Re: [squid-users] Clarity on sending intercepted HTTPS traffic upstream to a cache_peer

On 28/01/2017 1:32 p.m., Charlie Orford wrote: > On 27/01/2017 23:43, Alex Rousskov wrote: >> On 01/27/2017 04:04 PM, Charlie Orford wrote: >>> A post from another user on this list seems to suggest they successfully >>> got squid to do what we want >>>

Re: [squid-users] Clarity on sending intercepted HTTPS traffic upstream to a cache_peer

On 27/01/2017 23:43, Alex Rousskov wrote: On 01/27/2017 04:04 PM, Charlie Orford wrote: A post from another user on this list seems to suggest they successfully got squid to do what we want (http://lists.squid-cache.org/pipermail/squid-users/2015-November/007955.html) but when emulating their

Re: [squid-users] Clarity on sending intercepted HTTPS traffic upstream to a cache_peer

On 01/27/2017 04:04 PM, Charlie Orford wrote: > Clients get a SQUID_X509_V_ERR_DOMAIN_MISMATCH error (because the > auto-generated cert squid1 gives to the client contains the domain of > the cache_peer *not* the ultimate origin server). Under normal circumstances, Squid should generate no

Re: [squid-users] Clarity on sending intercepted HTTPS traffic upstream to a cache_peer

To follow up: Adding ssl to the cache_peer directive on squid1 (and changing squid2 so it listens for connections on an https_port) gets us a little further but still doesn't work. Clients get a SQUID_X509_V_ERR_DOMAIN_MISMATCH error (because the auto-generated cert squid1 gives to the

[squid-users] Clarity on sending intercepted HTTPS traffic upstream to a cache_peer

Hi list We're using squid 3.5.23 and trying to achieve the following: client https request (not proxy aware) -> squid1 (https NAT intercept) -> upstream squid2 (configured as a cache_peer in squid1) -> origin server (e.g. www.google.com) Amos mentioned in this thread

Re: [squid-users] Not all html objects are being cached

im not here to fight dont mention RFC caus its alredy violating RFC just using enable-http-violations pls re read my post or get someone to translate the structure of it else no benefit explaining or protecting RFC shit so pls careful reading my point of view else waisting time with one year

Re: [squid-users] Not all html objects are being cached

27.01.2017 19:35, Garri Djavadyan пишет: > On Fri, 2017-01-27 at 17:58 +0600, Yuri wrote: >> 27.01.2017 17:54, Garri Djavadyan пишет: >>> On Fri, 2017-01-27 at 15:47 +0600, Yuri wrote: --2017-01-27 15:29:54-- https://www.microsoft.com/ru-kz/ Connecting to 127.0.0.1:3128... connected.

Re: [squid-users] Not all html objects are being cached

On Fri, 2017-01-27 at 06:15 -0800, joseph wrote: > hi its not about https scheme its about evrything Hi, First of all, I can't brag about my English and writing style, but your writing style is _very_ offensive to other members. Please, try it better. First of all, it is very difficult to catch

Re: [squid-users] Not all html objects are being cached

hi its not about https scheme its about evrything i decide not to involve with arg... but why not its the last one i should say it once they ar right most of the ppl admin have no knwoleg so its ok to baby sit them as its but --enable-http-violations should be fully ignore cache control and in

Re: [squid-users] Strange behavior - reload service failed, but not start.... (solved)

On Friday 27 January 2017 at 14:36:01, erdosain9 wrote: > Hi, again. > Now, i do this > > [root@squid ips]# ps aux | grep squid > root 2228 0.0 0.0 130900 344 ?Ss ene24 0:00 > /usr/sbin/squid -sYC ... snip ... > [root@squid ips]# systemctl stop squid > [root@squid ips]#

Re: [squid-users] Strange behavior - reload service failed, but not start.... (solved)

Hi, again. Now, i do this [root@squid ips]# ps aux | grep squid root 2228 0.0 0.0 130900 344 ?Ss ene24 0:00 /usr/sbin/squid -sYC squid 2230 6.2 64.9 1341864 1205160 ? Rene24 263:30 (squid-1) -sYC squid 2231 0.4 0.1 68196 1948 ?Sene24 20:35

Re: [squid-users] Strange behavior - reload service failed, but not start....

