Re: [squid-users] ssl bump certificate question

On Wed, Sep 7, 2016 at 3:05 PM, Marcus Kool wrote: > > slightly off topic: what is the easiest way to install a cert on a > smartphone? > I looked for an app but did not find one. > > Look for some MDM solutions. That's not really an option for one (personal) phone,

Re: [squid-users] ssl bump certificate question

On Thursday 08 September 2016 at 00:06:02, Marcus Kool wrote: > slightly off topic: what is the easiest way to install a cert on a > smartphone? I looked for an app but did not find one. On my Android 4.2.2 device: Settings -> Security -> Trusted credentials: "Display trusted CA certificates"

Re: [squid-users] ssl bump certificate question

On 09/07/2016 05:58 PM, Antony Stone wrote: On Wednesday 07 September 2016 at 22:55:06, Yuri Voinov wrote: 08.09.2016 2:25, erdosain9 пишет: Hi. A query. Sslbump is possible without installing the certificate, machine by machine ??? Bump impossible. Splice - possible. Is there any way

Re: [squid-users] ssl bump certificate question

On 09/07/2016 05:58 PM, Antony Stone wrote: On Wednesday 07 September 2016 at 22:55:06, Yuri Voinov wrote: 08.09.2016 2:25, erdosain9 пишет: Hi. A query. Sslbump is possible without installing the certificate, machine by machine ??? Bump impossible. Splice - possible. Is there any way

Re: [squid-users] ssl bump certificate question

"I believe he wants a mechanism for squid to be able to provide the fake CA certificate to the browser" Exactly. ok, no possible then. Thanks -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ssl-bump-certificate-question-tp4679409p4679413.html Sent

Re: [squid-users] ssl bump certificate question

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 08.09.2016 2:58, Antony Stone пишет: > On Wednesday 07 September 2016 at 22:55:06, Yuri Voinov wrote: > >> 08.09.2016 2:25, erdosain9 пишет: >>> Hi. >>> A query. Sslbump is possible without installing the certificate, >>> machine by machine ???

Re: [squid-users] ssl bump certificate question

On Wednesday 07 September 2016 at 22:55:06, Yuri Voinov wrote: > 08.09.2016 2:25, erdosain9 пишет: > > Hi. > > A query. Sslbump is possible without installing the certificate, > > machine by machine ??? > > Bump impossible. Splice - possible. > > > Is there any way that this certificate Squid

Re: [squid-users] ssl bump certificate question

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 08.09.2016 2:25, erdosain9 пишет: > > Hi. > A query. Sslbump is possible without installing the certificate, machine by > machine ??? Bump impossible. Splice - possible. > > Is there any way that this certificate Squid SUBMIT ?? Cant understand

[squid-users] ssl bump certificate question

Hi. A query. Sslbump is possible without installing the certificate, machine by machine ??? Is there any way that this certificate Squid SUBMIT ?? sorry for my english. Thanks! -- View this message in context:

Re: [squid-users] subnet forward

to be sure that the link speed and duplex is OK, you need to look at both sides. Marcus On 09/07/2016 01:01 PM, Pol Hallen wrote: Since you have an ancient version of Squid I am assuming that you also have ancient hardware. :-) NIC are not so ancient :-) hw also.. Settings for eth0:

Re: [squid-users] Windows Updates a Caching Stub zone, A windows updates store.

Hey Omid, For now the software is restricted only to windows updates which is protected and secured enough to sustain caching. About Mozilla, I need to verify it before I am doing anything about it. From my point of view it is hosted on Akamai and HSTS is restricting couple things on their

Re: [squid-users] compliled squid size

On 07.09.16 09:02, mzgmedia wrote: I've tried to compile squid with the same params as on www1.ngtech.co.il/repo/ but the binnary size of the squid is 50M but the one from the repo is only 6M, any idea why? apparently unstriped binary (compiled/linked without the "-s" flag) -- Matus UHLAR -

[squid-users] compliled squid size

hello I've tried to compile squid with the same params as on www1.ngtech.co.il/repo/ but the binnary size of the squid is 50M but the one from the repo is only 6M, any idea why? -- View this message in context:

Re: [squid-users] subnet forward

Since you have an ancient version of Squid I am assuming that you also have ancient hardware. :-) NIC are not so ancient :-) hw also.. Settings for eth0: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half

Re: [squid-users] windows update not working squid 3.5.2

On 7/09/2016 9:08 p.m., --Ahmad-- wrote: > its same not caching at all > 1473239296.459990 192.168.0.10 TCP_MISS/206 1049144 GET > http://fg.v4.download.windowsupdate.com/d/msdownload/update/driver/drvs/2015/10/26767_cec6101480492a8c7be6e668ff3284626a787359.cab > -

Re: [squid-users] TCP_RESET non http requests on port 80

On 09/07/2016 01:56 AM, Matus UHLAR - fantomas wrote: > and how is this done? Which system or library call does drop connection to > send a RST immediately? This is not a squid-users question, but Squid calls comm_reset_close() (quoted below) to reset the connection. That function uses zero

