Hi Amos,
Tried with 3.3.8 but same issue.
On Mon, Aug 19, 2013 at 3:44 PM, Amos Jeffries wrote:
> On 19/08/2013 7:22 p.m., Mario Almeida wrote:
>>
>> Hi All,
>>
>> Switch: WS-C3560-24PS-S, Version 12.2(44)SE5
>> OS: CentOS 6.4 64bit
>> Squid Cache: Version 3.1.10
>>
>> I have configure http an
On 19/08/2013 7:22 p.m., Mario Almeida wrote:
Hi All,
Switch: WS-C3560-24PS-S, Version 12.2(44)SE5
OS: CentOS 6.4 64bit
Squid Cache: Version 3.1.10
I have configure http and https transparent proxy. http is working but
https I get below ssl error. Can someone help me?
Please upgrade to 3.3 s
Hi All,
Switch: WS-C3560-24PS-S, Version 12.2(44)SE5
OS: CentOS 6.4 64bit
Squid Cache: Version 3.1.10
I have configure http and https transparent proxy. http is working but
https I get below ssl error. Can someone help me?
=== ERROR ===
-BEGIN SSL SESSION PARAMETERS-
MGQCAQECAgMBBAIAhAQ
I'm still looking for advice on how to get Transparent
working.
I'm using a brand new install of Fedora Core 5 on a
formatted HDD. I think of it as a "vanilla" install. I
picked "development" as the server type, selected no
to the Firewall, and hard coded the single ethernet
NIC. I then let YUM u
Yes, I did that already as well... my
/etc/sysctl.conf:
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
[root]# cat /proc/sys/net/ipv4/conf/default/rp_filter
0
[root]# c
lör 2006-03-11 klockan 09:33 -0800 skrev Daniel EPEE LEA:
> 18:23:03.234591 IP client.2619 > 62.149.229.189.http: S
> 4293072232:4293072232(0) win 65535
Is this traffic which has been intercepted by WCCP, or is it traffic
directed to your cache server?
Why do you have two GRE tunnels? There sho
Henrik,
I have created a gre tunnel, without success
6: gre0: mtu 1476 qdisc noqueue
link/gre 0.0.0.0 brd 0.0.0.0
inet 172.16.1.6/30 brd 172.16.1.7 scope global gre0
7: [EMAIL PROTECTED]: mtu 1476 qdisc noqueue
link/gre cache.45 peer router.33
inet 127.0.0.2/32 scope host gre1
-
lör 2006-03-11 klockan 11:00 -0500 skrev boricua:
> BTW i meant browser dependent
Transparent intecerption is not browser dependent.
Regards
Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
On Sat, 11 Mar 2006 16:33:12 +0100
"Mark Elsen" <[EMAIL PROTECTED]> wrote:
> > for example on suse 10.0 i set transparent proxy and all it does is that it
> > sets the proxy in konqueror, thus it works
> > but if i open firefox it does not work?
> >
>
> Other stuff that may not work@ :
>
> for example on suse 10.0 i set transparent proxy and all it does is that it
> sets the proxy in konqueror, thus it works
> but if i open firefox it does not work?
>
Other stuff that may not work@ :
http://squidwiki.kinkie.it/SquidFaq/InterceptionProxy?highlight=%28intercep
On Fri, 10 Mar 2006 16:06:31 -0800
"Daniel EPEE LEA" <[EMAIL PROTECTED]> wrote:
> Hi Guys,
>
> I have configured a transparent proxy and I am having a hard time to
> get it to work,
> I run RHEL v4 + latest stable Squid 12 + cisco IOS 12.3.(14)T2
>
> when my browser is configured with port 80 or
fre 2006-03-10 klockan 17:36 -0800 skrev Daniel EPEE LEA:
> Hello,
>
> I added a gre tunnel and nothing it's still won't work.
> ---
> Router#sh ip wccp
It's on the Linux boq you need the GRE tunnel. None needed on the router
(it's implicit by running WCCP there..)
With tcpdump you shou
Hello,
I added a gre tunnel and nothing it's still won't work.
---
Router#sh ip wccp
Global WCCP information:
Router information:
Router Identifier: router.33
Protocol Version:1.0
Service Identifier: web-cache
Number of
fre 2006-03-10 klockan 16:54 -0800 skrev Daniel EPEE LEA:
> 1- Loaded ip_gre module in the kernel ( I didn't use ip_wccp module)
Did you also create the needed GRE tunnel on the linux box? If not
ip_gre won't know what to do with the received GRE packets carrying the
redirected traffic..
the pur
Hello,
Thanks for your replies,
Much details on my setup.
I have :
1- Loaded ip_gre module in the kernel ( I didn't use ip_wccp module)
2- My Iptables redirection entry
[EMAIL PROTECTED] ~]# iptables -nL -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destinati
You can use iptables on the gateway to do nat on https (iptables -A
POSTROUTING -t nat -i -s -p tcp --dport 443
-j MASQUERADE) . You can't juse -j REDIRECT on https connections since its
considered session hijacking/man in middle attack.
mike
At 03:55 PM 3/10/2006, LinuXKiD wrote:
In othe
fre 2006-03-10 klockan 16:06 -0800 skrev Daniel EPEE LEA:
> Hi Guys,
>
> I have configured a transparent proxy and I am having a hard time to
> get it to work,
> I run RHEL v4 + latest stable Squid 12 + cisco IOS 12.3.(14)T2
>
> when my browser is configured with port 80 or 3128, it works, but it
Hi Guys,
I have configured a transparent proxy and I am having a hard time to
get it to work,
I run RHEL v4 + latest stable Squid 12 + cisco IOS 12.3.(14)T2
when my browser is configured with port 80 or 3128, it works, but it
doesn work in transparent mode. Please advise me.
Much regards,
Dan
fre 2006-03-10 klockan 20:55 -0300 skrev LinuXKiD:
> In other words:
>
> if FROX is an FTP transparent Proxy ,
>
> there is a XXX Proxy for HTTPS traffic ?
There is, used for example by companies which by policy or law can not
allow encrypted communications to/from their employees.
But not tran
In other words:
if FROX is an FTP transparent Proxy ,
there is a XXX Proxy for HTTPS traffic ?
thank you
->
-> tor 2006-03-09 klockan 17:03 -0300 skrev LinuXKiD:
-> > There is a way to process HTTPS request
-> > with IPTABLES as transparent proxy ?
->
-> No meaningful way, so it has not be
On Friday 10 March 2006 07:03, LinuXKiD wrote:
> There is a way to process HTTPS request
> with IPTABLES as transparent proxy ?
No - attempting to do so breaks the HTTPS standard. Technically, what you're
proposing is commonly referred to as a "man in the middle" attack.
-- James
pgp90IslEZgX
tor 2006-03-09 klockan 17:03 -0300 skrev LinuXKiD:
> There is a way to process HTTPS request
> with IPTABLES as transparent proxy ?
No meaningful way, so it has not been implemented..
Regards
Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
There is a way to process HTTPS request
with IPTABLES as transparent proxy ?
I want to process all Firefox traffic trought
squid, because I found that if I put squid URL
(address and port ) on web browser, allthings works
better.
Also, Some https URLs does't work with transparent
(iptables), bu
23 matches
Mail list logo