On Monday 27 October 2014 at 14:32:39 (EU time), Frantisek Hanzlik wrote:
Please, what is best way for determining who squid clients (their
PC IP addresses) have which downloads active?
I want it to determine which clients burden our slow internet line.
Examining 'access.log' does not help
On Wednesday 05 November 2014 at 10:39:19 (EU time), navari.lore...@gmail.com
wrote:
I'm configuring a Squid Web Proxy Cache and I apply the deny policy to some
sites. This is the problem:
when people access sites with GET they have the right html error page
ERR_ACCES_DENIED
(LOG =
On Thursday 13 November 2014 at 19:50:36 (EU time), Hector Chan wrote:
Hi,
Does anyone have any idea how to setup squid (reverse proxy) behind a
forward proxy ?
1. Set up Squid as a forward proxy on machine A for the clients.
2. Set up Squid as a reverse proxy on machine B for the
On Friday 06 February 2015 at 22:54:54 (EU time), Luis Miguel Silva wrote:
As I started playing around with transparent ssl proxying, I learned that
Chrome uses an alternate communication (UDP based) protocol called QUIC.
I'd never heard of QUIC, and http://en.wikipedia.org/wiki/QUIC doesn't
On Monday 16 Feb 2015 at 16:20, Yuri Voinov wrote:
root @ cthulhu / # ps axuf
usage: ps [ -aAdeflcjLPyZ ] [ -o format ] [ -t termlist ]
[ -u userlist ] [ -U userlist ] [ -G grouplist ]
[ -p proclist ] [ -g pgrplist ] [ -s sidlist ] [ -z zonelist ]
May be, you want to know my
On Thursday 12 Feb 2015 at 10:52, naser sonbaty wrote:
Hi guys,
I need your help with setting squid 3.5.1 with intercept.
My topolgy Clients PC -- Router PC -- SquidPC
Where is the Internet connection in the above diagram?
Router:
Send trafic from 80 to squid 192.168.15.2:3129
Have you
it.
On Thu, Feb 12, 2015 at 11:58 AM, Antony Stone wrote:
Have you configured the router to redirect port 80 traffic from the
Client PC to Squid 3129, or have you configured it to redirect *all* port
80 traffic (including from Squid) to Squid 3129?
Looks like the Router is making
On Friday 13 Feb 2015 at 09:12, Antony Stone wrote:
On Friday 13 Feb 2015 at 03:53, Priya Agarwal wrote:
These are the output:
root@t4240qds:~# /usr/sbin/squid ls -al /var/logs/access.log
Thanks, but I asked for the output of
ls -al /var/logs/access.log
There is no squid
On Friday 13 Feb 2015 at 11:06, Priya Agarwal wrote:
So sorry. In squid.conf I had done cache_effective_user to nobody and set
permissions of /var and /usr to nobody. So those are the permissions.
Are you saying that /var is owned by 'nobody'?
That sounds like a problem for the system to me.
On Monday 16 Feb 2015 at 22:54, snakeeyes wrote:
Hi ,
I have many account from same provider and I would like to use those
accounts as round robin and each request has different IP as possible
How many client machines are you trying to distribute in this way? Your
example suggests you're
On Tuesday 10 March 2015 at 15:09:14 (EU time), Klavs Klavsen wrote:
so intercept mode is only used, if you actually do the nat'ing on the
same server as squid is running..
You can do the NATting somewhere else; the important point is that the traffic
must be NATted, not direct.
ie. I
On Friday 06 March 2015 at 14:03:28 (EU time), Monah Baki wrote:
Hi All,
As an addition to my yesterday's issue,
Tail -f cache.log, I am getting the following:
015/03/06 13:54:02| WARNING: Forwarding loop detected for:
Any ideas?
Is your NAT rule catching the HTTP requests from the
On Friday 06 March 2015 at 14:50:50 (EU time), Monah Baki wrote:
http://wiki.squid-cache.org/ConfigExamples/Intercept/FreeBsdPf
So something else is missing?
