I was wrong. There is no way to read the remote certificate and then decide
whether to bump/splice the connection.
-Original Message-
From: Ahmad, Sarfaraz
Sent: Wednesday, June 20, 2018 7:35 PM
To: 'Amos Jeffries' ; squid-users@lists.squid-cache.org
Subject: RE: [squid-users] Ignore
Yes. As always appreciate the quick support this community provides. :)
Thank you guys !
Regards,
Sarfaraz
-Original Message-
From: squid-users On Behalf Of Amos
Jeffries
Sent: Wednesday, June 20, 2018 6:53 PM
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Ignore SSL
On 21/06/18 00:25, Ahmad, Sarfaraz wrote:
> I found the answer to my problem. The SNI and Subject CN were different
> in my case and I was not peeking at step2 (meaning not looking at the
> server certificate) that is why my ACLs were ineffective.
>
Ah, excellent. Does that mean your problem is
I found the answer to my problem. The SNI and Subject CN were different in my
case and I was not peeking at step2 (meaning not looking at the server
certificate) that is why my ACLs were ineffective.
Regards,
Sarfaraz
From: Ahmad, Sarfaraz
Sent: Wednesday, June 20, 2018 3:25 PM
To:
Forgot to add. Remote IP addresses are not expected to remain constant. So I
cannot build ACLs that way. So ssl::server_name is the only other hope.
From: Ahmad, Sarfaraz
Sent: Wednesday, June 20, 2018 2:34 PM
To: 'squid-users@lists.squid-cache.org'
Subject: Ignore SSL error and splice by
I tried using "ignore-cc" option but still squid is honoring cache-control
header. It tries to re validate the cache on every HTTP request. The
configurations are below.
Please correct me if anything is wrong.
*Squid.conf*
http_port 3128
http_port 3129 tproxy
http_port 80 accel
Hi, Amos,
We are using forward tproxy . We used to redirect the packets coming from
client for port 80 to squid proxy server. Squid spoofs the request and
establishes a connection with Server transparently. Please find the
configuration below
Client --- > Squid proxy server --- > web Server
On 23/02/2014 4:19 p.m., Rajiv Desai wrote:
Hi,
I use ignore-auth for caching urls with signature and that works great.
For some endpoints, signature is added as a query (which is otherwise
an Authorization header). Is there a way to perhaps ignore-query?
Currently, I see that replies are
Hello Amos,
I changed my squid.conf according your recommendations.
I'm facing a trouble that all IPs on unlimited_bandwidth file bypass
authentication.
If I remove my ip from unlimited_bandwidth file and check the
access.log working well:
[04/Oct/2012:08:20:25 -0300] leonardo.abrantes
On 5/10/2012 12:44 a.m., Leonardo Bacha Abrantes wrote:
Hello Amos,
I changed my squid.conf according your recommendations.
I'm facing a trouble that all IPs on unlimited_bandwidth file bypass
authentication.
OKay. change:
http_access allow unlimitedBandwidth
to:
http_access allow
On Tue, Oct 2, 2012 at 2:42 PM, Leonardo Bacha Abrantes
leona...@lbasolutions.com wrote:
Hi Guys,
I'm facing problems with one specific site which run java. The site
open a window of java requesting to enter the credentials of proxy
continuously.
How can I ignore the authentication for an
On 03.10.2012 01:42, Leonardo Bacha Abrantes wrote:
Hi Guys,
I'm facing problems with one specific site which run java. The site
open a window of java requesting to enter the credentials of proxy
continuously.
How can I ignore the authentication for an specific site ?
Like Kinkie already
On Sun, 12 Jun 2011 19:44:53 +0530, Deepak Rao wrote:
Hi,
I am using squid 3.0.21 in reverse proxy mode.
While my clients send requests to our application, the query
parameters are sent to identify the client, whereas the resource
provided is a public resource and not specific to a client.
i believe you can do it and the topics/wiki articles about youtube
caching should give you interesting points about that.
Em 13/08/2010 12:17, david robertson escreveu:
Hello, I have a question concerning the caching of specific URLs:
I'm currently using squid in an accelerator config,
Thanks Leonardo, I have everything working as required :)
On Fri, Aug 13, 2010 at 11:32 AM, Leonardo Rodrigues
leolis...@solutti.com.br wrote:
i believe you can do it and the topics/wiki articles about youtube
caching should give you interesting points about that.
Em 13/08/2010 12:17,
@squid-cache.org
Subject: Re: [squid-users] Ignore requests from certain hosts in access_log
Baird, Josh wrote:
And, you still see the non-healthcheck, normal traffic logged using the
X-Forwarded-For information?
