Modified Makefile, replacing LIBOPENSSL_CFLAGS = -I/usr/local/include
with LIBOPENSSL_CFLAGS = -I/usr/local/include/openssl
Afterwards I got squid reporting it uses my custom-path openssl:
--
Squid Cache: Version 4.5-20190208-r568e66b7c
Service Name: squid
This binary uses OpenSSL 1.1.1b 26
I would try deploying Squid on Linux machine running within Hyper-V just to be
sure the Squid part itself works fine. Then only specifics of it running on
Cygwin will remain to be uncovered. Should be very easy to setup. Couple of
hours at most (you have already dedicated much more time to
Business objective is to enable MSFT Azure MMA's (Microsoft Monitoring Agents)
blocked from the internet to send agent data to Azure Log Analytics
Simple proxy
No SSL bump
Squid config is attached
I tried disabling caching with Squid, found it crashed more frequently
Squid was chosen this is
On 28/02/19 2:38 am, mzgmedia wrote:
> we like too add maybe 1 million of IPv6 on a single squid server but probably
> the squid will crash because the config file will be too big
>
Squid will not crash. It will determine that there are too many HTTP
ports being attempted and cleanly shutdown
-
-
-
-
-
Hi all
Can i use this conf only for blocking purpose?!Is set
dynamic_cert_mem_cache_size=0MB wrong?I have more than 1000 clients and i only
want to block http and https pages and show err page for both of those.
My configurations is like this:
The setup itself is not clear to me.
Is it a simple proxy?
With SSL bump?
Can you share or send me the squid configuration?
There might be another solution for your use case that you have yet to try.
Also if the purpose is not caching, why do you try to use squid?
There are lots of other proxies
On 27/02/19 9:59 pm, Stilyan Georgiev wrote:
> Hi,
>
> Trying to build squid using custom path for openssl and related
> libraries. My goal is to use openssl 1.1.1 which is installed in /usr/local
>
> --
> /usr/local/bin/openssl version
> OpenSSL 1.1.1b 26 Feb 2019
> --
>
> I did install it
Hi allCan i use this conf only for blocking purpose?!Is set
dynamic_cert_mem_cache_size=0MB wrong?I have more than 1000 clients and i only
want to block http and https pages.
My configurations is like
this:-https_port 3130 tproxy ssl-bump \
On 27/02/19 11:39 pm, Stilyan Georgiev wrote:
> Modified Makefile, replacing LIBOPENSSL_CFLAGS = -I/usr/local/include
> with LIBOPENSSL_CFLAGS = -I/usr/local/include/openssl
>
Please do not touch the Makefile.
To set build environment variables such as those you simply pass them as
arguments to
we like too add maybe 1 million of IPv6 on a single squid server but probably
the squid will crash because the config file will be too big
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users
Hi,
I understood that http2 is work in progress. Is there anything to say about
when this might be released?
Thank you,
Andrej
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Hello comunity, can someone be so nice to tell me what i´m doing wrong
Im compiling squid 4.5 on ubuntu 18.04
this are the dependency i have installed
apt-get -y install libcppunit-dev libsasl2-dev libxml2-dev libkrb5-dev
libdb-dev libnetfilter-conntrack-dev libexpat1-dev libcap2-dev
On Thu, Feb 28, 2019 at 12:05 AM Stilyan Georgiev
wrote:
> Tried everything , including upgrading the system to version that has
> openssl1.1.1-1 , recompiling the package to exclude TLS 1.3 support , using
> -- tls_outgoing_options options=NO_TLSv1_3 where NO_TLSv1_3 simply wasn't
> recognized
So just to be on the clear.
You need a basic forward proxy that does CONNECT requests for any LAN client
to safe ports?
Do you have any other requirements then being Windows 2k16 compatbile and
the mentioned ACL's?
If you Insist on a Windows proxy there are couple I collected...
On 2/27/19 2:22 PM, Russel McDonald wrote:
> is there any way to get the port number of the connecting client
> available to the adapter through ECAP interface?
Yes, there is: http://www.squid-cache.org/Doc/config/adaptation_meta/
For example, the following configuration snippet relays (where
Hi, is there any way to get the port number of the connecting client available
to the adapter through ECAP interface? Not just the IP but the port number as
well. I found that I can do that by a tiny change but it has to be int he squid
source:In adaptation\ecap\XActionRep.cc, method
Forgot to mention that this simple proxy:
http://gogs.ngtech.co.il/elicro/golang-http-proxy
Is a simple forward proxy I wrote.
A binary packaged for any OS that GoLang supports including Windows 2k16 is
there:
Hi,
Trying to build squid using custom path for openssl and related
libraries. My goal is to use openssl 1.1.1 which is installed in /usr/local
--
/usr/local/bin/openssl version
OpenSSL 1.1.1b 26 Feb 2019
--
I did install it like that:
--
./config --prefix=/usr/local
Thanks for the input Alex.
I had many, many issues compiling openssl without tls1.3. At first i tried
doing it side by side with version I had in OS but failed miserably, with
squid continuing to use the OS package.
Eventually I release upgraded the OS and now have the 1.1.1-1 package from
repo,
Wow. This is very generous Eliezer. I am humbled by your generosity!
Before I try your proxy for Windows, I've decided it's time to eliminate the OS
as a variable. I quickly tacked up Squid running on a sandbox RHEL, and
submitted a ticket to have it added to the F5 VIP.
If the issue
On 28/02/19 10:47 am, Alex Gutiérrez Martínez wrote:
> Hello comunity, can someone be so nice to tell me what i´m doing wrong
>
>
> Im compiling squid 4.5 on ubuntu 18.04
>
...
>
>
> im getting this error
>
>
> error: NTLM auth helper smb_lm ... not found
>
On 28/02/19 12:25 pm, Stilyan Georgiev wrote:
> When testing like so: openssl s_client -connect google.com:443
> I get tls1.2 back
>
> Via mobile chrome browser (android) and the proxy I get tls1.3
> Truly don't understand :)
>
I expect that Chrome is using their own custom SSL library and
On 28/02/19 6:30 am, Andrej van der Zee wrote:
> Hi,
>
> I understood that http2 is work in progress. Is there anything to say
> about when this might be released?
>
No ETA sorry. Progress has slowed down so much I stopped even saying
"soon-ish" a year ago.
If anyone wants to jump in and lend
On 28/02/19 2:31 am, leomessi983 wrote:
> Hi all
> Can i use this conf only for blocking purpose?!
You could.
I suggest you keep the default security Safe_ports and SSL_ports ACL and
http_access rules though. They exist to protect your proxy against
malicious attacks and Dos situations.
Your
Hello Alex,
Please take a look at how we recompile Squid 4.6 for Ubuntu 18.
It compiles and runs nicely without errors.
See https://docs.diladele.com/howtos/build_squid_4_on_ubuntu/index.html
Best regards,
Rafael Akchurin
Diladele B.V.
-Original Message-
From: squid-users On Behalf
25 matches
Mail list logo