Hey Yuri,
I have compiled the services for solaris and windows and can be
downloaded at:
http://ngtech.co.il/squidblocker/downloads/
Also I am publishing the client source code at:
https://github.com/elico/squidblocker-client
This is one piece of the puzzle that takes a very high load.
One
On 09/14/2015 08:09 PM, Nicolaas Hyatt wrote:
> Recent Backtrace: 2015-09-14
> Squid Cache: Version 3.5.8-20150910-r13912
> Backtrace Follows:
> #0 0x7774c210 in ssl23_put_cipher_by_char () from
> /lib64/libssl.so.10
This does not look like Bug 3775 to me -- that bug has a different
On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote:
we have squidguard on a few servers and I'd like to redirect client's
request
directly to squid's error page, e.g. ERR_ACCESS_DENIED
Is that possible directly through e.g. internal URL, or do I have to play
with special page and acl?
(it
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
I need to send some sites, defined by ACL, connections with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
There is no answer.
15.09.15 23:31, Matus UHLAR - fantomas пишет:
> On 15.09.15 23:27, Yuri Voinov wrote:
>> Is it possible to specifically - how exactly it is necessary to write
>> the configuration? The fact is that any variations on a similar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Antony,
thank your for answer.
My problem is a bit specific.
I have some permanently ISP-banned sites. I need to pass-through it from
transparent interception Squid to cache_peer - both plain HTTP and HTTPS
tunnels without decryption. Sites
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
On 15.09.15
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I asked a specific question. How does Squid as a whole - I am well
aware. Before asking a question - I tried everything I seemed right. And
I asked, hoping to get a specific answer or intelligible explanation,
not the common words and sentences to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I want to get the answer the people who did it. And not those that
suggest that they could do it.
15.09.15 23:42, Matus UHLAR - fantomas пишет:
>>> On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the
On 15/09/2015 3:13 a.m., Matus UHLAR - fantomas wrote:
> Hello,
>
> we have squidguard on a few servers and I'd like to redirect client's
> request
> directly to squid's error page, e.g. ERR_ACCESS_DENIED
> Is that possible directly through e.g. internal URL, or do I have to play
> with special
In our network we are behind a proxy that I don't have access to. In order
to speed up deployments and development I am trying to set up a caching
squid proxy for yum and maven repositories.
Naturally, this proxy needs to be configured to use our company's global
proxy as parent.
I have
On 15 September 2015 at 17:18, Martin Dietze wrote:
> To me it seems like my squid does not understand it needs to use the
> global proxy for HEAD requests as well as for GET. But I could not find any
> reference to this particular problem anywhere in the web.
I have found a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
I'll try to explain.
I need to send some sites, defined by ACL, connections with starts with
CONNECT (443 port), to the cache_peer first? Rather
On 15/09/2015 9:16 a.m., Sebastián Goicochea wrote:
> I could finally isolate the problem, it only happens if you are using
> collapsed_forwarding.
>
> If you want, you can use this script to replicate it:
>
> #!/bin/bash
> H='--header'
>
> echo "With Firefox"
> wget -d \
> $H='Accept:
>
On 15.09.15 22:45, Yuri Voinov wrote:
Does anyone know - is it possible to send the connection, starting with
the CONNECT, to cache-peer?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
cache_peer_access with proper ACLs should do that.
note that always_direct can avoid it.
On 15.09.15
On 09/15/2015 03:50 AM, Amos Jeffries wrote:
> The right way to perform access authorization is with the http_access or
> adapted_http_access rules. That is also the only way to *generate*
> ERR_ACCESS_DENIED.
For completeness sake, it is also possible to deny a request using eCAP
blockVirgin()
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Is it possible to specifically - how exactly it is necessary to write
the configuration? The fact is that any variations on a similar theme
cause assertion.
15.09.15 23:17, Matus UHLAR - fantomas пишет:
> On 15.09.15 22:45, Yuri Voinov wrote:
>>
On 15.09.15 23:27, Yuri Voinov wrote:
Is it possible to specifically - how exactly it is necessary to write
the configuration? The fact is that any variations on a similar theme
cause assertion.
just combine it with proper acl of type dst or dstdomain...
15.09.15 23:17, Matus UHLAR -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Squid working in transparent SSL Bump mode.
AFAIK, here is SSL decrypts. AFAIK, decrypted tunnel denied to be
forwarded to parent.
I need to forward some URLs without decryption to peer. Whole session
starting with CONNECT.
Problem: Peer must
Amos, thanks for your answer. I understand your point in
collapsed_forwarding not being triggered because the requests are not
concurrent, nevertheless if I use collapsed_forwarding the Vary loop
appears, if I disable it, format the cache_dir and start over .. It does
not appear.
If you
Here is my testing config from test system. This is original
configuration, which is works well with HTTP but not with HTTPS.
I've tried to permit CONNECT access to cache_peer, config cache_peer as
ssl, splice forwarded URL's... without any result.
When I've turned URL into cache_peer -
21 matches
Mail list logo