> On 1 Mar 2019, at 9:34 pm, Enrico Heine wrote:
>
> >>just a shot into the dark<<, is it possible that you use the adaption
> >>service for ICAP?
There is an eCAP adaptation service but not ICAP, would eCAP be effected by the
same condition reported the bug report you linked to?
Early in
Hi Guys,
I have a squid-3.5.28 installation that is deployed to do transparent ssl-bump
of HTTPS traffic (linux bridge, tproxy). The server is not overly busy, CPU
and RAM usage is low + no swap being used yet regularly the squid service is
choking HTTPS traffic to a point where websites are
Hi All,
I have an ecap adapter that amongst other things tracks response size. This
works fine for HTTP and ssl-bump'd HTTPS but not for TCP_TUNNEL responses as
they are not seen by the ecap adapter.
I understand that in most cases adaptation of a tunnelled HTTPS response is
pointless as it
Hi All,
I've read a few articles that indicate squid-3.5 and below doesn't support
ssl-bump'ing ECDHE ciphers.
Is this correct? If so, is it possible to create/structure acl and ssl-bump
rules to splice on unsupported ciphers?
I've looked through the available ACL options and doesn't seem
On 23 Apr 2015, at 9:22 pm, James Lay j...@slave-tothe-box.net wrote:
Michael,
Could you post your entire config here if possible? Many of us continue to
face challenges with ssl_bump and a working config would be great. Thank you.
James
My ssl_bump configuration is contained in a
Hi All
I’ve been running squid-3.4.x in tproxy mode with ssl_bump server-first for
some time and has been working great.
I have just moved to 3.5.3 to use peek to overcome some issues with sites that
require SNI to serve up the correct certificate. In most cases this is work
well however I
On 23 Apr 2015, at 4:21 pm, Amos Jeffries squ...@treenet.co.nz wrote:
On 23/04/2015 6:29 p.m., Michael Hendrie wrote:
Hi All
I’ve been running squid-3.4.x in tproxy mode with ssl_bump
server-first for some time and has been working great.
I have just moved to 3.5.3 to use peek
On 23 Apr 2015, at 4:28 pm, Michael Hendrie mich...@hendrie.id.au wrote:
On 23 Apr 2015, at 4:21 pm, Amos Jeffries squ...@treenet.co.nz wrote:
On 23/04/2015 6:29 p.m., Michael Hendrie wrote:
Hi All
I’ve been running squid-3.4.x in tproxy mode with ssl_bump
server-first for some time
On 06/02/2012, at 10:08 AM, Henrik Nordström wrote:
sön 2012-02-05 klockan 14:09 -0600 skrev James R. Leu:
certificate_db.cc: In member function ‘void Ssl::CertificateDb::load()’:
certificate_db.cc:455:1: error: ‘index_serial_hash_LHASH_HASH’ was not
declared in this scope
Hm.. fails
On 02/04/2012, at 6:29 PM, Henrik Nordström wrote:
mån 2012-04-02 klockan 16:47 +0930 skrev Michael Hendrie:
On 06/02/2012, at 10:08 AM, Henrik Nordström wrote:
sön 2012-02-05 klockan 14:09 -0600 skrev James R. Leu:
certificate_db.cc: In member function ‘void Ssl::CertificateDb::load
On 13/03/2012, at 12:07 AM, guest01 wrote:
Hi,
We are using Squid as forward-proxy for about 10-20k clients with
about 1200RPS.
snip
IMHO, it is really important which features you are planning to use.
For example, we are using authentication (kerberos, ntlm, ldap) and
ICAP content
On 11/03/2012, at 10:21 PM, Amos Jeffries wrote:
On 9/03/2012 4:52 a.m., Student University wrote:
Hi ,
This is Liley ,,,
can anyone tell me what
requests per second can squid3 serves ,
especially if we run it on the top of a hardware with OCZ RevoDrive 3
X2 (200,000 Random Write 4K
On 01/03/2012, at 1:45 PM, Brett Lymn wrote:
On Thu, Mar 01, 2012 at 03:07:42PM +1300, Amos Jeffries wrote:
On 01.03.2012 14:32, Brett Lymn wrote:
I have an application that pays attention to the X-Authenticated-User
header.
Why? what does it do?
