On 21/05/22 04:51, Suporte - Konntrol wrote:
Hello everyone,
Greetings.
I got a strange situation with my SQUID 4.1 (FreeBSD 12.2 Stable
environment).
Everything was working fine with Kerberos configuration and suddenly it
stopped with the following error:
==> /var/squid/logs/cache.log
On 20/05/22 23:26, robert k Wild wrote:
Sorry I'm a bit thick
Don't be. These things beyond plain-text HTTP are unfortunately a bit
complex.
The key thing to remember is that Squid is dealing with *layers* of
protocols wrapped around each other.
This wiki page
On 20/05/22 19:44, Praveen Ponakanti wrote:
Hi Alex,
Thanks for going through several steps to help mitigate src port
exhaustion. We are looking to achieve 400-500% more
concurrent connections if we could :) as there is a significant buffer
on the available CPU.
Then you require at least
Your solution may "works", but only partial.
Diving back to your original request:
On 20/05/22 02:25, robert k Wild wrote:
> hi all,
>
> want to make the below into a regex as after the io..., could be any
> number and letter, the - stays in the same position but to make it
> simple i just
Hello everyone,
Greetings.
I got a strange situation with my SQUID 4.1 (FreeBSD 12.2 Stable
environment).
Everything was working fine with Kerberos configuration and suddenly it
stopped with the following error:
==> /var/squid/logs/cache.log <==
negotiate_kerberos_auth.cc(182):
Sorry I'm a bit thick
So I've read SSL::server_name_regex which uses sni is better than
dstdomain_regex
So I think I'm better of using the sni one then ?
On Fri, 20 May 2022, 12:20 Matus UHLAR - fantomas,
wrote:
> On 20.05.22 11:21, robert k Wild wrote:
> >So for SSL inspection, for squid to
On 20.05.22 11:21, robert k Wild wrote:
So for SSL inspection, for squid to look into the URl headers, what's the
better one
Server name or
DST domain
I thought I have explained it:
dstdom_regex is from the request, not from the SSL data.
On Fri, 20 May 2022, 11:12 Matus UHLAR -
So for SSL inspection, for squid to look into the URl headers, what's the
better one
Server name or
DST domain
Thanks,
Rob
On Fri, 20 May 2022, 11:12 Matus UHLAR - fantomas,
wrote:
> On 19.05.22 19:29, robert k Wild wrote:
> >Think I found it but, what the difference between these two
> >
>
On 19.05.22 19:29, robert k Wild wrote:
Think I found it but, what the difference between these two
acl aclname ssl::server_name_regex [-i] \.foo\.com ...
this one is taken from SNI option when squid looks at SSL handshake
parameters.
acl aclname dstdom_regex [-n] [-i] \.foo\.com ...