[squid-users] Linking with *SSL

Hi! When we worked on squid port on FreeBSD one of the FreeBSD user (Bernard Spil) noticed: When working on this, I ran into another issue. Perhaps maintainer can fix that with upstream. I've now added LIBOPENSSL_LIBS="-lcrypto -lssl" because of configure failing in configure.ac line 1348. >

Re: [squid-users] How to analyse squid memory usage

Thanks Amos - Not sure how self-explanatory the output is, though. I’ve attached the output from a site with a 12GB server where top was showing 2.9GB allocated to squid (this is normal e.g. “the control"). But the mem output shows the allocated total as ~1GB, apparently? Maybe things will

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Very interesting, thank you both. On Tue, May 10, 2016 at 2:23 PM, Yuri Voinov wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > > > 11.05.16 2:57, Eliezer Croitoru пишет: > > > > Hey, > > > > > > > > You can always use a TOS from squid to mark connections

[squid-users] Would it be possible to run a http to https gateway using squid?

I was wondering to myself, If I can generate certificates and bump the connection, I can use a 302\308 to redirect all traffic from https to a http(intercepatble) connection. Then on the http interceptor rewrite the request into https. I have a working setup which uses a redirection "attack" to

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 11.05.16 2:57, Eliezer Croitoru пишет: > > Hey, > > > > You can always use a TOS from squid to mark connections and\or users and to somehow create some policy case on that. Sure, Eliezer. I've forgot about TOS. Good point. > > I have used more

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 11.05.16 2:11, J Green пишет: > Fair criticisms, yes. But an interesting problem, no? And I think I am > close to getting something somewhat functional, using various pieces of hardware and software. Is it a slick solution? Not at all.

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Fair criticisms, yes. But an interesting problem, no? And I think I am close to getting something somewhat functional, using various pieces of hardware and software. Is it a slick solution? Not at all. But it just might work more or less. Small could be 10MB. Large is larger. On Tue, May

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I think change is posing the problem. "Big" and "small", it seems to me, is too vague a criterion. Plus direct solution assumes continious control of each connection at all and accounting at all. What, in my opinion, a bit crazy. 11.05.16 1:59, J

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

>From what I understand, it is traffic policing, as opposed to traffic shaping. The goal is to block transfer of large files over various TCP protocols, while allowing small files. Thank you all, for your input. On Tue, May 10, 2016 at 12:55 PM, Yuri Voinov wrote: > >

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 And, incidentally, smoke manuals - Cisco either enables traffic shaping or limit the speed on ports, protocols, networks, clients and so on. :) As you wish. :) Its possibilities are limited only version of the software platform, and your ability

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You can not pull the owl on the globe. ) By the way, I'm not sure what he was trying to achieve this :) 11.05.16 1:45, Adam W. Dace пишет: > Back in the day, I used "traffic shaping" on the Cisco router to achieve that > sort of thing. It

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

Back in the day, I used "traffic shaping" on the Cisco router to achieve that sort of thing. It actually changes the traffic to fit your Internet link, versus limiting per-connection speed. Still, this is off-topic. Anyways, consult your CIOS documentation and good luck! :) Regards, Adam On

[squid-users] Squid 3.5.19 for Microsoft Windows 64-bit is available

Greetings everyone, The CygWin based build of Squid proxy for Microsoft Windows version 3.5.19 is now available (amd64 only!). * Original release notes are at http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.19-RELEASENOTES.html. * Ready to use MSI package can be downloaded from

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 SARG or SquidAnalyzer, in general, has reports with denied and donwloads logging. This information (excluding the access restrictions) are usually not found in the logs immediately, it takes some processing. 10.05.16 23:41, J Green пишет: > That

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

That is fair, re intended use. But yes, management want to know if users are attempting to circumvent policy. Re analyzing logs, I did not see this logged anywhere. Is there perhaps a debug mode which I need to enable? Thank you. On Tue, May 10, 2016 at 10:29 AM, Yuri Voinov

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Furthermore, the proxy server itself is not a billing system. Accounting as task can be solved by the third software analyzing access logs. 10.05.16 23:25, J Green пишет: > So back to the intended use cases for HTTP, HTTPS, & FTP , how can you

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 First, upload is PUT method usage. Most common HTTP/HTTPS is GET/HEAD methods. Second, logging of all things is not my goal. For me, it is sufficient that the restrictions imposed by me in accordance with the policy. The amount of downloads for

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

So back to the intended use cases for HTTP, HTTPS, & FTP , how can you log violations of maximum download/upload size? I see an error message generated on the client system, but not w/in Squid. Thank you. On Mon, May 9, 2016 at 10:12 AM, Yuri Voinov wrote: > > -BEGIN

Re: [squid-users] Can Traffic Management Settings be configured for other TCP protocols?

