Hello Nicolas,
On Wed, 28 Feb 2018 23:38:19 +0100 Nicolas Kovacs wrote:
> Le 28/02/2018 à 22:32, Itamar Reis Peixoto a écrit :
> > I recommend everyone in France to spend their money on a school with
> > free internet.
>
> I'm not sure I understand. Our students sure
Le 08/03/2018 à 19:09, Leon Fauster a écrit :
> Just to rephrase my implicit question: Does your setup works for the
> combination Chrome browser and google.com?
>
> Or in general, what are the limits of your described setup. Just
> curious ...
Works perfectly.
Am 08.03.2018 um 18:07 schrieb Nicolas Kovacs :
>
> Guys. This is the CentOS mailing list, a place to discuss technical
> questions... such as web content filtering.
Just to rephrase my implicit question: Does your setup works for the
combination Chrome browser and
Le 08/03/2018 à 17:15, hw a écrit :
> But you aren´t broadcasting messages, or are you?
>
> If they mean something like "make data accessible", the only way to
> be compliant with such a law is by not providing public access. How
> do you distinguish between things that are contrary to basic
Nicolas Kovacs wrote:
Le 08/03/2018 à 11:30, hw a écrit :
The government says you must use squidguard to filter something?
The law in France (Code Pénal, article 227-24) states that a public
network is not allowed to broadcast messages containing violence,
pornography or any content contrary
On 03/08/18 06:09, Nicolas Kovacs wrote:
Le 08/03/2018 à 11:30, hw a écrit :
The government says you must use squidguard to filter something?
The law in France (Code Pénal, article 227-24) states that a public
network is not allowed to broadcast messages containing violence,
pornography or
Le 08/03/2018 à 11:30, hw a écrit :
> The government says you must use squidguard to filter something?
The law in France (Code Pénal, article 227-24) states that a public
network is not allowed to broadcast messages containing violence,
pornography or any content contrary to basic human dignity,
Nicolas Kovacs wrote:
Le 06/03/2018 à 18:48, hw a écrit :
And how do you get a list of IPs from which data could be retrieved
which the students are not supposed to see?
How is this done anyway, does the government give out a list of URLs
or IPs which you are required to block? If not, what
Le 06/03/2018 à 18:48, hw a écrit :
> And how do you get a list of IPs from which data could be retrieved
> which the students are not supposed to see?
>
> How is this done anyway, does the government give out a list of URLs
> or IPs which you are required to block? If not, what if you overlook
Valeri Galtsev wrote:
On 03/05/18 08:34, Bill Gee wrote:
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of
Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS filtering ? Any suggestions,
advice, caveats, do's and don'ts ?
After a
Wouldn't filtering the DNS be more practical?
On 5 March 2018 at 18:57, Leon Fauster wrote:
>
> > Am 05.03.2018 um 15:34 schrieb Bill Gee :
> >
> >
> > On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
> >> Am 05.03.2018 um 13:04
On 2/28/2018 4:23 PM, Nicolas Kovacs wrote:
Hi,
I've been running Squid successfully on CentOS 7 (and before that on 6
and 5), and it's always been running nicely. I've been using it mostly
as a transparent proxy filter in school networks.
So far, I've only been able to filter HTTP.
Do any of
> Am 05.03.2018 um 15:34 schrieb Bill Gee :
>
>
> On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
>> Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
>>> Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to
On 03/05/18 10:21, Nicolas Kovacs wrote:
Le 05/03/2018 à 16:30, Valeri Galtsev a écrit :
Sorry, I missed the beginning of this thread. This sounds to me like
running one's own Certification Authority. I did that a while ago for
over a decade. However, these days one may consider
Le 05/03/2018 à 16:30, Valeri Galtsev a écrit :
> Sorry, I missed the beginning of this thread. This sounds to me like
> running one's own Certification Authority. I did that a while ago for
> over a decade. However, these days one may consider
>
> https://letsencrypt.org/
>
> - you will have to
On 03/05/18 08:34, Bill Gee wrote:
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS
On 03/05/18 07:23, Leon Fauster wrote:
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS filtering ? Any suggestions,
advice, caveats, do's and
The certificate should have *CA:true* set for act a CA for dynamic signing
certificates by Squid.