Can you run a packet sniffer on the proxy, to see what packets come in (noting
the MAC address of the previous hop), what packets go
On Tuesday 10 March 2015 at 15:32:25 (EU time), Amos Jeffries wrote:
On 11/03/2015 3:18 a.m., Antony Stone wrote:
On Tuesday 10 March 2015 at 15:09:14 (EU time), Klavs Klavsen wrote:
so intercept mode is only used, if you actually do the nat'ing on the
same server as squid is running
On Sunday 01 March 2015 at 19:17:22 (EU time), Yuri Voinov wrote:
02.03.15 0:07, Julianne Bielski пишет:
http_port 443 ssl-bump
cert=/usr/local/squid3/etc/site_priv+pub.pem
http_port 3128 intercept
https_port 3129 intercept ssl-bump generate-host-certificates=on
On Tuesday 05 May 2015 at 17:41, markme wrote:
I have a FQDN assigned to a loopback address for development purposes but
unfortunately every time I enter in that URL into my browser it goes
through Squid and is trying to access the loopback address on the squid
server and not on the client
On Monday 18 May 2015 at 21:05:35 (EU time), Amaury Viera Hernández wrote:
I work at the University of Computer Sciences at Havana, Cuba (6000
users aproximately). We surf using squid, but in many ocassions when we
are surfing I get an error page of exceed quota telling me that the
cuota of
On Friday 17 April 2015 at 18:53:10 (EU time), Jonathan Krautter wrote:
Is there any way to have squid listen on an additional port and then
forward any traffic on that port to a specific address? Example:
proxy listens on port 4456
proxy forwards all traffic received on port 4456 to
On Monday 08 June 2015 at 12:53:00 (EU time), Robert Lasota wrote:
the problem is it still writes logs to files /var/log/access.log or
/opt/var/log/access.log (depends what I set in conf) but never to rsyslog.
I mean, I have set rsyslog to it send logs to remote central server, and
from
On Friday 26 Jun 2015 at 09:51, Henry S. Thompson wrote:
logs will show the IP address that reached squid, ie. the source
address of the connection. If that was NATted, squid will never know
(and thus is not able to log) the original address before the NAT.
That's what I assumed, but
On Sunday 21 June 2015 at 00:31:45 (EU time), Jason Haar wrote:
When a web page is requested by a client, what component does what? Does
squid do the download, pass the content to ICAP, or does it (like with
parent proxies), just tell the ICAP software to do the download itself?
The former -
On Friday 26 Jun 2015 at 10:42, Henry S. Thompson wrote:
Antony Stone writes:
It's entirely plausible (I'd even say common) for VPN clients to get
192.168 addresses; also if there's a NATting router in the path
and Squid is logging its address, that could easily be 192.168
On Friday 12 June 2015 at 17:49:38 (EU time), Julianne Bielski wrote:
With virtual hosting, the client is asking for a virtual origin server's
host and DNS enables the ip address for the physical host to respond. The
virtual host still sees its hostname in the host header, not the physical
On Friday 12 June 2015 at 16:08:59 (EU time), Julianne Bielski wrote:
reverse proxies are always transparent from the perspective of
the client and the Host header is often used by the proxy
to map to the correct back end origin server.
I also think they usually pass the Host header as-is
On Wednesday 01 July 2015 at 13:49:00 (EU time), Paul Martin wrote:
Hello,
I am using 2 machines with 2 squid versions, same squid.conf and both with
700 Http requests/sec.
-squid version 3.3.8: I have 40k squid cache objects
-squid version 3.5.5: I have 2k squid cache objects
Do
On Tuesday 30 Jun 2015 at 08:24, Stakres wrote:
Here, it seems the parent (sibling mode) tries to do the request itself but
faces an error (504 gateway timeout), it should answer to the kid it does
not have the object (TCP_MISS) then the parent should download the object
from internet.
On Tuesday 30 Jun 2015 at 08:45, Stakres wrote:
There are 2 squid, sibling each of them.
