Re: [squid-users] SquidBlocker stable release 0.3.10 RPM

Hey Yuri, I have compiled the services for solaris and windows and can be downloaded at: http://ngtech.co.il/squidblocker/downloads/ Also I am publishing the client source code at: https://github.com/elico/squidblocker-client This is one piece of the puzzle that takes a very high load. One

Re: [squid-users] ETA for Bug 3775

On 09/14/2015 08:09 PM, Nicolaas Hyatt wrote: > Recent Backtrace: 2015-09-14 > Squid Cache: Version 3.5.8-20150910-r13912 > Backtrace Follows: > #0 0x7774c210 in ssl23_put_cipher_by_char () from > /lib64/libssl.so.10 This does not look like Bug 3775 to me -- that bug has a different

Re: [squid-users] redirect directly to error page

On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote: we have squidguard on a few servers and I'd like to redirect client's request directly to squid's error page, e.g. ERR_ACCESS_DENIED Is that possible directly through e.g. internal URL, or do I have to play with special page and acl? (it

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

On 15.09.15 22:45, Yuri Voinov wrote: Does anyone know - is it possible to send the connection, starting with the CONNECT, to cache-peer? cache_peer_access with proper ACLs should do that. note that always_direct can avoid it. I need to send some sites, defined by ACL, connections with

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 There is no answer. 15.09.15 23:31, Matus UHLAR - fantomas пишет: > On 15.09.15 23:27, Yuri Voinov wrote: >> Is it possible to specifically - how exactly it is necessary to write >> the configuration? The fact is that any variations on a similar

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Antony, thank your for answer. My problem is a bit specific. I have some permanently ISP-banned sites. I need to pass-through it from transparent interception Squid to cache_peer - both plain HTTP and HTTPS tunnels without decryption. Sites

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

On 15.09.15 22:45, Yuri Voinov wrote: Does anyone know - is it possible to send the connection, starting with the CONNECT, to cache-peer? 15.09.15 23:17, Matus UHLAR - fantomas пишет: cache_peer_access with proper ACLs should do that. note that always_direct can avoid it. On 15.09.15

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I asked a specific question. How does Squid as a whole - I am well aware. Before asking a question - I tried everything I seemed right. And I asked, hoping to get a specific answer or intelligible explanation, not the common words and sentences to

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I want to get the answer the people who did it. And not those that suggest that they could do it. 15.09.15 23:42, Matus UHLAR - fantomas пишет: >>> On 15.09.15 22:45, Yuri Voinov wrote: Does anyone know - is it possible to send the

Re: [squid-users] redirect directly to error page

On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote: > Hello, > > we have squidguard on a few servers and I'd like to redirect client's > request > directly to squid's error page, e.g. ERR_ACCESS_DENIED > Is that possible directly through e.g. internal URL, or do I have to play > with special

[squid-users] Squid fails to pass on HEAD requests to parent

In our network we are behind a proxy that I don't have access to. In order to speed up deployments and development I am trying to set up a caching squid proxy for yum and maven repositories. Naturally, this proxy needs to be configured to use our company's global proxy as parent. I have

Re: [squid-users] Squid fails to pass on HEAD requests to parent

On 15 September 2015 at 17:18, Martin Dietze wrote: > To me it seems like my squid does not understand it needs to use the > global proxy for HEAD requests as well as for GET. But I could not find any > reference to this particular problem anywhere in the web. I have found a

[squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Does anyone know - is it possible to send the connection, starting with the CONNECT, to cache-peer? I'll try to explain. I need to send some sites, defined by ACL, connections with starts with CONNECT (443 port), to the cache_peer first? Rather

Re: [squid-users] Lots of "Vary object loop!"

On 15/09/2015 9:16 a.m., Sebastián Goicochea wrote: > I could finally isolate the problem, it only happens if you are using > collapsed_forwarding. > > If you want, you can use this script to replicate it: > > #!/bin/bash > H='--header' > > echo "With Firefox" > wget -d \ > $H='Accept: >

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

On 15.09.15 22:45, Yuri Voinov wrote: Does anyone know - is it possible to send the connection, starting with the CONNECT, to cache-peer? 15.09.15 23:17, Matus UHLAR - fantomas пишет: cache_peer_access with proper ACLs should do that. note that always_direct can avoid it. On 15.09.15

Re: [squid-users] redirect directly to error page

On 09/15/2015 03:50 AM, Amos Jeffries wrote: > The right way to perform access authorization is with the http_access or > adapted_http_access rules. That is also the only way to *generate* > ERR_ACCESS_DENIED. For completeness sake, it is also possible to deny a request using eCAP blockVirgin()

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Is it possible to specifically - how exactly it is necessary to write the configuration? The fact is that any variations on a similar theme cause assertion. 15.09.15 23:17, Matus UHLAR - fantomas пишет: > On 15.09.15 22:45, Yuri Voinov wrote: >>

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

On 15.09.15 23:27, Yuri Voinov wrote: Is it possible to specifically - how exactly it is necessary to write the configuration? The fact is that any variations on a similar theme cause assertion. just combine it with proper acl of type dst or dstdomain... 15.09.15 23:17, Matus UHLAR -

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Squid working in transparent SSL Bump mode. AFAIK, here is SSL decrypts. AFAIK, decrypted tunnel denied to be forwarded to parent. I need to forward some URLs without decryption to peer. Whole session starting with CONNECT. Problem: Peer must

Re: [squid-users] Lots of "Vary object loop!"

Amos, thanks for your answer. I understand your point in collapsed_forwarding not being triggered because the requests are not concurrent, nevertheless if I use collapsed_forwarding the Vary loop appears, if I disable it, format the cache_dir and start over .. It does not appear. If you

Re: [squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

Here is my testing config from test system. This is original configuration, which is works well with HTTP but not with HTTPS. I've tried to permit CONNECT access to cache_peer, config cache_peer as ssl, splice forwarded URL's... without any result. When I've turned URL into cache_peer -