Re: [squid-users] Squid is not worked in OpenVZ VPS.

A simple test, and quick fix. ping6 ipv6.google.com No reply. Add in your interfaces : auto 6to4 iface 6to4 inet6 6to4 local YOUR_EXTERNAL_IP ifup 6to4 and ping6 ipv6.google.com again. Not the most elegant solution but works here for me. Greetz, Louis > -Oorspronkelijk

Re: [squid-users] Squid proxy whitelisting with HTTPS URL filtering

On 2015-12-29 04:55, joru.pacs wrote: Hi! Currently, I am using the version squid-3.5.12. I have configure the SSL bump this way: http_port 8080 ssl-bump \ cert=/usr/local/squid/etc/ssl_cert/myCA.pem \ generate-host-certificates=on dynamic_cert_mem_cache_size=4MB acl step1 at_step

Re: [squid-users] Assign multiple IP Address to squid

Hi all Thanks for reply. I have this squid setup and I am using squid as my router and my requirement is like I have one local webserver and I want to access it from home and I want to nat external ip to internal ip so that I can access my local machine from outside network. My ISP gave 10

Re: [squid-users] sslBump, squid in transparent mode

On 2015-12-29 07:46, Eugene M. Zheganin wrote: Hi. I'm still trying to figure out why I get certificate generated for IP address instead of hostname when the HTTPS traffic is intercepted bu sllBump-enable squid. I'm using iptables to do this: rdr on $iifs inet proto tcp from 192.168.0.0/16 to

Re: [squid-users] Host header forgery policy in service provider environment

On 2015-12-31 00:01, Garri Djavadyan wrote: Hello Squid members and developers! First of all, I wish you a Happy New Year 2016! The current Host header forgery policy effectively prevents a cache poisoning. But also, I noticed, it deletes verified earlier cached object. Is it possible to

Re: [squid-users] squid3 / debian stable / please update to 3.4.14

On 2015-12-30 03:26, massimo.s...@asl.bergamo.it wrote: ciao Luigi I ask to update the distro to squid 3.4.14, the last stable version, released in august. Rationale : 1) various bugs and memory leaks fixed; 2) security fix for CVE 2015 5400; 3) support for Alternate-Protocol HTTP header. I

Re: [squid-users] Assign multiple IP Address to squid

On 2015-12-31 21:55, Reet Vyas wrote: Hi all Thanks for reply. I have this squid setup and I am using squid as my router and my requirement is like I have one local webserver and I want to access it from home and I want to nat external ip to internal ip so that I can access my local machine

Re: [squid-users] Assign fu,multiple IP Address to squid

-Original Message- From: "Amos Jeffries" Sent: ‎12/‎31/‎2015 2:42 PM To: "squid-users@lists.squid-cache.org" Subject: Re: [squid-users] Assign multiple IP Address to squid On 2015-12-31 21:55, Reet Vyas wrote: > Hi all > >

Re: [squid-users] Refresh pattern issue in squid 3.1.20

On 31/12/2015 00:48, SaRaVanAn wrote: Hi, All, I tired suggested refresh pattern, still i was getting TCP_HIT/MEM_HIT. It's not getting refreshed after 10 minutes. *Conf* refresh_pattern -i ^http://[a-z\-\_\.A-Z0-9]+\.wsj\.(net|net|com|edu)/ 10 200% 10 override-expire override-lastmod

[squid-users] youtube video, caching, disabling QUIC

When you request a video on Youtube, its web servers send two new HTTP headers to the browser : alt-svc alternate-protocol suggesting to the browser to switch to the new protocol QUIC. Unfortunately 1) QUIC, working over UDP, is not cacheable by squid 3.4 2) even if

Re: [squid-users] problem with squidGuard redirect page after upgrading squid

On 2015-12-29 11:46, George Hollingshead wrote: I've had squid3.0 running with squidGuard on my old ubuntu 10.04 system with no problems for a few months now. I just recently was enlightened by Yuri how to compile using a local copy of openssl so i could upgrade to latest squid. This was a

Re: [squid-users] squid3 / debian stable / please update to 3.4.14

> you are better off building the more up to date 3.5 version available > from Stretch/Testing repository. I disagree with this one, use SID and not testing, testing has a longer delay in security updates and is updated after unstable. See : https://www.debian.org/security/faq Greetz,

Re: [squid-users] Refresh pattern issue in squid 3.1.20

On 2015-12-31 22:35, Eliezer Croitoru wrote: On 31/12/2015 00:48, SaRaVanAn wrote: Hi, All, I tired suggested refresh pattern, still i was getting TCP_HIT/MEM_HIT. It's not getting refreshed after 10 minutes. *Conf* refresh_pattern -i ^http://[a-z\-\_\.A-Z0-9]+\.wsj\.(net|net|com|edu)/ 10

Re: [squid-users] squid3 / debian stable / please update to 3.4.14

Hi Amos > Hi Massimo, why cc'ing squid-users? nothing this list can do about it. Package update : I know, it is a topic for debian users and package maintainer, so strictly speaking it is off-topic. youtube video, disabling QUIC : I think it will be of general interest, I switch to a

Re: [squid-users] youtube video, caching, disabling QUIC

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 # Disable alternate protocols request_header_access Alternate-Protocol deny all reply_header_access Alternate-Protocol deny all + (additional recommended) on network equipment: ! Cisco, for example remark Deny alternate protocols deny udp

Re: [squid-users] youtube video, caching, disabling QUIC

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 http://wiki.squid-cache.org/KnowledgeBase/Block%20QUIC%20protocol 31.12.15 19:45, massimo.s...@asl.bergamo.it пишет: > When you request a video on Youtube, its web servers send two new HTTP > headers to the browser : > > alt-svc >

Re: [squid-users] Squid proxy removing Transfer-Encoding header

Alex Rousskov measurement-factory.com> writes: > > On 12/30/2015 02:24 PM, Aashima wrote: > > > So it is like client -> Squid -> APP and return > > If App return Transfer-Encoding header to Squid, Squid removes that response > > header and forwards rest to Client. > > > > Am not getting

[squid-users] squid+ssl and CPU load 100%

I have squid Squid Cache: Version 3.5.7 I don't know how to ask about this, But I'm getting 100% load and squid don't accept connection anymore, my cache.log show me this. 2015/12/31 14:27:15.869 kid2| bio.cc(942) parseV3ServerHello: TLS Extension: 0 of size:0 2015/12/31 14:27:15.869 kid2|

Re: [squid-users] squid+ssl and CPU load 100%

On 31-12-2015 15:00, Alex Rousskov wrote: > On 12/31/2015 10:58 AM, lucas castro wrote: >> I have squid >> Squid Cache: Version 3.5.7 >> >> I don't know how to ask about this, >> But I'm getting 100% load and squid don't accept connection anymore, >> my cache.log show me this. >> >> 2015/12/31

Re: [squid-users] squid+ssl and CPU load 100%

On 12/31/2015 10:58 AM, lucas castro wrote: > I have squid > Squid Cache: Version 3.5.7 > > I don't know how to ask about this, > But I'm getting 100% load and squid don't accept connection anymore, > my cache.log show me this. > > 2015/12/31 14:27:15.869 kid2| bio.cc(942) parseV3ServerHello: