On 10/07/2015 8:30 a.m., Andrew Wood wrote:
> OK heres the difference
>
> http_port 192.168.10.254:3128 intercept
> http_port 192.168.10.254:3129
You should have port 3128 for the non-interept traffic.
>
> I had to setup squid on a second port not in intercept mode and set the
> WPAD file to se
On 11/07/2015 12:21 a.m., Philipp Wehling wrote:
> Hello,
>
> from time to time we have trouble accessing google.com.
>
> After many many troubleshooting and trying to understand debug_options 28,x I
> wanted to go another way:
>
> All I want is to display, which ACL is blocking the access to t
I'm using 3.5 with transparent server first bumping in ~100 deployments so
far, it works just fine, excluding with SNI and everything.
On 12/07/2015 10:58 am, "Yuri Voinov" wrote:
> Man,
>
> 3.5.x don't work with server-first. It must be for backward compatibility
> - but don't be.
>
> Also, AFA
As most of you will know by now with the mailing list server update last
year we allowed attachments to be mailed to the list. There are a large
number of participants receiving each message so the size and file types
accepted are strictly limited.
Due to the number of people needing to submit con
Hi Dalmar
one question how many interfaces do your squid box have ?
El 28/6/15 a las 11:26, Dalmar escribió:
To begin with, thank you Marcel,Alex and Amos for your help guys i am
really so close because of you. I have done exactly what Marcel told
me and now all transparent/intercept errors ar
The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.5.6 release!
This release is a security and bug fix release resolving several issues
found in the prior Squid releases.
The major changes to be aware of:
* SQUID-2015:2 Improper Protection of Alternate Path
__
Squid Proxy Cache Security Update Advisory SQUID-2015:2
__
Advisory ID:SQUID-2015:2
Date: July 06, 2015
Summary:Impr
To begin with, thank you Marcel,Alex and Amos for your help guys i am
really so close because of you. I have done exactly what Marcel told me and
now all transparent/intercept errors are gone. It worked nicely when i used
two mikrotiks one for WAN and the other for the LAN connection, however,
when
Man,
3.5.x don't work with server-first. It must be for backward
compatibility - but don't be.
Also, AFAIK, 3.5.x series don't work with transparent NAT interception
in bump mode. Fake certs are generated, but with IP against hostnames
(in all my test installations).
So, if you strictly ne
Hi,
When I try to send the request from one squid proxy server to another squid
proxy server, the former proxy server is changing the Request URI field in
GET request to " / " (the web server address is removed entirely).
I have a setup something like this:
h1 --- h2 --- h4 --- h3
h1=web client
Just tried to put 3.5 into production and it's dying. This runs fine with
low volume, but once the volume is up there it dies.
squid-3.5.0.2-1.el6.x86_64
2.6.32-504.16.2.el6.x86_64 #1 SMP
Squid is being handled in memory, so this can't be an I/O disk issue. As I
have other systems running 2.7
On 12/07/2015 8:16 a.m., Yuri Voinov wrote:
>
> Yep, man.
>
> Sad, but true.
No man.
[sorry, sent the followup in private by mistake. Repeating now for
everyone ... with a bit more info]
The TAG_* is a representation of what Squid has done in processing
the transaction.
We dont yet have tags/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Yep, man.
Sad, but true.
11.07.15 16:13, David Touzeau пишет:
> To understand what you says:
>
> Means that squid try to understand the TLS protocol in order to
retrieve certificate information but some TAGS in certificate are not
properly unders
To understand what you says:
Means that squid try to understand the TLS protocol in order to retrieve
certificate information but some TAGS in certificate are not properly
understood.
So Squid still accept/forward the connection without decoding TLS ?
Le 11/07/2015 11:33, Amos Jeffries a écri
On 11/07/2015 9:23 p.m., David Touzeau wrote:
> Hi all
>
>
> We using Squid 3.5.6 in transparent mode with SSL
>
>
> With the following settings:
>
> acl ssl_step1 at_step SslBump1
> acl ssl_step2 at_step SslBump2
> acl ssl_step3 at_step SslBump3
> ssl_bump peek ssl_step1
> ssl_bump splice all
Hi all
We using Squid 3.5.6 in transparent mode with SSL
With the following settings:
acl ssl_step1 at_step SslBump1
acl ssl_step2 at_step SslBump2
acl ssl_step3 at_step SslBump3
ssl_bump peek ssl_step1
ssl_bump splice all
We have many entries "TAG_NONE/" in access.log when accessing to
On 11/07/2015 11:02 a.m., Alex Wu wrote:
> actually, the major problems are:
>
> Once workers > 1, squid looks for /var/run/squid. pidfile for workers=1 is
> done in squid.conf, but for workers > 1, this will be ignored.
PID stands for "Process ID". The pidfile contains the process ID of the
Squ
17 matches
Mail list logo