At the host level? Was hoping for something at the network level. On Mon, May 9, 2016 at 10:06 PM, Amos Jeffries wrote: > On 2016-05-10 06:05, J Green wrote: > >> Appreciate the response. Thought it might work if I added those ports >> to the safe list. >> > > The

Re: [squid-users] Use arp and time acls to control access

On 10.05.16 12:53, TarotApprentice wrote: I'm trying to restrict internet access of certain devices to certain times of the day. My config looks like: acl devicename1 arp aa:bb:cc:dd:ee:ffacl devicename2 arp aa:bb:cc:ff:ee:ddacl usertime time MTWHF 06:30-08:00acl usertime time MTWHF

Re: [squid-users] Use arp and time acls to control access

On 11/05/2016 12:53 a.m., TarotApprentice wrote: > I'm trying to restrict internet access of certain devices to certain > times of the day. My config looks like: acl devicename1 arp > aa:bb:cc:dd:ee:ffacl devicename2 arp aa:bb:cc:ff:ee:ddacl usertime > time MTWHF 06:30-08:00acl usertime time MTWHF

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

Ralf Hildebrandt wrote > * alesironi > alesironi@ > : > >> maybe I do not understandbut this is HTTPS and you can see it >> (#33legend >> :) ) >> https://www.youtube.com/watch?v=pI470DZhojA > > Really? On my proxy I cannot see the URL, hm. > But anyway: You cannot deduce the CONTENTS of

[squid-users] Use arp and time acls to control access

I'm trying to restrict internet access of certain devices to certain times of the day. My config looks like: acl devicename1 arp aa:bb:cc:dd:ee:ffacl devicename2 arp aa:bb:cc:ff:ee:ddacl usertime time MTWHF 06:30-08:00acl usertime time MTWHF 18:00-22:30 http_access allow devicename1

Re: [squid-users] SSL Bump missing facebook app traffic (resumed SSL sessions?)

On 9/05/2016 10:05 p.m., Cohen-Rose, Adam wrote: > Hi there, > > We¹re running squid with SSL bump as a transparent proxy in order to > control access to particular SSL sites. > > We¹ve noticed an issue with access to facebook from within the facebook > app -- specifically it can get through the

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 and with bump we can see: https://i1.someimage.com/dG6Y2S9.png :) Secure, heh? :) 10.05.16 18:17, Matus UHLAR - fantomas пишет: >>> * alesironi : >>> > The problem is that on Squid log file (ACCESS.LOG) the URL I see

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

* alesironi : > The problem is that on Squid log file (ACCESS.LOG) the URL I see is > similar to this: > > r10---sn-4g57knd7.googlevideo.com:443 Ralf Hildebrandt schrieb am Di., 10. Mai 2016 um 11:10 Uhr: 443 = https = encrypted meaning: You

Re: [squid-users] sahibinden.com fails with https bump

On 10/05/2016 10:34 p.m., turgut kalfaoğlu wrote: > Hello everyone.. > > My setup -- this is for speeding up the home ADSL.. > > https_port 3129 intercept ssl-bump \ > generate-host-certificates=on dynamic_cert_mem_cache_size=4MB \ > cert=/etc/squid/ssl_cert/myca.pem

Re: [squid-users] sahibinden.com fails with https bump

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Direct connect with bypass squid gives following error: ssl_error_unrecognized_name_alert I.e. server certificate has no CN for this FQDN, or has different CN. In this and in another case, the problem of the site and the webmaster. Please

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 10.05.16 16:07, Amos Jeffries пишет: > On 10/05/2016 9:56 p.m., Ralf Hildebrandt wrote: >>> Once you know the legal situation look into >>> . You will also >>> need to be using the latest

Re: [squid-users] sahibinden.com fails with https bump

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 My Squid gives the following error: https://i1.someimage.com/xnPCOFO.png Need more research, but seems better to write site's webmaster. 10.05.16 16:34, turgut kalfaoğlu пишет: > Hello everyone.. > > My setup -- this is for speeding up the