Squid1 (10.1.1.1):
cache_peer 10.1.1.2 sibling 8182 8183 proxy-only no-tproxy
Squid2 (10.1.1.2):
cache_peer 10.1.1.1 sibling 8182 8183 proxy-only no-tproxy
if you need more details, feel free to ask
On Sunday 05 July 2015 at 13:27:00 (EU time), san2roy wrote:
http://squid-web-proxy-cache.1019090.n4.nabble.com/file/n4672057/Network.p
ng
This is my setup which need to work. as i am very new in squid need your
help. my setup are following
Squid 3.5.5
centos 6.6
Mikrotik Router os 6
On Monday 25 May 2015 at 21:50:12 (EU time), S Sarath kumar wrote:
Hi,
below mentioned rules only applied
acl Streaming rep_mime_type video/flv video/x-flv
acl mynetwork src 10.108.20.0/24
http_reply_access deny mynetwork Streaming
http_access allow mynetwork
1. Please reply to the
On Monday 25 May 2015 at 21:20:16 (EU time), S Sarath kumar wrote:
hi i have been using squid3 on ubuntu 14.04.
i want to block the stream content in my lan.
hence i written a acl like below.
this acl at the top.
Please post the entire squid.conf (excluding blank lines / comments).
That
On Monday 29 Jun 2015 at 09:55, Fiorenza Meini wrote:
Hi,
I see this error when I restart squid service:
please, what does it mean:
WARNING: because of this '192.168.100.164' is ignored to keep splay tree
searching predictable ?
It means that squid is going to ignore the address
for all the domains you think you
might get overly-large content from, and once you have, it's prevents caching
of anything from those domains, including the acceptably small stuff.
2015-08-03 19:29 GMT-03:00 Antony Stone wrote:
On Tuesday 04 August 2015 at 00:13:32, markme wrote
On Tuesday 04 August 2015 at 10:28:32, Antony Stone wrote:
On Tuesday 04 August 2015 at 01:39:38, Jorgeley Junior wrote:
create an acl:
acl youtube dstdomain .youtube.com
use the directive: cache deny youtube
That will prevent caching for all content from a specific domain, no matter
On Saturday 08 August 2015 at 16:20:24, 1508 wrote:
Hello,
I would like to configure squid-cache to cache http requests to port 10050
on a certain server such as http://www.example.com:10050/picture.png
So long as 10050 isn't listed as an unsafe port in your Squid config, it'll do
this by
On Wednesday 12 August 2015 at 14:38:55, joseph jose wrote:
Hi,
I have set up squid in reverse proxy mode to cache an apache webserver
hosted in linux vm.
IP of my squid reverse proxy is 10.0.0.1 and 10.0.0.2 is the ip of
webserver which is also a linux vm
Your squid server has only one
On Friday 14 August 2015 at 14:10:54, Arjen van der Meer wrote:
Dear Antony (and Amos),
Thanks again for your replies. This answers my question, however I had
hoped for a solution that would make /wordpress invisible from the
outside.
In that case remove the ^/wordpress ACL from your squid
On Monday 27 Jul 2015 at 16:53, Berkes, David wrote:
I have squid configured as a forward proxy with basic authentication. All
traffic flows as expected, but periodically I get an authentication pop-up
indicating an origin server is requiring credentials. I check the URL via
non-proxy
On Monday 27 Jul 2015 at 18:45, HackXBack wrote:
how i can use useragent log in 3.5.6
while no user agent log in access.log like it mentioned in
http://wiki.squid-cache.org/SquidFaq/SquidLogs
As the page says this log has become one of the default access.log formats
and is always available
On Monday 27 Jul 2015 at 17:21, Berkes, David wrote:
Here is the information requested. From the log, everything looks to be
normal. The log example is from the cdn0.vox-cdn.com traffic.
ORIGIN URL's
pixel.adsafeprotected.com
cdn0.vox-cdn.com
sb.scorecardresearch.com
SQUID
On Monday 20 Jul 2015 at 16:27, Stakres wrote:
As you know, when an object is denied by an ACl or other, the size of the
object in the log file is the size of the ERR_* page.
Is there a way to get the correct/real size of the blocked object ?
Because here we don't care the size of the ERR
On Monday 24 August 2015 at 23:41:49, kuntal_ba...@bnz.co.nz wrote:
Could you please un-subscribe me ?
I've sent you an unsubscribe request confirmation.
Reply to it and you'll be removed from the list.