Yes.
Here is my entire config, maybe this will help:
snip
# We want to append
Amos,
Do you think that what I am trying to achieve is possible?
Thanks,
Josh
-Original Message-
From: Baird, Josh
Sent: Tuesday, March 16, 2010 9:25 AM
To: Amos Jeffries; squid-users@squid-cache.org
Subject: RE: [squid-users] Ignore requests from certain hosts in access_log
Hi Amos
-
From: Baird, Josh
Sent: Tuesday, March 16, 2010 9:25 AM
To: Amos Jeffries; squid-users@squid-cache.org
Subject: RE: [squid-users] Ignore requests from certain hosts in access_log
Hi Amos,
Same results. Nothing coming from the load balancers is being logged (even
requests using X
deny all
cache_dir null /tmp
# Misc Configuration
negative_ttl 0
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Friday, March 19, 2010 6:55 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] Ignore requests from certain hosts in access_log
Baird, Josh
Baird, Josh wrote:
And, you still see the non-healthcheck, normal traffic logged using the
X-Forwarded-For information?
Yes.
Here is my entire config, maybe this will help:
snip
# We want to append the X-Forwarded-For header for Websense
follow_x_forwarded_for allow loadbalancers
is the load balancer, and the request is a health check of the
web proxy service)
Thanks,
Josh
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Monday, March 15, 2010 6:52 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] Ignore requests from certain
Ok, that sort of worked. I have a pair of load balancers sitting in
front of my Squid proxy farm. The load balancers insert the
X-Forwarded-For header into each HTTP request which allows Squid to log
their connections using their real client source IP (extracted from
X-Forwarded-For). In
On Mon, 15 Mar 2010 12:15:49 -0500, Baird, Josh jba...@follett.com
wrote:
Ok, that sort of worked. I have a pair of load balancers sitting in
front of my Squid proxy farm. The load balancers insert the
X-Forwarded-For header into each HTTP request which allows Squid to log
their connections
From: Baird, Josh jba...@follett.com
I am trying to ignore requests from two IP addresses in my access_log.
These two hosts connect every second and do health checks of the
proxy service and I would like to eliminate the access_log spam that
theycreate.
Here is what I am trying:
acl
, 2009 4:58 PM
To: Maoz
Cc: Amos Jeffries; squid-users
Subject: Re: [squid-users] ignore question mark in url
been there, done that. didn't find any relevant information there.
On Sun, 2009-02-01 at 23:31 +1300, Amos Jeffries wrote:
Maoz wrote:
hello,
how can I
, 2009 4:58 PM
To: Maoz
Cc: Amos Jeffries; squid-users
Subject: Re: [squid-users] ignore question mark in url
been there, done that. didn't find any relevant information there.
On Sun, 2009-02-01 at 23:31 +1300, Amos Jeffries wrote:
Maoz wrote:
hello,
how can I ignore the question mark
, February 01, 2009 4:58 PM
To: Maoz
Cc: Amos Jeffries; squid-users
Subject: Re: [squid-users] ignore question mark in url
been there, done that. didn't find any relevant information there.
On Sun, 2009-02-01 at 23:31 +1300, Amos Jeffries wrote:
Maoz wrote:
hello
Maoz wrote:
hello,
how can I ignore the question mark in url
I'll explain:
Treat the url until the question mark as object.
www.domain.com/index.jsp?aaa=1
will be the same object as:
www.domain.com/index.jsp?aaa=10
and
www.domain.com/index.jsp?aaa=2ggg=3
thanks
been there, done that. didn't find any relevant information there.
On Sun, 2009-02-01 at 23:31 +1300, Amos Jeffries wrote:
Maoz wrote:
hello,
how can I ignore the question mark in url
I'll explain:
Treat the url until the question mark as object.
www.domain.com/index.jsp?aaa=1
been there, done that. didn't find any relevant information there.
On Sun, 2009-02-01 at 23:31 +1300, Amos Jeffries wrote:
Maoz wrote:
hello,
how can I ignore the question mark in url
I'll explain:
Treat the url until the question mark as object.
www.domain.com/index.jsp?aaa=1
assumption?
Do I need to add Expires header and max-age to the 301 response to make this
work?
E
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Sunday, February 01, 2009 4:58 PM
To: Maoz
Cc: Amos Jeffries; squid-users
Subject: Re: [squid-users] ignore question mark
not
always do what you want.