Most probably, Let's Encrypt will ignore this constraint in CSR.
2018-03-05 12:33 GMT-03:00 Chris Adams :
> Once upon a time, Valeri Galtsev said:
> >
Once upon a time, Valeri Galtsev said:
> https://letsencrypt.org/
>
> - you will have to run web server to have certificate signed by
> them
Not necessarily - we do most of our Let's Encrypt validation with DNS
rather than HTTP.
--
Chris Adams
On 03/05/18 06:34, Nicolas Kovacs wrote:
Le 05/03/2018 à 13:30, Nux! a écrit :
You could probably just drop your CA cert in the filesystem and run a
couple of commands to get it imported, rather than having to import
the CA in the browsers individually. You could probably deliver it
via
Starting with version 3.5 of Squid, was introduced a new feature named
"*SslBump
Peek and Splice*".
With this functionality, Squid is able to intercept HTTPS traffic
transparently (with exceptions, of course).
This manner, Squid, with spike, is able to logging HTTPS traffic and apply
directives
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote:
> Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
> > Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
> >> So far, I've only been able to filter HTTP.
> >>
> >> Do any of you do transparent HTTPS filtering ? Any
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs :
>
> Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
>> So far, I've only been able to filter HTTP.
>>
>> Do any of you do transparent HTTPS filtering ? Any suggestions,
>> advice, caveats, do's and don'ts ?
>
> After a week of
Le 05/03/2018 à 13:30, Nux! a écrit :
> You could probably just drop your CA cert in the filesystem and run a
> couple of commands to get it imported, rather than having to import
> the CA in the browsers individually. You could probably deliver it
> via yum/rpm or better yet, ansible or even some
.
--
Sent from the Delta quadrant using Borg technology!
Nux!
www.nux.ro
- Original Message -
> From: "Nicolas Kovacs" <i...@microlinux.fr>
> To: "CentOS mailing list" <centos@centos.org>
> Sent: Monday, 5 March, 2018 12:04:59
> Subject: Re: [Cent
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit :
> So far, I've only been able to filter HTTP.
>
> Do any of you do transparent HTTPS filtering ? Any suggestions,
> advice, caveats, do's and don'ts ?
After a week of trial and error, transparent HTTPS filtering works
perfectly. I wrote a detailed
On Wed, Feb 28, 2018 at 06:43:50PM -0300, Marcelo Ricardo Leitner wrote:
> On Wed, Feb 28, 2018 at 10:23:31PM +0100, Nicolas Kovacs wrote:
> > Hi,
> >
> > I've been running Squid successfully on CentOS 7 (and before that on 6
> > and 5), and it's always been running nicely. I've been using it
Le 28/02/2018 à 22:43, Marcelo Ricardo Leitner a écrit :
> I did some experiments ~2 weeks ago. It worked, but I still need to
> work on the certificates. Squid will re-issue certificates for those
> connections that it intercepts, and if the browser doesn't recognize
> the CA, it's going to
Le 28/02/2018 à 22:32, Itamar Reis Peixoto a écrit :
> I recommend everyone in France to spend their money on a school with
> free internet.
I'm not sure I understand. Our students sure don't pay for accessing the
Internet.
>
> please tell us the name of your school's.
https://www.scholae.fr/
On Wed, Feb 28, 2018 at 10:23:31PM +0100, Nicolas Kovacs wrote:
> Hi,
>
> I've been running Squid successfully on CentOS 7 (and before that on 6
> and 5), and it's always been running nicely. I've been using it mostly
> as a transparent proxy filter in school networks.
>
> So far, I've only been
On 2018-02-28 06:23 PM, Nicolas Kovacs wrote:
Hi,
I've been running Squid successfully on CentOS 7 (and before that on 6
and 5), and it's always been running nicely. I've been using it mostly
as a transparent proxy filter in school networks.
So far, I've only been able to filter HTTP.
Do any
Hi,
I've been running Squid successfully on CentOS 7 (and before that on 6
and 5), and it's always been running nicely. I've been using it mostly
as a transparent proxy filter in school networks.
So far, I've only been able to filter HTTP.
Do any of you do transparent HTTPS filtering ? Any
33 matches
Mail list logo