Senior Infrastructure Architecture and Design Specialist
Infrastructure Architecture and
On Wednesday 11 November 2015 at 13:25:56, Verónica Ovando wrote:
> Hi. I need to set up correctly my logfiles rotation.
I think http://serverfault.com/questions/391538/logrotate-daily-and-size might
help you.
> I am using logrotate with this configuration in /etc/logrotate.d/squid3:
>
>
On Sunday 15 November 2015 at 15:53:56, Jens Kallup wrote:
> Hello,
>
> Now, I use the follow script.
> But, it ends in endless search - web browser site search.
>
> #!/usr/bin/python
>
> import sys
> import time
>
> def grant ():
>sys.stdout.write( 'OK\n' )
>
> def deny ():
>
On Thursday 12 November 2015 at 15:55:10, Magic Link wrote:
> I want people don't have access to Internet, except one hour twice a day
> with only some urls.listed in a file
On 14/11/2015 11:23 p.m., Magic Link wrote:
> I 've made a mistake so what i want is users can access Internet, except
>
> 16.11.15 20:49, Tecnología CHARNE.NET пишет:
> > Hello!
> >
> > I'm configuring delay pools on squid 3.5
> >
> > I don't understand online doc
> > [http://www.squid-cache.org/Versions/v3/3.5/cfgman/delay_parameters.html]
> > about delay_parameters
> >
> >
> > "Note that 8 x 32000
nk/mod/mod_proxy_balancer.html
https://opensourcehacker.com/2011/04/15/sticky/
Regards,
Antony.
> On 16/11/2015 12:49, Antony Stone wrote:
> > On Monday 16 November 2015 at 11:32:31, Patrick Chemla wrote:
> >> I am doing load balancing as sourcehash, so on IP source.
> >
On Monday 16 November 2015 at 10:35:39, Patrick Chemla wrote:
> Hi,
>
> I am using squid for years, maybe with basic features, and I have a
> problem today with an app where I need to manage multiple backends, be
> sure that a user is always sent to the same one because the app writes
> on local
o identify a session / user?
Without knowing what application you're dealing with, we can't guess this for
ourselves.
Regards,
Antony.
> On 16/11/2015 11:41, Antony Stone wrote:
> > On Monday 16 November 2015 at 10:35:39, Patrick Chemla wrote:
> >> Hi,
> >>
> >
On Thursday 12 November 2015 at 18:31:10, Benjamin Reed wrote:
> I'm trying to set up a CDN-like frontend to our (bandwidth-constrained)
> master package repository. Everything seems to be working (including
> memory cache hits) except for some reason it does not seem to be
> caching/keeping
On Thursday 12 November 2015 at 15:55:10, Magic Link wrote:
> Hi,
> I want people don't have access to Internet, except one hour twice a day
> with only some urls.listed in a file.I use the ACL type "time" and
> "url_regex" but it doesn't work.
Please elaborate on "it doesn't work".
Do you mean
On Monday 02 November 2015 at 16:39:45, FredB wrote:
> I want to reduce DNS requests, so I'm trying with
>
> positive_dns_ttl 6 hours
> And
> negative_dns_ttl 4 hours
> If I try a false domain like test.google.com there is a response from my
> DNS Servail, so ok But if I retry after a short
ser at the IP address of the
server?
What is the output of the following command?
ls -al /etc/apache2
Regards,
Antony.
> -Original Message-
> From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On
> Behalf Of Antony Stone Sent: Friday, October 30,
On Friday 30 October 2015 at 16:18:16, dol...@ihcrc.org wrote:
> Antony,
>
> I get the Apache2 Debian Default page when I got the address of the server.
Excellent.
> Here are the results of the command:
>
> root@srv-proxy:/usr/local/src/negotiate_wrapper-1.0.1# ls -al /etc/apache2
> total 96
On Friday 30 October 2015 at 15:34:34, dol...@ihcrc.org wrote:
> I am trying to complete the "Proxy auto configuration" portion of setting
> up Squid to authenticate through Active Directory and the instructions say
> to modify the file /etc/apache2/conf.d/wpad.dat. However, when I try to
> save
This reply came to my private address.
Forwarding to the list.