Amos
E
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Sunday, February 01, 2009 4:58 PM
To: Maoz
Cc: Amos Jeffries; squid-users
Subject: Re: [squid-users] ignore question mark in url
been there, done that. didn't find any
On tor, 2008-05-08 at 10:12 -0700, Christian Seifert wrote:
Is there a way to ignore the Cache-Control no-store directive in 2.6.
Seems like the option exists in 3.0, but not 2.6? Is there a work
around or do I need to upgrade?
You need to upgrade, or to look into implementing this in 2.6.
the combination is causing a problem.
I filed a bug 2344.
Christian
- Original Message
From: Henrik Nordstrom [EMAIL PROTECTED]
To: Christian Seifert [EMAIL PROTECTED]
Cc: squid-users@squid-cache.org
Sent: Thursday, May 8, 2008 3:41:24 PM
Subject: Re: [squid-users] ignore-no-store in 2.6
I know one good reason why - my firewall blocks the request, based on
that header. My users get a message that the page is denied by
security policy. If I could get squid to ignore the header, or rather
filter it out, I'd be much happier.
On Thu, Mar 27, 2008 at 5:24 PM, Henrik Nordstrom
[EMAIL
On Fri, 2008-03-28 at 10:16 -0700, Kurt Buff wrote:
I know one good reason why - my firewall blocks the request, based on
that header.
That would be a pretty odd firewall, blocking one of the more common
HTTP requests send by clients..
My users get a message that the page is denied by
I am seeing this and wonder if this is related:
2008/03/28 15:17:49| WARNING: Blank continuation line in HTTP header
{Accept: text/html, text/plain, text/xml, application/*, Model/vnd.dwf,
drawing/x-dwf
Host: fredericksburg.com
Accept-Encoding: gzip, deflate
From: msnbot(at)microsoft.com
It's not related. This is a malformed HTTP request.
On Fri, 2008-03-28 at 15:24 -0400, Allen Schmidt Sr. wrote:
I am seeing this and wonder if this is related:
2008/03/28 15:17:49| WARNING: Blank continuation line in HTTP header
{Accept: text/html, text/plain, text/xml, application/*,
Malformed by the msnbot? The URLs noted in the log are all correct. Some
are whacked because of the virtual hosted structure of domains that live
inside our Zope site.
Henrik Nordstrom wrote:
It's not related. This is a malformed HTTP request.
On Fri, 2008-03-28 at 15:24 -0400, Allen
It's a malformed request header sent by the client. It's not related to
If-Modified-Since or the requested URL.
Regards
Henrik
On Fri, 2008-03-28 at 15:45 -0400, Allen Schmidt Sr. wrote:
Malformed by the msnbot? The URLs noted in the log are all correct. Some
are whacked because of the
On Wed, 2008-03-26 at 19:55 -0300, Pablo García wrote:
Hi , Is there any way I can simply ignore the If-Modify-Since header
that comes in the request to always return 200 OK, with the content
attached ?
Why?
Regards
Henrik
On Fri, 2007-06-29 at 10:24 +0200, Renaud wrote:
but with cache deny squid remove the page from the cache when an
authenticated user load a page. That is not what i want, i only want to
tell squid to ignore the cache for this request, and continue to use the
same cached page for
ons 2006-11-08 klockan 17:26 -0200 skrev Btobew:
I am using squid-2.5.STABLE10 and I want to ignore Cache-Control: no-cache
sent from origin server.
See the ignore-no-cache refresh_pattern flag, available since Squid-2.6.
Regards
Henrik
signature.asc
Description: Detta är en digitalt
mån 2006-08-07 klockan 22:58 -0600 skrev Mark Gibson:
Whenever the submit button is clicked, the location of the click on the
button is sent along with the other input variables. This makes it
difficult to cache the search results. Is there any way to tell squid
to ignore specific
On Sat, 17 Apr 2004, Hakeem Mohammed Sadiq wrote:
Is it possible to ignore authentication prompt if a user is in allowed group
either on LDAP server or any authentication method used.
Only if you want to do this per IP.
For Squid to know the user name authentication must have taken place.
You can't without modifying the source.
Regards
Henrik
Richard StClair wrote:
How can you get squid to ignore sites that have the 'Cache-Control: no-cache'
option set in the initial HTTP packets so that they'll cache anyway??
--
Regards,
Richard Saint Clair,
Co-Founder Technical
: [EMAIL PROTECTED]
Subject: Re: [squid-users] Ignore
You can't without modifying the source.
Regards
Henrik
Richard StClair wrote:
How can you get squid to ignore sites that have the 'Cache-Control:
no-cache'
option set in the initial HTTP packets so that they'll cache anyway??
--
Regards
47 matches
Mail list logo