5:32 PM  On 1/12/20 8:20 pm, Reshma V Kumar wrote:> Hi all,> I am testing squid 4.13 on AIX 7.2. I started

Re: [squid-users] ERROR connecting to squid proxy server

On 1/12/20 8:20 pm, Reshma V Kumar wrote: Hi all, I am testing squid 4.13 on AIX 7.2. I started the squid proxy server in the foreground using the following command */opt/freeware/sbin/squid_32 -f /opt/freeware/etc/squid/squid.conf -d3 --foreground* To test if the squid proxy server is working

[squid-users] ERROR connecting to squid proxy server

Hi all,   I am testing squid 4.13 on AIX 7.2. I started the squid proxy server in the foreground using the following command   /opt/freeware/sbin/squid_32 -f /opt/freeware/etc/squid/squid.conf -d3 --foreground   To test if the squid proxy server is working or not, the following curl command is run

Re: [squid-users] ERROR: helper

Of Matus UHLAR - fantomas Sent: Monday, July 6, 2020 1:02 PM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] ERROR: helper On 06.07.20 11:50, Antonino Gianfranco Sanacori wrote: >In my cache.log i try very very much messages of this: > >kid1| ERROR: helper: {result=*BH*, notes

Re: [squid-users] ERROR: helper

On 06.07.20 11:50, Antonino Gianfranco Sanacori wrote: In my cache.log i try very very much messages of this: kid1| ERROR: helper: {result=*BH*, notes={message: Success; }}, attempt #1 of 2 kid1| ERROR: helper: {result=*BH*, notes={message: Success; message: Success; }}, attempt #2 of 2 I 

[squid-users] ERROR: helper

Hi all. In my cache.log i try very very much messages of this: kid1| ERROR: helper: {result=*BH*, notes={message: Success; }}, attempt #1 of 2 kid1| ERROR: helper: {result=*BH*, notes={message: Success; message: Success; }}, attempt #2 of 2 I  runned the comand "squid -k parse" and i got 

Re: [squid-users] Error: (71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

On 22/06/20 5:14 pm, Eliezer Croitoru wrote: > I have tested 4.12 and with default settings I am getting an error on > some local common web pages. > > > (71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE) > Handshake with SSL server failed: error:141A318A:SSL >

Re: [squid-users] Error: (71) Protocol error (TLS code:SQUID_ERR_SSL_HANDSHAKE)

Sorry - but how is your solution different from: 1) openssl dhparam -outform PEM -out dhparam.pem 2048 2) https_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/etc/rootCA.crt key=/usr/local/squid/etc/rootCA.key

[squid-users] Error: (71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)

I have tested 4.12 and with default settings I am getting an error on some local common web pages. (71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)Handshake with SSL server failed: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small In my search for users who had a similar

Re: [squid-users] Error negotiating SSL connection on FD 16

On 2/04/20 5:42 pm, saiyan_gc wrote: > Hi, thank you for reply me. Really appreciated! > > I modified the squid conf file to: > > http_port 2128 ssl-bump cert=/etc/squid/ssl_cert/example.com.cert \ > key=/etc/squid/ssl_cert/example.com.private \ > generate-host-certificates=on \ >

Re: [squid-users] Error negotiating SSL connection on FD 16

Hi, thank you for reply me. Really appreciated! I modified the squid conf file to: http_port 2128 ssl-bump cert=/etc/squid/ssl_cert/example.com.cert \ key=/etc/squid/ssl_cert/example.com.private \ generate-host-certificates=on \ dynamic_cert_mem_cache_size=4MB https_port 3130

Re: [squid-users] Error negotiating SSL connection on FD 16

On 30/03/20 11:58 am, saiyan_gc wrote: > Hi, I am trying to setup a https proxy server, and after I followed some > tutorial, Which tutorial? > created self signed certificate, configure the squid.conf, I also > copied the certificate to the client host Which certificate? Where did you put

[squid-users] Error negotiating SSL connection on FD 16

Hi, I am trying to setup a https proxy server, and after I followed some tutorial, created self signed certificate, configure the squid.conf, I also copied the certificate to the client host and setup the https_proxy global environment variable, I can do *curl https://www.google.com*. I saw