-- Forwarded Message Starts --
Subject: Re: [squid-users] HTTP 503 error in squid proxy server
Date: Saturday 07 November 2015 10:43:14
From: 聡司蛭田 <hir...@totalsolution.biz>
To: Antony Stone >
Dear
On Saturday 07 November 2015 at 12:48:09, Antony Stone wrote:
> This reply came to my private address.
>
> Forwarding to the list.
>
> -- Forwarded Message Starts --
>
> Subject: Re: [squid-users] HTTP 503 error in squid proxy server
> Date: Saturday 0
On Saturday 07 November 2015 at 09:30:04, 聡司蛭田 wrote:
> Dear
>
> I have question about HTTPS communication through Squid Proxy Server.
>
> HTTP 503 error frequency occurs.
Does it also occur if you point your browser directly at the site, not via
Squid?
> 10.xx.xx.xx - -
On Wednesday 14 October 2015 at 20:33:10, sebastien.boulia...@cpu.ca wrote:
> Hi,
>
> How do you recommend me to configure Squid to redirect request on
> example.ca to example.qc.ca ?
My personal recommendation would be to use a search engine such as Google to
look for information about
ould actually be available for
Squid to fetch?
Antony.
> -Message d'origine-
> De : squid-users [mailto:squid-users-boun...@lists.squid-cache.org] De la
> part de Antony Stone Envoyé : 19 octobre 2015 13:36
> À : squid-users@lists.squid-cache.org
> Objet : Re: [
On Monday 19 October 2015 at 19:27:37, sebastien.boulia...@cpu.ca wrote:
> 1445275480.152 5 TCP_MISS/200 9269 GET
> http://www.cpu.qc.ca/ - FIRSTUP_PARENT/172.20.253.5 text/html
>
> 1445275241.374 0 TCP_DENIED/403 4106 GET
> http://cpu.qc.ca/ - HIER_NONE/-
On Tuesday 13 October 2015 at 16:37:10, Nelson Manuel Marques wrote:
> On Tue, 2015-10-13 at 20:22 +0600, Yuri Voinov wrote:
> >
> > Squid has its own in-memory cache, what's the point to put the disk
> > cache to the same ?!
>
> The problem here isn't the tmpfs, but instead Squid going 20%
On Thursday 27 Aug 2015 at 17:21, Arkantos wrote:
the community is now wanting a caching server.
i have zeroed in on CentOS+Squid+Webmin
but we are unable to configure it as a completely transparent cache
If your community of users wants a caching proxy server, why make it
transparent?
On Saturday 29 Aug 2015 at 16:32, Arkantos wrote:
user authentication is done from Unify MSC by matching user/pass/IP/MAC
using strict method - this is the reason we need completely transparent
proxy.
MAC address? Really?
You won't get user MAC addresses to pass through routers, or through
On Monday 31 Aug 2015 at 17:38, adricustodio wrote:
> Well... now its appearing the following when i try to access...
>
> Internal Error: Missing Template /etc/squid/splash.html
>
> Ideas ?
Well, sorry to be a bit obvious about this, but did you create that file when
you added this line to
On Monday 31 Aug 2015 at 14:08, Corbo, Nelson wrote:
> I'm getting failure messages in squid 3.57 for Windows, I
> don't know the reason. I'll appreciate your support with this issue.
We'd appreciate in return some information about:
- what was the request which got aborted?
-
On Saturday 05 September 2015 at 15:32:09, Antony Stone wrote:
> On Saturday 05 September 2015 at 15:29:28, Alfredo Rezinovsky wrote:
> > I'm trying to adapt response for all text/html responses.
> >
> > icap_service service_respmod respmod_precache
> > ica
On Saturday 05 September 2015 at 15:29:28, Alfredo Rezinovsky wrote:
> I'm trying to adapt response for all text/html responses.
>
> icap_service service_respmod respmod_precache
> icap://127.0.0.1:1344/response
>
> acl html rep_header -i Content-Type text\/html
> adaptation_access
On Wednesday 16 September 2015 at 22:00:27, Jorgeley Junior wrote:
> I think my squid is not optimezed due the percentage of hits, see the graph
> bellow:
I agree with you.
