Re: [squid-users] Peeking on TLS traffic: unknown cipher returned

On Thu, Oct 20, 2016 at 5:01 PM, Alex Rousskov < rouss...@measurement-factory.com> wrote: > Please note that "peek and make a decision based on SNI" is not what > your configuration tells Squid to do. > This is a complex situation for most people (myself included), can you tell us how to "peek

Re: [squid-users] Peeking on TLS traffic: unknown cipher returned

On 10/19/2016 08:51 PM, Leandro Barragan wrote: > I get the unknown cipher error on Squid > but on the client I see a certificate error. When I look at the > certificate info, it is signed by Squid. It makes no sense at all. When Squid v3 encounters an OpenSSL error (such as an unsupported

Re: [squid-users] Peeking on TLS traffic: unknown cipher returned

On 10/19/2016 12:44 AM, Leandro Barragan wrote: >> error:140920F8:SSL routines:SSL3_GET_SERVER_HELLO:unknown cipher returned >> (1/-1/0) > I fail to see why is this happening. I only need to peek on the > connection and make a decision based on SNI, Please note that "peek and make a decision

Re: [squid-users] Peeking on TLS traffic: unknown cipher returned

Amos, I really appreciate your answer and the time you took trying to explain me the rules. I'm already compiling Squid 3.5.22 with OpenSSL 1.0.2j to see if that solves my issue. Leaving aside the software version, it seems weird to me that I see this behaviour not only on blocked (terminated)

Re: [squid-users] Additional ecap/icap questions

On 2016-10-17 15:01, Alex Rousskov wrote: On 10/17/2016 11:51 AM, James Lay wrote: Here's what I'm wanting to accomplish and it's been proving a challenge: Detect keywords (think DLP maybe) in http/https flows. I've got ecap and icap compiled in and working. My challenges: a)with icap, it

Re: [squid-users] Error DiskThreadsDiskFile::openDone: (2) No such file or directory

On 20/10/2016 1:59 a.m., erdosain9 wrote: > Hi. > I try this > http://www.linuxtopic.com/2016/03/clear-squid-cache-and-re-create-cache.html > > but still the same... > Squid auto-corrects the cache data contents. The message you are seeing is what gets logged during the correction process. You

Re: [squid-users] Peeking on TLS traffic: unknown cipher returned

On 19/10/2016 7:44 p.m., Leandro Barragan wrote: > Hi! > > I'm having trouble with SSL Peek & Splice in Squid 3.5.16 using Please upgrade to 3.5.19 or later. Current is 3.5.22. > intercept mode. I'm trying to configure a transparent proxy (no CA > installed on clients) which denies access to

[squid-users] FATAL: Ipc::Mem::Segment::create failed to shm_open(/squid-cf__queues.shm): (17) File exists

Hello Friends, I am getting the following message when i start the squid FATAL: Ipc::Mem::Segment::create failed to shm_open(/squid-cf__queues.shm): (17) File exists I am running squid-3.5.20 and even I have tried to remove cache directories and -z but still giving this error. So please

Re: [squid-users] Squid SMP workers crash

On 10/18/16, Alex Rousskov wrote: > On 10/17/2016 10:37 PM, Deniz Eren wrote: >> On Mon, Oct 17, 2016 at 7:43 PM, Alex Rousskov wrote: >>> On 10/17/2016 02:38 AM, Deniz Eren wrote: 2016/10/17 11:22:37 kid1| assertion failed:

[squid-users] FATAL: Ipc::Mem::Segment::create failed to shm_open(/squid-cf__queues.shm): (17) File exists

Hello Friends, I am getting the following message when i start the squid FATAL: Ipc::Mem::Segment::create failed to shm_open(/squid-cf__queues.shm): (17) File exists I am running squid-3.5.20 and even I have tried to remove cache directories and -z but still giving this error. So please advice

Re: [squid-users] Error DiskThreadsDiskFile::openDone: (2) No such file or directory

On Tue, 2016-10-18 at 06:37 -0700, erdosain9 wrote: > Hi. > squid 3.5.20 > > Im having a lot of these in cache.log > > 2016/10/18 10:36:11 kid1| DiskThreadsDiskFile::openDone: (2) No such > file or > directory > 2016/10/18 10:36:11 kid1|   /var/spool/squid/00/92/92E9 > 2016/10/18

Re: [squid-users] Error DiskThreadsDiskFile::openDone: (2) No such file or directory

I have this problem regularly with aufs (long time ...) Sorry I know no solution, except purge cache I'm using diskd to avoid this Fred ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Peeking on TLS traffic: unknown cipher returned

Hi! I'm having trouble with SSL Peek & Splice in Squid 3.5.16 using intercept mode. I'm trying to configure a transparent proxy (no CA installed on clients) which denies access to specific sites. I understand that if I can't Bump (my case), then I can only use SNI information from TLS "Client