Re: [squid-users] SSL on different ports

2020-10-07 Thread Ronan Lucio
Hi Amos, > You are referring to the SSL_ports ACL ? Yes. Got your point. Thanks for the clarification Ronan On Wed, Oct 7, 2020 at 4:55 PM Amos Jeffries wrote: > > On 7/10/20 2:16 pm, Ronan Lucio wrote: > > Hi, > > > > By default, Squid accepts SSL connection only to port 443. > > You are

[squid-users] websockets through Squid

2020-10-07 Thread Vieri
> To allow WebSocket tunnels, you need http_upgrade_request_protocols available > since v5.0.4 Thanks for the info. My distro does not include v. 5 yet as it's still beta, although I could try compiling it. Just a thought though. What would the easiest way be to allow websockets through in v.

Re: [squid-users] websockets through Squid

2020-10-07 Thread Alex Rousskov
On 10/7/20 9:29 AM, Vieri wrote: >> To allow WebSocket tunnels, you need http_upgrade_request_protocols >> available since v5.0.4 > What would the easiest way be to allow websockets through in v. 4? Backport (the essential parts of) v5 changes to v4. > That is, for trusted domains, allow a

Re: [squid-users] websockets through Squid

2020-10-07 Thread Amos Jeffries
On 8/10/20 2:29 am, Vieri wrote: >> To allow WebSocket tunnels, you need http_upgrade_request_protocols >> available since v5.0.4 > > Thanks for the info. > My distro does not include v. 5 yet as it's still beta, although I could try > compiling it. > > Just a thought though. What would the

[squid-users] websockets through Squid

2020-10-07 Thread Vieri
Hi, Using Google Chrome instead of Firefox gives me the same result: Error during WebSocket handshake: Unexpected response code: 200 I'm not sure what to look for in cache.log. ___ squid-users mailing list squid-users@lists.squid-cache.org

Re: [squid-users] websockets through Squid

2020-10-07 Thread Alex Rousskov
On 10/7/20 4:08 AM, Vieri wrote: > I'd like to allow websockets from specific domains through Squid in > intercept sslbump mode. > I am obviously not using on_unsupported_protocol properly. WebSocket handshake looks like HTTP so on_unsupported_protocol is not applicable to the WebSocket

[squid-users] websockets through Squid

2020-10-07 Thread Vieri
I also tried: on_unsupported_protocol tunnel all on Squid v. 4.13. I don't see any denials in the access log. The only thing I see regarding the URL I mentioned earlier is: TCP_MISS/200 673 GET https://ed1lncb62202.webex.com/direct? - ORIGINAL_DST/62.109.225.31 text/html It is easy to

[squid-users] websockets through Squid

2020-10-07 Thread Vieri
Hi, I'd like to allow websockets from specific domains through Squid in intercept sslbump mode. One of the clients reports: Firefox can’t establish a connection to the server at