[squid-users] error running c-icap in squidclamav.conf

hi all, got 2 errors while running c-icap [root@lon-p-sigrly01 c_icap_modules-0.5.4]# /usr/local/bin/c-icap WARNING Bad configuration keyword: enable_libarchive 0 WARNING Bad configuration keyword: banmaxsize 2M [root@lon-p-sigrly01 c_icap_modules-0.5.4]# i have installed the latest version of

Re: [squid-users] Error page headers

-users@lists.squid-cache.org Subject: Re: [squid-users] Error page headers Thank you Alex. I suspected I was missing something. In this case I didn't realize the error page would still need to flow through http_reply_access/reply_header_replace. I think that's what I need. I didn't want to touch

Re: [squid-users] Error page headers

. It's an enticing project for when extra time comes my way. Thanks! From: squid-users on behalf of Alex Rousskov Sent: Monday, September 23, 2019 6:03 AM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Error page headers On 9/23/19 12:49

Re: [squid-users] Error page headers

On 9/23/19 12:49 AM, senor wrote: > I have custom error pages with content needing the Content-Type > header to reflect what it is (like JSON). I don't see any current > options providing that option for error page handling. I would start with http_reply_access/reply_header_replace combo,

[squid-users] Error page headers

Hi All, I have custom error pages with content needing the Content-Type header to reflect what it is (like JSON). I don't see any current options providing that option for error page handling. Before I dig into the code, I wanted to see if anyone had any ideas. Adaptation could work but seems

Re: [squid-users] ERROR The requested URL could not be retrieved

On 1/11/18 4:08 AM, Uchenna Nebedum wrote: > Thanks a lot Amos, I really didn't notice I had been sending private > emails, Really sorry about that.  > > About the config, The proxy works fine now, it bumps the traffic > successfully. > I've added the sites i want to be bumped but the browser

Re: [squid-users] ERROR The requested URL could not be retrieved

Thanks a lot Amos, I really didn't notice I had been sending private emails, Really sorry about that. About the config, The proxy works fine now, it bumps the traffic successfully. I've added the sites i want to be bumped but the browser errors thrown are too much, and it's a scenario where I

Re: [squid-users] ERROR The requested URL could not be retrieved

On 31/10/18 1:45 AM, Uchenna Nebedum wrote: > Thanks a lot it works now... I've added site bumping exceptions, and it > still throws invalid certificate exceptions even though it uses the > 'ssl_bump stare' configuration, is it possible to reduce the errors?  > > Uchenna Nebedum > Maybe, the

Re: [squid-users] ERROR The requested URL could not be retrieved

On 30/10/18 4:23 AM, Stephen Borrill wrote: > On 29/10/2018 15:20, Uchenna Nebedum wrote: >> Good Day All, >> I have setup squid 3.5 with mikrotik, and ssl bumping is enabled. after >> accepting the certificate on the browser prompt, Squid throws an error >> on the browser, "*unable to forward

Re: [squid-users] ERROR The requested URL could not be retrieved

On 29/10/2018 15:20, Uchenna Nebedum wrote: > Good Day All, > I have setup squid 3.5 with mikrotik, and ssl bumping is enabled. after > accepting the certificate on the browser prompt, Squid throws an error > on the browser, "*unable to forward this request at this time.*" it > throws this error

[squid-users] ERROR The requested URL could not be retrieved

Good Day All, I have setup squid 3.5 with mikrotik, and ssl bumping is enabled. after accepting the certificate on the browser prompt, Squid throws an error on the browser, "*unable to forward this request at this time.*" it throws this error for http sites as well. please what could be causing

Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

you like, just adjust the docs as > required and that is it. > > > > *From:* Uchenna Nebedum > *Sent:* Friday, 19 October 2018 20:17 > *To:* Rafael Akchurin > *Cc:* squid-users@lists.squid-cache.org > *Subject:* Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate &

Re: [squid-users] error in parsing Proxy protocol version 2 by Squid proxy protocol

On 10/23/18 4:17 PM, Amos Jeffries wrote: > On 24/10/18 7:45 AM, NityaIyer wrote: >> - The network load balancer is sending proxy protocol version 2 header. >> - Squid version - 3.5.20 >> - TCP listening on 3128 both load balancer and my instance > Please try Squid-4. One of the HTTP