On Friday 27 January 2017 at 14:13:55, erdosain9 wrote: > Ok, thanks. > But something more its wrong look up this: > > [root@squid ips]# squid -k restart > squid: ERROR: Could not send signal 21 to process 8083: (3) No such process > > [root@squid ips]# squid -k shutdown > squid: ERROR:

Re: [squid-users] Not all html objects are being cached

On Fri, 2017-01-27 at 17:58 +0600, Yuri wrote: > > 27.01.2017 17:54, Garri Djavadyan пишет: > > On Fri, 2017-01-27 at 15:47 +0600, Yuri wrote: > > > --2017-01-27 15:29:54--  https://www.microsoft.com/ru-kz/ > > > Connecting to 127.0.0.1:3128... connected. > > > Proxy request sent, awaiting

Re: [squid-users] Strange behavior - reload service failed, but not start....

Ok, thanks. But something more its wrong look up this: [root@squid ips]# squid -k restart squid: ERROR: Could not send signal 21 to process 8083: (3) No such process [root@squid ips]# squid -k shutdown squid: ERROR: Could not send signal 15 to process 8083: (3) No such process [root@squid

Re: [squid-users] Not all html objects are being cached

27.01.2017 18:25, Antony Stone пишет: On Friday 27 January 2017 at 13:15:21, Yuri wrote: 27.01.2017 18:05, Antony Stone пишет: You're entitled to do whatever you want to, following standards and recommendations or not - just don't complain when choosing not to follow those standards and

Re: [squid-users] Not all html objects are being cached

On Friday 27 January 2017 at 13:15:21, Yuri wrote: > 27.01.2017 18:05, Antony Stone пишет: > > > You're entitled to do whatever you want to, following standards and > > recommendations or not - just don't complain when choosing not to follow > > those standards and recommendations results in

Re: [squid-users] Not all html objects are being cached

27.01.2017 18:05, Antony Stone пишет: On Friday 27 January 2017 at 12:58:52, Yuri wrote: Again. What is the difference? I open it from different workstations, from different browsers - I see the same thing. The code is identical. I can is to cache? Yes or no? You're entitled to do whatever

Re: [squid-users] Not all html objects are being cached

On Friday 27 January 2017 at 12:58:52, Yuri wrote: > Again. What is the difference? I open it from different workstations, > from different browsers - I see the same thing. The code is identical. I > can is to cache? Yes or no? You're entitled to do whatever you want to, following standards and

Re: [squid-users] Not all html objects are being cached

I understand that I want to conclusively prove its case. But for the sake of objectivity - dynamically generated only dynamic pages? Maybe the solution is still the administrator to leave? If I see that something is broken or users complain about me - directive *cache deny* already canceled?

Re: [squid-users] Not all html objects are being cached

27.01.2017 17:54, Garri Djavadyan пишет: On Fri, 2017-01-27 at 15:47 +0600, Yuri wrote: --2017-01-27 15:29:54-- https://www.microsoft.com/ru-kz/ Connecting to 127.0.0.1:3128... connected. Proxy request sent, awaiting response... HTTP/1.1 200 OK Cache-Control: no-cache, no-store

Re: [squid-users] Not all html objects are being cached

On Fri, 2017-01-27 at 15:47 +0600, Yuri wrote: > --2017-01-27 15:29:54--  https://www.microsoft.com/ru-kz/ > Connecting to 127.0.0.1:3128... connected. > Proxy request sent, awaiting response... >    HTTP/1.1 200 OK >    Cache-Control: no-cache, no-store >    Pragma: no-cache >    Content-Type:

[squid-users] transparent http and https filter with white-list only

Hello. I'm trying to get working transparent setup allowing only certain domains and have problem that in order to allow https "ssl_bump splice allowed_domains" i have to "http_access allow all", thus allowing all other http traffic through. Otherwise https traffic is not allowed at all. Here

Re: [squid-users] Not all html objects are being cached

27.01.2017 9:10, Amos Jeffries пишет: On 27/01/2017 9:46 a.m., Yuri Voinov wrote: 27.01.2017 2:44, Matus UHLAR - fantomas пишет: 26.01.2017 2:22, boruc пишет: After a little bit of analyzing requests and responses with WireShark I noticed that many sites that weren't cached had different

Re: [squid-users] squid on it's own server

On Friday 27 January 2017 at 05:17:28, John Pearson wrote: > hi all, my current setup: laptop(10.0.1.10) and squid-box(10.0.1.11) and > debian router(10.0.1.1). > > I am doing wget on laptop > > wget squid-cache.org > > I am redirecting packets on the router to squid-box by changing the >

Re: [squid-users] squid reverse proxy (accelerator) for MS Exchange OWA

- Original Message - From: Alex Rousskov >> It's interesting to note that the following actually DOES give more >> information (unsupported >> protocol):> > * If the server sent nothing, then Curl gave you potentially incorrect > information