Regards,
Antony.
--
+++ Divide By Cucumber Error. Please Reinstall Universe And Reboot +++
On Tuesday 29 September 2015 at 23:50:15, HackXBack wrote:
> i dont say that we want to bump pinned connection ,
> why squid not automatically bypass pinned connection with out decryption ??
How can Squid know that the client is using pinning?
Antony.
--
BASIC is to computer languages what
On Wednesday 30 September 2015 at 21:35:32, Magic Link wrote:
> Hi,i configure squid to use cache. It seems to work because when i did a
> try with a software's download, the second download is TCP_HIT in the
> access.log.
Congratulations.
> The question i have is : why the majority of requests
Please don't reply to entire digest posts - trim them to contain only the part
you are replying to. Also please change the subject line to be more relevant.
On Tuesday 22 September 2015 at 11:38:26, Mumin Coder wrote:
> I need database to store sanitized websites (cleaned from javascript
>
On Tuesday 22 September 2015 at 14:57:26, Jasper Van Der Westhuizen wrote:
> I have a cloud based cache peer that I use to authenticate users and filter
> etc. I have a new requirement to redirect a set list of domains to another
> cache peer. The list is defined in a file and only these domains
On Friday 18 September 2015 at 13:13:27, Jorgeley Junior wrote:
> hey guys, forgot-me? :(
Surely you can see for yourself how many connections you've had of different
types? Here are the most common (all those over 100 instances) from your list
of 5240 results
> > 290 TAG_NONE/503
> >
On Monday 21 September 2015 at 21:20:19, Yuri Voinov wrote:
> 22.09.15 1:15, Amos Jeffries пишет:
>
> > HSTS is opt-out. Strip the *response* header on the first contact and it
> > disappears.
>
> I can't. Because first connection can't occur during ISP ban by IP.
> First contact is never
On Tuesday 06 October 2015 at 17:40:11, Cristiano Nunes wrote:
> I have a Squid Version 3.9.Stable13 which is working perfect.
>
> Today I received a complanint of a users which is not able to browse a
> brazilian site.
>
> Squid log shows no DENY at all but the site only shows a white screen
On Thursday 03 December 2015 at 13:34:32, GoGo net wrote:
> As I do NOT want to add extra cost to squid, I will stay with the script
> and try to optimise it.
What do you mean by "cost"?
Antony.
> > On Dec 3, 2015, at 8:27 PM, Amos Jeffries wrote:
> >
> > On 4/12/2015
On Thursday 03 December 2015 at 13:17:24, massimo.s...@asl.bergamo.it wrote:
> http://www.squid-cache.org/Doc/config/http_access/
>
> http_access allow localhost manager
>
> http://wiki.squid-cache.org/Features/CacheManager
>
> Cache manager Access Control in squid.conf
>
On Sunday 13 Dec 2015 at 12:31, Markus wrote:
> I'm trying to protect my internal network against unconsciously
> downloading executable files (like malware). All users traffic pass
> through our Squid proxy.
> So, tell me guys, if there is any solution for this?
On Sunday 13 Dec 2015 at 15:25, Marcio Demetrio Bacci wrote:
> Hi,
>
> What is the best way to free access to a site without going through of the
> Squid Proxy?
Add an exception to the browser proxy configuration - generally most easily
done using a PAC file:
if (dnsDomainIs(host,
On Tuesday 15 Dec 2015 at 11:39, Roberto Carna wrote:
> Dear, we have a Squid3 as reverse proxy with default configuration.
>
> We have a domain pointed to a web server. In this server the user
> session expiration is setup in 3 hs, but each 15 minutes the session
> expires.
What is your
On Tuesday 15 Dec 2015 at 13:02, Roberto Carna wrote:
> Development team say that a session is conformed by cookies, and the
> expiration time defined is 3 hours.
Squid will not change the content of the cookies (although it's possible it
could remove them, depending on the configuration).
On Sunday 03 January 2016 at 00:46:39, Christian Kunkel wrote:
> Hey guys,
>
> is there any way i can do some traffic shaping with squid?
Yes, but it's nowhere near as good as doing it with IP tools on the underlying
O/S.