Re: [squid-users] error in parsing Proxy protocol version 2 by Squid proxy protocol

On 24/10/18 7:45 AM, NityaIyer wrote: > Hello, > > I really need a help in this issue. > > I have a squid application running on a instance behind the Network load > balancer[NLB] in AWS cloud. Due to my use case, I have enabled proxy > protocol on the load balancer so that my backend instance

[squid-users] error in parsing Proxy protocol version 2 by Squid proxy protocol

Hello, I really need a help in this issue. I have a squid application running on a instance behind the Network load balancer[NLB] in AWS cloud. Due to my use case, I have enabled proxy protocol on the load balancer so that my backend instance can receive the proxy protocol header. Few

Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

Yes you can use any ICAP/eCAP server you like, just adjust the docs as required and that is it. From: Uchenna Nebedum Sent: Friday, 19 October 2018 20:17 To: Rafael Akchurin Cc: squid-users@lists.squid-cache.org Subject: Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs

Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

Friday, 19 October 2018 18:42 > *To:* squid-users@lists.squid-cache.org > *Subject:* [squid-users] ERROR: NAT/TPROXY lookup failed to locate > original IPs on local > > > > Good Day All, > > i'm new to squid and i have configured squid as an http transparent proxy > with a

Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

:42 To: squid-users@lists.squid-cache.org Subject: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local Good Day All, i'm new to squid and i have configured squid as an http transparent proxy with a mikrotik. the squid server has only a single NIC, so i followed a tutorial

Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

On Friday 19 October 2018 at 18:42:00, Uchenna Nebedum wrote: > Good Day All, > i'm new to squid and i have configured squid as an http transparent proxy > with a mikrotik. > the squid server has only a single NIC, so i followed a tutorial and set up > a dst-nat to squid proxy for traffic on port

[squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

Good Day All, i'm new to squid and i have configured squid as an http transparent proxy with a mikrotik. the squid server has only a single NIC, so i followed a tutorial and set up a dst-nat to squid proxy for traffic on port 80, Chain:dstnat. Protocol:tcp Dst-port:80 Action:dst-nat To

Re: [squid-users] Error Message alert handshake failure

On 30/08/18 2:16 AM, Walter H. wrote: > Hello, > > what does this message > > 2018/08/29 16:11:28 kid1| Error negotiating SSL on FD 22: > error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake > failure (1/-1/0) > > in cache.log mean? The OpenSSL used by your proxy is

[squid-users] Error Message alert handshake failure

Hello, what does this message 2018/08/29 16:11:28 kid1| Error negotiating SSL on FD 22: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (1/-1/0) in cache.log mean? Thanks, Walter smime.p7s Description: S/MIME Cryptographic Signature

Re: [squid-users] ERROR: Unknown TLS option clientca

I have just checked with the debug_options and saw that sslflags=DELAYED_AUTH made it skip the client cert request. Just commented that on the config and now it works! Thanks a lot! Amos Jeffries , 19 Tem 2018 Per, 11:35 tarihinde şunu yazdı: > On 18/07/18 23:54, login mogin wrote: > > Hi

Re: [squid-users] ERROR: Unknown TLS option clientca

On 18/07/18 23:54, login mogin wrote: > Hi there, > > I have just tried with the patch and it is still not working. Do you > want any particular log or debug output? > If you could provide the cache.log output with: debug_options ALL,1 3, 5, 83,9 ... and a full-data packet trace of the TLS

Re: [squid-users] ERROR: Unknown TLS option clientca

Hi there, I have just tried with the patch and it is still not working. Do you want any particular log or debug output? Thanks Logan login mogin , 17 Tem 2018 Sal, 12:03 tarihinde şunu yazdı: > I'll give it a try today and let you know. Thanks a lot. > > Logan > > Amos Jeffries , 17 Tem 2018

Re: [squid-users] ERROR: Unknown TLS option clientca

I'll give it a try today and let you know. Thanks a lot. Logan Amos Jeffries , 17 Tem 2018 Sal, 08:08 tarihinde şunu yazdı: > On 14/07/18 06:32, login mogin wrote: > > Thanks for the help. Now I am not getting any error messages but as you > > said I will follow the pull request. > > > > I've

