Re: [squid-users] Wrong req_header result in cache_peer_access when using ssl_bump

On 21/07/2016 3:36 a.m., Mihai Ene wrote: >> Squid SHOULD be able to send SSL-bump decrypted traffic to a cache_peer > with 'ssl' flag set. > > But squid's source code says otherwise: > https://github.com/squid-cache/squid/blob/23f981d410009ba5aee455144d18b4178d042b34/src/FwdState.cc#L816 > >

Re: [squid-users] Windows Updates a Caching Stub zone, A windows updates store.

Hey Omid, After inspection of more data I have seen that there are couple cases which will result in disks space consumption. Windows Updates supports a variety of languages. When you have more then one or two languages the amount of cache is rapidly changes. To give some numbers to the

Re: [squid-users] ecap help ?

tks alex -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ecap-help-tp4678617p4678625.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list

Re: [squid-users] Problem site

On 07/20/2016 08:24 PM, brendan kearney wrote: Developer tools is not browser specific. Both IE and Firefox have it. Not sure about Chrome. Yes telerik fiddler is what I meant. There is a free version I use. I have not come across an open source equivalent. On Jul 20, 2016 8:12 PM,

Re: [squid-users] Problem site

Developer tools is not browser specific. Both IE and Firefox have it. Not sure about Chrome. Yes telerik fiddler is what I meant. There is a free version I use. I have not come across an open source equivalent. On Jul 20, 2016 8:12 PM, "Antony Stone"

Re: [squid-users] Problem site

On Thursday 21 July 2016 at 01:07:51, brendan kearney wrote: > I would use developer tools (press f12 in your browser) That sounds quite browser-specific - thanks for mentioning previously that you're using Firefox. > or maybe run fiddler to dig into the details. I assume you mean

Re: [squid-users] ecap help ?

On 07/20/2016 04:14 PM, joe wrote: > i need to know the function that can get the > HTTP/1.1 200 OK <---the value if its 200 or so This question is not specific to Squid. Please use eCAP Questions: https://answers.launchpad.net/ecap Alex. ___

Re: [squid-users] adaptation_access not working with squid acl's

Thank you myportname did the trick! On Jul 16, 2016 8:21 AM, "Amos Jeffries" wrote: > On 16/07/2016 2:38 a.m., Stephen Stark wrote: > > Hello, > > > > I think I figured out what the problem is but I'd appreciate if someone > > could check my reasoning. > > > > My ACL is

Re: [squid-users] Problem site

I would use developer tools (press f12 in your browser) or maybe run fiddler to dig into the details. On Jul 20, 2016 6:59 PM, "brendan kearney" wrote: > Firefox on android :) > > On Jul 20, 2016 6:34 PM, "Antony Stone" > wrote: > >> On

Re: [squid-users] Problem site

Firefox on android :) On Jul 20, 2016 6:34 PM, "Antony Stone" wrote: > On Thursday 21 July 2016 at 00:25:38, brendan kearney wrote: > > > An error occurred during a connection to e-vista.scsolutionsinc.com. SSL > > received a weak ephemeral Diffie-Hellman key

[squid-users] ecap help ?

question working on test adapter project i need to know the function that can get the HTTP/1.1 200 OK <---the value if its 200 or so pls tks -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ecap-help-tp4678617.html Sent from the Squid - Users mailing

Re: [squid-users] Problem site

On Thursday 21 July 2016 at 00:25:38, brendan kearney wrote: > An error occurred during a connection to e-vista.scsolutionsinc.com. SSL > received a weak ephemeral Diffie-Hellman key in Server Key Exchange > handshake message. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY That looks

Re: [squid-users] Problem site

On Thursday 21 July 2016 at 00:24:58, Joseph L. Casale wrote: > The squid server runs on centos 7.2, Okay. > all corporate desktops all use IE 11, Oh dear :( > they simply get a non-descriptive error in IE saying "This page can’t be > displayed" however chrome works Oh good :) > for

Re: [squid-users] Problem site

> An error occurred during a connection to http://e-vista.scsolutionsinc.com. > SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange > handshake message. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY Brendan, What tool did you use to reveal that? I checked the sites SSL

Re: [squid-users] Problem site

An error occurred during a connection to e-vista.scsolutionsinc.com. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. Error code: SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY On Jul 20, 2016 5:49 PM, "Antony Stone" wrote: On

Re: [squid-users] Problem site

> Care to add any detail to "can no longer connect"? The squid server runs on centos 7.2, all corporate desktops all use IE 11, they simply get a non-descriptive error in IE saying "This page can’t be displayed" however chrome works for example but none of the desktops have access to chrome.

Re: [squid-users] Problem site

On Wednesday 20 July 2016 at 23:38:03, Joseph L. Casale wrote: > Hi, > Recently our users can no longer connect Care to add any detail to "can no longer connect"? eg: 1. They used to be able to - when did this change? 2. What error message or response do users now see in their browser? 3.