Apparently, it believes it. I don't
On 12/09/2011, at 12:44 PM, John Kenyon wrote:
I had the exact same problem with with 3.1.10. In my case it was an IPv6
problem so I compiled squid with --disable-ipv6 as I didn't need it. There
are
a number of other ways to overcome the problem if you look through the
mail archives
On 09/09/2011, at 4:37 PM, Amos Jeffries wrote:
On 09/09/11 18:15, Michael Hendrie wrote:
On 09/09/2011, at 12:34 PM, John Kenyon wrote:
Hi All,
I am experiencing a slow down on one particular site:
https://www.my.commbank.com.au/netbank/Logon/Logon.aspx
I can access this web site
On 09/09/2011, at 12:34 PM, John Kenyon wrote:
Hi All,
I am experiencing a slow down on one particular site:
https://www.my.commbank.com.au/netbank/Logon/Logon.aspx
I can access this web site fine however it takes approx. 30 seconds to load,
and if I bypass squid it takes 1 second.
On 15/06/2011, at 8:09 AM, Amos Jeffries wrote:
On Wed, 15 Jun 2011 08:48:31 +1200, Mike Bordignon (GMI) wrote:
On 14/06/2011 6:32 p.m., Amos Jeffries wrote:
Not another one. Good luck.
If you have any influence or contact with the devs of that app please help
educate them of the safety
On 05/05/2011, at 9:06 AM, Farokh Irani wrote:
I don't have any specific access_log config line, but that's not the issue.
The access log file is being created but the entries aren't in the format
I've specified.
That is the cause of your issue. If there is no access_log configuration
On 11/04/2011, at 9:22 PM, rpere...@lavabit.com wrote:
Hi
How I can limit the ram memory use in my squid/tproxy box ?
I have a fast server with 16Gb ram. The average bandwidth is about 60-70
Mb/s.
The bridge works well but when the cache and memory becomes full its goes
slow and
On 03/03/2011, at 12:41 AM, Leon Volfson wrote:
Hi,
I have a few squid servers in front of web servers (accelerator setup).
Since the website is very dynamic, I had to turn off the client refresh
action:
refresh_pattern -i ^http://www.website.com 14400 80% 43200
On 11/02/2011, at 8:21 PM, Tim Bateson wrote:
Hi,
I am using squid 2.7 and would like to know if it possible to map 2
acl groups to a particular cache_peer.
Our acls are mapped using the extern_acl and acl as follows.
external_acl_type groupn children=10 ttl=200 %LOGIN
On 01/02/2011, at 8:39 AM, Amos Jeffries wrote:
On Mon, 31 Jan 2011 16:20:45 +1030, Michael Hendrie
mich...@hendrie.id.au
wrote:
Hello List,
I need to use a version with connection pinning and was hoping to use
3.1.10 but I've run into a problem using a cache_peer that requires NTLM
as the parents.
Michael Hendrie mich...@hendrie.id.au 1/31/2011 12:50 AM
Hello List,
I need to use a version with connection pinning and was hoping to use
3.1.10 but I've run into a problem using a cache_peer that requires NTLM
authentication. In my tests I'm able to get 3 authenticated requests
Hello List,
I need to use a version with connection pinning and was hoping to use 3.1.10
but I've run into a problem using a cache_peer that requires NTLM
authentication. In my tests I'm able to get 3 authenticated requests through
the parent (access.log on parent shows they have been
On 24/01/2011, at 8:17 PM, Saiful Alam wrote:
OK I have kept your suggestion in my mind, but right now I'm not in a
position to buy two HDD's. May be I can afford to buy 15 days later. For the
time being, my prime problem is the loading of two major sites from where my
users download
On 24/01/2011, at 11:03 PM, Amos Jeffries wrote:
On 24/01/11 23:09, Michael Hendrie wrote:
On 24/01/2011, at 8:17 PM, Saiful Alam wrote:
snip
I had issues with some random sites being slow with 3.1.10 and
tracked it down to squid trying to get records for the problem
sites
On 23/12/2010, at 12:03 AM, Amos Jeffries wrote:
On 22/12/10 18:39, Tom Tux wrote:
Hi
Is there a squid-snmp-oid or a squidclient-option to get the
following
values (since startup of squid or since creation of cache_dirs)?
- tcp_miss
- tcp_hit
- tcp_mem_hit
If not, how can I determine
On 16/12/2010, at 12:44 PM, Amos Jeffries wrote:
On 15/12/10 14:38, Michael Hendrie wrote:
Hello List,
I have server running 3 instances of squid-3.0.STABLE19 using a
configuration similar to that documented at
http://wiki.squid-cache.org/MultipleInstances. Each instance has all
other instance
Hello List,
I have server running 3 instances of squid-3.0.STABLE19 using a
configuration similar to that documented at http://wiki.squid-cache.org/MultipleInstances
. Each instance has all other instance configured as siblings using
the proxy-only directive to allow sharing of cache
29 matches
Mail list logo