Re: [squid-users] Specifiying openssl location with ./configure?

On 2015-12-29 09:12, George Hollingshead wrote: I have a localy compilied the latest openssl to default location /usr/local directory. If you really have done that then any Squid built after will auto-detect it there and link to that new OpenSSL version using only the "--with-openssl" build

[squid-users] ip-based ACL under transparent mode

Under transparent mode, is it possible to get client's IP and assign a specific ACL rule to it? is it possible to use the client-IP-address as a variable in redirector scripts? Basically when transparent mode is used we don't have the "user" for each requests and I'm thinking if I can extract

Re: [squid-users] Squid with NTLM auth behind netscaler

On 2015-12-31 03:42, Fabio Bucci wrote: Could you help me in kerberos configuration only? I don't want a fallback That should be blindingly obvious ... just use the Kerberos helper directly as the auth_param helper. Omit the negotiate_wrapper helper and ntlm_auth helper parts. Amos

Re: [squid-users] Squid is not worked in OpenVZ VPS.

I can acess `www.google.com' in side my VPS with W3M. But, can not access www.google.com across my Squid server. I don't what happen here, those VPS provider guys work on this two days, not resolved. Kinkie writes: > Well, the IPv6 address could be telling. Maybe OpenVZ is setting up a > V6

Re: [squid-users] Squid is not worked in OpenVZ VPS.

On 30/12/2015 19:29, Billy.Zheng (zw963) wrote: I can acess `www.google.com' in side my VPS with W3M. But, can not accesswww.google.com across my Squid server. I don't what happen here, those VPS provider guys work on this two days, not resolved. Hey Billy, From the information page it is

Re: [squid-users] Refresh pattern issue in squid 3.1.20

Hi, All, I tired suggested refresh pattern, still i was getting TCP_HIT/MEM_HIT. It's not getting refreshed after 10 minutes. *Conf* refresh_pattern -i ^http://[a-z\-\_\.A-Z0-9]+\.wsj\.(net|net|com|edu)/ 10 200% 10 override-expire override-lastmod reload-into-ims ignore-reload *Logs* Wed Dec

Re: [squid-users] squid3 / debian stable / please update to 3.4.14

Hai, You can very easy upgrade to 3.5.12 on Jessie. Add sid to your sources.list, or better in : /etc/apt/sources.list.d/debian-sid.list Only the deb-src line is needed. Now apt-get update # install dependecies. apt-get build-dep squid # get and build source. apt-get source squid -b if

[squid-users] Squid proxy removing Transfer-Encoding header

Hey all, I have an application in front of which I am using Squid proxy. Suppose application name is APP So it is like client -> Squid -> APP and return If App return Transfer-Encoding header to Squid, Squid removes that response header and forwards rest to Client. Am not getting why it is

Re: [squid-users] squid reverse proxy and client certs

Hi Thanks I thought that might be the issue. could you point me to an example for requesting client certs for a directory Thanks Alex On 30 December 2015 at 21:56, Matus UHLAR - fantomas wrote: > On 30.12.15 15:11, Alex Samad wrote: >> >> I have squid 3.5.12 working as a

Re: [squid-users] Squid proxy removing Transfer-Encoding header

On 12/30/2015 02:24 PM, Aashima wrote: > So it is like client -> Squid -> APP and return > If App return Transfer-Encoding header to Squid, Squid removes that response > header and forwards rest to Client. > > Am not getting why it is removing that header ? Couldnt find any posts > also on

[squid-users] Squid is not worked in OpenVZ VPS.

Hi, I have two VPS in same location(HONG KONG) the two VPS is blongs to two service provider, one OpenVZ, one XEN. I choice with same version CentOS(6.7), and with same config script for a FORWARD proxy to access free world. XEN always worked for me, but OpenVZ is not. following is some simple

Re: [squid-users] squid reverse proxy and client certs

On 30.12.15 15:11, Alex Samad wrote: I have squid 3.5.12 working as a reverse proxy cache_peer 127.0.0.1 \ parent 443 0 proxy-only no-query no-digest originserver \ login=PASS \ ssl \ sslcafile=/etc/pki/tls/certs/ca-bundle.crt \ sslflags=DONT_VERIFY_PEER \ name=webServer This points to httpd

[squid-users] Host header forgery policy in service provider environment

Hello Squid members and developers! First of all, I wish you a Happy New Year 2016! The current Host header forgery policy effectively prevents a cache poisoning. But also, I noticed, it deletes verified earlier cached object. Is it possible to implement more careful algorithm as an option? For

Re: [squid-users] Squid is not worked in OpenVZ VPS.

> On 30 Dec 2015, at 11:39, Billy.Zheng(zw963) wrote: > > Hi, I have two VPS in same location(HONG KONG) > > the two VPS is blongs to two service provider, one OpenVZ, one XEN. > > I choice with same version CentOS(6.7), and with same config script for > a FORWARD proxy to

Re: [squid-users] Squid is not worked in OpenVZ VPS.

Thanks for you reply. The failed message is: `Connection to failed', is a IPV6 address somehow. I found i just could't access part of website, not all. so, I thought this is not Squid problem, maybe china GFW prevent this, I doubt OpenVZ provider's machine room exist some problem.

Re: [squid-users] Squid is not worked in OpenVZ VPS.

Well, the IPv6 address could be telling. Maybe OpenVZ is setting up a V6 network but has no route out of it. Can you try accessing a known V4 and a known V6 address? It could help you understand if the issue is there. In that case, you need to fix the issue at the OpenVZ level. On Wed, Dec 30,