[squid-users] Problem site

Hi, Recently our users can no longer connect to a vendor url https://e-vista.scsolutionsinc.com/evista/jsp/delfour/eVistaStart.jsp behind squid. We have a few sites that don't work well when cached and adding this domain to that acl has not helped. We are using version 3.3.8. Any suggestion as

Re: [squid-users] Squid Intercept - From inside LAN with DNAT on router and docker on host

On Wednesday 20 July 2016 at 22:44:46, Bruno de Paula Larini wrote: > Em 20/07/2016 17:10, Antony Stone escreveu: > > > > You *must* perform the DNAT on the machine running Squid, which means that > > the packets from your clients must pass through the Squid server, either > > because it is in

Re: [squid-users] Squid Intercept - From inside LAN with DNAT on router and docker on host

Em 20/07/2016 17:10, Antony Stone escreveu: My router is a Mikrotik router board, so it's trivial to setup a DNAT rule >to redirect all TCP requests to the squid server. That won't work. You*must* perform the DNAT on the machine running Squid, which means that the packets from your clients

Re: [squid-users] Squid Intercept - From inside LAN with DNAT on router and docker on host

Bruno, Yes, there is; This was also my first guess, but according to similar questions in forums and such, access.log lists such cases as TCP_DENIED/403 rather than TCP_MISS/403. I've also tried removing the ACL entry after your message, and indeed the message changes to TCP_DENIED/403. So it's

Re: [squid-users] Squid Intercept - From inside LAN with DNAT on router and docker on host

On Wednesday 20 July 2016 at 21:42:27, Guilherme Scaglia wrote: > I'm aiming for a transparent proxy - with squid in intercept mode. > > In my network setup, the squid server is inside the LAN together with its > clients, and not siting between the clients and the router/modem That will be a

[squid-users] Squid Intercept - From inside LAN with DNAT on router and docker on host

Just a basic question: is there an ACL allowing your hosts in squid.conf? Squid will promptly answer with a 403 error otherwise. Em 20/07/2016 16:42, Guilherme Scaglia escreveu: Hi. I've being trying to setup a local squid server on my home LAN to cache HTTP (not HTTPS) pages. I want to

[squid-users] Squid Intercept - From inside LAN with DNAT on router and docker on host

Hi. I've being trying to setup a local squid server on my home LAN to cache HTTP (not HTTPS) pages. I want to avoid any client configuration, so I'm aiming for a transparent proxy - with squid in intercept mode. In my network setup, the squid server is inside the LAN together with its clients,

Re: [squid-users] how to change public IP to access website on proxy squid?

And to just illustrate what can be extracted by a single JavaScript: http://myip.net.il/ Thanks, Eliezer Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il -Original Message- From: squid-users

Re: [squid-users] Wrong req_header result in cache_peer_access when using ssl_bump

> Squid SHOULD be able to send SSL-bump decrypted traffic to a cache_peer with 'ssl' flag set. But squid's source code says otherwise: https://github.com/squid-cache/squid/blob/23f981d410009ba5aee455144d18b4178d042b34/src/FwdState.cc#L816 Besides, I'm seeing that `debugs` output on line 819 in

Re: [squid-users] how to change public IP to access website on proxy squid?

On Wednesday 20 July 2016 at 16:06:22, james82 wrote: > i'm sorry. using for what is my secret. .i just want to know, can i use > squid as a proxy server to connect to internet? normal i search whatmyip > and my ip appear on that website. i want to change that ip. is it > possible? how to do it.

Re: [squid-users] how to change public IP to access website on proxy squid?

On 21/07/2016 3:04 a.m., Eliezer Croitoru wrote: > First take a look at the documents about: > http://www.squid-cache.org/Doc/config/forwarded_for/ > http://www.squid-cache.org/Doc/config/via/ > > Depends on your setup you would be able to "MASK" your IP. > But it is better done using some kind

Re: [squid-users] how to change public IP to access website on proxy squid?

First take a look at the documents about: http://www.squid-cache.org/Doc/config/forwarded_for/ http://www.squid-cache.org/Doc/config/via/ Depends on your setup you would be able to "MASK" your IP. But it is better done using some kind of VPN service rather then a proxy. Try to change\add the

Re: [squid-users] how to change public IP to access website on proxy squid?

i'm sorry. using for what is my secret. .i just want to know, can i use squid as a proxy server to connect to internet? normal i search whatmyip and my ip appear on that website. i want to change that ip. is it possible? how to do it. -- View this message in context:

Re: [squid-users] Wrong req_header result in cache_peer_access when using ssl_bump

On 20/07/2016 2:37 a.m., Mihai Ene wrote: > I did some further testing, and it would appear that even when `cache_peer` > uses `ssl` option, ERR_CANNOT_FORWARD is returned. > > I believe `cache_peer` ACLs are incompatible with `ssl_bump`ed traffic. > > These restrictions should be documented.

Re: [squid-users] how to change public IP to access website on proxy squid?

On Wednesday 20 July 2016 at 09:24:21, james82 wrote: > i don't know how to find that ip you ask me. how to find it in terminal? You said "I want to change my public iP to access website." What do you want to change it to? Antony. -- Tax inspectors are just accountants who work for the evil

Re: [squid-users] how to change public IP to access website on proxy squid?

i don't know how to find that ip you ask me. how to find it in terminal? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/how-to-change-public-IP-to-access-website-on-proxy-squid-tp4678593p4678595.html Sent from the Squid - Users mailing list archive at

Re: [squid-users] how to change public IP to access website on proxy squid?

On Wednesday 20 July 2016 at 08:53:47, james82 wrote: > I want to change my public iP to access website. change out going package > to capture it. how to change it in squid? 1. Show us the output of /sbin/ifconfig on your Squid machine. 2. Tell us the IP address you want Squid to use. Antony.

[squid-users] how to change public IP to access website on proxy squid?

I want to change my public iP to access website. change out going package to capture it. how to change it in squid? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/how-to-change-public-IP-to-access-website-on-proxy-squid-tp4678593.html Sent from the Squid -