Re: [squid-users] ERROR: Unknown TLS option clientca

On 14/07/18 06:32, login mogin wrote: > Thanks for the help. Now I am not getting any error messages but as you > said I will follow the pull request. > I've now managed to add what I think is the final bit of the fix to that PR. Do you now see it fully working? Amos

Re: [squid-users] ERROR: Unknown TLS option clientca

Thanks for the help. Now I am not getting any error messages but as you said I will follow the pull request. Best Logan On Fri, Jul 13, 2018 at 8:00 AM Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 07/12/2018 11:35 PM, login mogin wrote: > > Thanks a lot, just tried the patch,

Re: [squid-users] ERROR: Unknown TLS option clientca

Thanks a lot, just tried the patch, sadly still not working. Best Logan Alex Rousskov , 12 Tem 2018 Per, 22:03 tarihinde şunu yazdı: > On 07/12/2018 07:58 PM, login mogin wrote: > > Or should I report this as a bug? > > Your call, but it is a bug. You can also try the following _untested_ >

Re: [squid-users] ERROR: Unknown TLS option clientca

On 07/12/2018 07:58 PM, login mogin wrote: > Or should I report this as a bug? Your call, but it is a bug. You can also try the following _untested_ patch: https://github.com/squid-cache/squid/pull/252.patch Good luck, Alex. > On Thu, Jul 12, 2018 at 4:11 AM login mogin wrote: > > Hi, >

Re: [squid-users] ERROR: Unknown TLS option clientca

Do you guys have any idea on this? Or should I report this as a bug? On Thu, Jul 12, 2018 at 4:11 AM login mogin wrote: > Hi, > > We have been using squid 3.5.23 on ubuntu 16 with the configuration > clientca=CERTPATH without any problem. We decided to run the new version > squid 4.1 on ubuntu

[squid-users] ERROR: Unknown TLS option clientca

Hi, We have been using squid 3.5.23 on ubuntu 16 with the configuration clientca=CERTPATH without any problem. We decided to run the new version squid 4.1 on ubuntu 18 with the same config. But now client certificate auth is not working anymore and we got this message on debug: ERROR: Unknown

Re: [squid-users] Error page or redirect just to a user

On 02/12/17 05:34, erdosain9 wrote: Hi. I want to do a redirect to a user. For example if the user want to go to google, i redirect to some particular web. Can you tell me how?? acl bob proxy_auth Bob deny_info 302:http://example.com/ bob http_access deny bob Amos

[squid-users] Error page or redirect just to a user

Hi. I want to do a redirect to a user. For example if the user want to go to google, i redirect to some particular web. Can you tell me how?? i have config the http access trough user (with kerberos). Thanks to all -- Sent from:

Re: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on CentOS Linux release 7.3.1611

On 06/13/2017 01:37 PM, Norbert Naveen wrote: > I guess I know the culprit Glad you found a solution! > In bashrc > The following 4 lines were present ,, I have commented it out now . Please try to post those four lines again, as plain text. Others may find those wrong lines useful, but

Re: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on CentOS Linux release 7.3.1611

veen [mailto:norbert.nav...@tayana.in] Sent: Wednesday, June 14, 2017 1:08 AM To: 'Alex Rousskov' <rouss...@measurement-factory.com>; 'squid-users@lists.squid-cache.org' <squid-users@lists.squid-cache.org> Subject: RE: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on Cent

Re: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on CentOS Linux release 7.3.1611

To: 'Alex Rousskov' <rouss...@measurement-factory.com>; 'squid-users@lists.squid-cache.org' <squid-users@lists.squid-cache.org> Subject: RE: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on CentOS Linux release 7.3.1611 Hello Alex Sorry for the mistake of mis

Re: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on CentOS Linux release 7.3.1611

all the details Thanks -Original Message- From: Alex Rousskov [mailto:rouss...@measurement-factory.com] Sent: Tuesday, June 13, 2017 9:09 PM To: norbert.nav...@tayana.in; squid-users@lists.squid-cache.org Subject: Re: [squid-users] Error Compiling squid-3.5.26 with libecap-1.0.1 on Cent

  1   2   3   4   5   6   7   8   >