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

On 10/05/2016 8:58 p.m., alesironi wrote: > > I'm assuming then that there's no way to understand the content of the > youtube video? Even if it's publicly available? You misunderstand the scope of what is publicly visible. The only thing that is publicly visible is the https:// URL. Firstly,

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

> Once you know the legal situation look into > . You will also > need to be using the latest Squid packages (3.5.19 or 4.0.10 today) and > regularly updating. TLS interception is an arms race situation that is > constantly changing both the

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

* alesironi : > maybe I do not understandbut this is HTTPS and you can see it (#33legend > :) ) > https://www.youtube.com/watch?v=pI470DZhojA Really? On my proxy I cannot see the URL, hm. But anyway: You cannot deduce the CONTENTS of the video from the URL (unless you'd

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

> Thanks but back to my problem , my goal is to understand the YOUTUBE video > watched by the user (given that is publicly available). Do you have any > suggestion on that? You can't. It's all encrypted. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

Bjoern Meier wrote > hi, > > >1. > > Ralf Hildebrandt > Ralf.Hildebrandt@ > schrieb am Di., 10. Mai 2016 > um 11:26 Uhr: > >> * Bjoern Meier > bjoern.meier@ > : >> > hi, >> > >> > Ralf Hildebrandt > Ralf.Hildebrandt@ > schrieb am Di., 10. Mai >> 2016 >> > um 11:10 Uhr: >> > >> >

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

Ralf Hildebrandt wrote > * Bjoern Meier > bjoern.meier@ > : >> hi, >> >> Ralf Hildebrandt > Ralf.Hildebrandt@ > schrieb am Di., 10. Mai 2016 >> um 11:10 Uhr: >> >> > * alesironi > alesironi@ > : >> > >> > > The problem is that on Squid log file (ACCESS.LOG) the URL I see is >> >

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

hi, 1. Ralf Hildebrandt schrieb am Di., 10. Mai 2016 um 11:26 Uhr: > * Bjoern Meier : > > hi, > > > > Ralf Hildebrandt schrieb am Di., 10. Mai > 2016 > > um 11:10 Uhr: > > > > > * alesironi

[squid-users] DNS-Errors ... squid-cache.org

Hello, has anybody an idea where this errors come from, or what is causing them? May 10 11:21:00 lxwaldivm-001 named[30098]: error (unexpected RCODE REFUSED) resolving 'lists.squid-cache.org/MX/IN': 173.255.241.90#53 May 10 11:21:01 lxwaldivm-001 named[30098]: error (connection refused)

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

* Bjoern Meier : > hi, > > Ralf Hildebrandt schrieb am Di., 10. Mai 2016 > um 11:10 Uhr: > > > * alesironi : > > > > > The problem is that on Squid log file (ACCESS.LOG) the URL I see is > > similar > > > to this: > > > >

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

Bjoern Meier wrote > hi, > > Ralf Hildebrandt > Ralf.Hildebrandt@ > schrieb am Di., 10. Mai 2016 > um 11:10 Uhr: > >> * alesironi > alesironi@ > : >> >> > The problem is that on Squid log file (ACCESS.LOG) the URL I see is >> similar >> > to this: >> > >> >

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

hi, Ralf Hildebrandt schrieb am Di., 10. Mai 2016 um 11:10 Uhr: > * alesironi : > > > The problem is that on Squid log file (ACCESS.LOG) the URL I see is > similar > > to this: > > > > r10---sn-4g57knd7.googlevideo.com:443 > > 443 = https =

Re: [squid-users] Understand GOOGLEVIDEO Url from access.log

* alesironi : > The problem is that on Squid log file (ACCESS.LOG) the URL I see is similar > to this: > > r10---sn-4g57knd7.googlevideo.com:443 443 = https = encrypted meaning: You cannot know. -- Ralf Hildebrandt Charite Universitätsmedizin Berlin

[squid-users] Understand GOOGLEVIDEO Url from access.log

Hello everyone sorry if it's a stupid question but I'm a newbie of SQUID and PROXIES as well. I have SQUID installed on UBUNTU, working fine, only authorized users can use the proxy. Some users are watching youtube videos (I can see from the log files); our rules are pretty simple and basic,

Re: [squid-users] How to analyse squid memory usage

On 10/05/2016 2:35 p.m., Dan Charlesworth wrote: > A small percentage of deployments of our squid-based product are using oodles > of memory—there doesn’t seem to be a limit to it. > > I’m wondering what the best way might be to analyse what squid is reserving > it all for in the latest 3.5