Re: [squid-users] Transparent Proxy

On 7/09/2016 9:27 p.m., Antony Stone wrote: > On Wednesday 07 September 2016 at 10:51:49, John Sayce wrote: > FYI: Jon. Please be careful about yoru use of teh word "forward" and "forwarding". Both NAT and routing are methods of forwarding, but which one is used at each particular step of the

Re: [squid-users] subnet forward

On 09/07/2016 10:05 AM, Pol Hallen wrote: Hello all :-) I'm sorry if this couldn't squid problem.. honestly I don't know.. I've a small lan: dsl<-WAN_NIC0_192.168.5.0/30->lan1_192.168.10.0/24 (NIC1)<-->switch+AP lan2_192.168.1.0/24 (NIC2)<--->switch+AP I've

Re: [squid-users] subnet forward

On Wednesday 07 September 2016 at 15:05:25, Pol Hallen wrote: > I've a small lan: > > dsl<-WAN_NIC0_192.168.5.0/30->lan1_192.168.10.0/24 (NIC1)<-->switch+AP >lan2_192.168.1.0/24 (NIC2)<--->switch+AP > > I've squid server v.3.1.20 on 192.168.1.20 > > from

Re: [squid-users] Transparent Proxy

On Wednesday 07 September 2016 at 10:51:49, John Sayce wrote: > I believe so. The specific command I used was: > > iptables -t nat -A PREROUTING -i ens33 -p tcp --dport 80 -j REDIRECT > --to-port 3128 > > (For some reason my adapter is ens33, I have no idea why it's not eth0. > Squid is set

Re: [squid-users] windows update not working squid 3.5.2

also here is squid -k parse not sure if it helps : root@raspberrypi:~# squid -k parse 2016/09/07 09:10:44| Startup: Initializing Authentication Schemes ... 2016/09/07 09:10:44| Startup: Initialized Authentication Scheme 'basic' 2016/09/07 09:10:44| Startup: Initialized Authentication Scheme

Re: [squid-users] windows update not working squid 3.5.2

its same not caching at all 1473239296.459990 192.168.0.10 TCP_MISS/206 1049144 GET http://fg.v4.download.windowsupdate.com/d/msdownload/update/driver/drvs/2015/10/26767_cec6101480492a8c7be6e668ff3284626a787359.cab - ORIGINAL_DST/8.254.191.254 application/octet-stream 1473239296.576

Re: [squid-users] regarding to "cache videos" plugin now as open source

Might be usable. Question is, how effective it will be on overall traffic, as most famous/accessed videos to be found on youtube. Which uses https, in my area, at least. -- View this message in context:

Re: [squid-users] windows update not working squid 3.5.2

Hai,   Change this part : # range_offset_limit 5 Gb windowsupdate maximum_object_size 5 Gb quick_abort_min -1 #   To   range_offset_limit 0 quick_abort_min 0 KB quick_abort_max 0 KB quick_abort_pct 90   and see what happens.     Greetz,   Louis      

Re: [squid-users] Transparent Proxy

I believe so. The specific command I used was: iptables -t nat -A PREROUTING -i ens33 -p tcp --dport 80 -j REDIRECT --to-port 3128 (For some reason my adapter is ens33, I have no idea why it's not eth0. Squid is set to run on 3128.) And after running this command port 80 now shows as being

[squid-users] Transparent Proxy

I'm trying to set up a transparent proxy but I'm fairly sure I'm missing something. I've followed the instructions on the juniper website along with a couple of other blogs as per: https://damn.technology/using-squid-juniper-pbr-transparent-proxy

Re: [squid-users] TCP_RESET non http requests on port 80

On 05.09.16 23:32, Omid Kosari wrote: Filed a bug report http://bugs.squid-cache.org/show_bug.cgi?id=4585 On 09/06/2016 08:36 AM, Matus UHLAR - fantomas wrote: I wonder if this is doable at all. On 06.09.16 12:02, Alex Rousskov wrote: Yes, and Squid supports it in other contexts. and

Re: [squid-users] Debugging NTLM problem

Dear Amos,   i found the problem. It was a samba issue caused by badlock patch implementation. Thanks for your assistance and sorry for my wrong mailing-list post, i should have check better the samba logs.   Giulius.   Sent: Saturday, September 03, 2016 at 4:43 AM From: "Amos Jeffries"

Re: [squid-users] windows update not working squid 3.5.2

thanks for reply but i still don’t see even the hdd drive getting increasing when windows updates go on i tested it on windows 7 i never seen TCP_HIT and the hdd size still the same !!! here is again my squid.conf in final form on my server : root@raspberrypi:~# cat

Re: [squid-users] windows update not working squid 3.5.2

I also have these for windows updates.   acl windowsupdate dstdomain au.download.windowsupdate.com acl windowsupdate dstdomain ds.download.windowsupdate.com acl windowsupdate dstdomain ctldl.windowsupdate.com acl windowsupdate dstdomain .data.microsoft.com acl windowsupdate dstdomain