> Its a bit complicated in my case. I can not shape through user ip
On Sunday 03 January 2016 at 09:42:21, Christian Kunkel wrote:
> Am 03.01.2016 um 01:14 schrieb Antony Stone;
> > >> On Sunday 03 January 2016 at 00:46:39, Christian Kunkel wrote:
> >>
> >> Hey guys,
> >>
> >> is there any way i can do some
On Sunday 03 January 2016 at 12:35:10, Christian Kunkel wrote:
> > Am 03.01.2016 um 10:13 schrieb Antony Stone:
> >
> > How many users do you have?
>
> i wanted to put about 200-500 users on a server. is that possible?
Certainly no problem for Squid, and I guess you
On Tuesday 05 January 2016 at 21:03:09, Nir Krakowski wrote:
> eg: /etc/hosts
> mail.google.com 10.0.0.250
> as for the ssl certificate, I hope to self sign with a made up root CA.
What are you trying to achieve with this setup,
and have you checked whether it is legal in your country /
On Friday 01 January 2016 at 14:21:38, Billy.Zheng(zw963) wrote:
> $ squid -v
> Squid Cache: Version 3.3.8
> configure options:
> '--enable-eui'
That will do MAC address matching for you.
Please describe the network setup :)
Antony.
--
You can tell that the day just isn't going right
On Friday 01 January 2016 at 13:50:20, Billy.Zheng(zw963) wrote:
> Hi, all, I deploy a new Squid Server in my VPS server.
> And i set a squid MAC address ACL, like following:
>
> it seem like:
> >> acl advance_users arp ??:??:??:??:??:??
> >> http_access allow advance_users
>
> But it not work.
On Friday 01 January 2016 at 16:03:00, Billy.Zheng(zw963) wrote:
> My config is a little longer, But it worked fine in recent months.
Please:
1. Describe your network setup - specifically:
- what is the client-facing IP address of your Squid server?
- what network range are the clients in?
On Tuesday 05 January 2016 at 20:30:06, Nir Krakowski wrote:
> how can you combine accel proxy with ssl-bump ?
Have you looked at http://www.squid-cache.org/Doc/config/http_port/ ?
You put the certificate (which would normally be on the web server) on the
Squid server (because that's the
On Sunday 03 January 2016 at 20:41:51, Daniel Calin wrote:
> Scenario:
> External IP: 1.1.1.
> Website: www.domain1.com
> Website: www.domain2.com
> External DNS for both sites points to 1.1.1.1
> www.domain1.com is hosted on internal LAN IP 2.2.2.1
> www.domain2.com is hosted on the internal LAN
On Monday 28 December 2015 at 16:22:58, joru.pacs wrote:
> Hi!
>
> I am trying to set up squid to be a whitelist proxy which should be able to
> filter both HTTP and HTTPS URLs.
> I have already tried using SSL Bump
How? What squid.conf did you use? What results did you get? What didn't
On Tuesday 24 November 2015 at 18:58:01, Benjamin Reed wrote:
> Any idea how my X-Cache, X-Cache-Lookup, and Via: headers are getting
> messed up on my accelerator configuration?
>
> Here's the output from a sample HEAD request:
>
>
On Monday 30 November 2015 at 19:00:14, Jens Kallup wrote:
> Hello,
>
> I have try a "url_rewrite_program" that should redirect a page,
> that content is filtered / changed.
> I add 2 lines to config:
>
> url_rewrite_program /sap/squid/rewrite.pl
> #deny_info http://www.freenet.de
On Monday 30 November 2015 at 18:53:54, Bart Spedden wrote:
> I can successfully connect as long as I don't use squid for either 1 way or
> 2 way TLS connections. I've also successfully connect via curl. So, I feel
> like the site's certs are working well. I could be totally off base here
> but
On Thursday 26 November 2015 at 13:18:46, Funke, Martin wrote:
> Hello list,
>
> is there a way to block the access to the google picture search?
> https://www.google.de/imghp?hl=de
I'm going to stick my neck out and say "no", because there are just too many
ways of achieving the same result
On Thursday 26 November 2015 at 15:20:12, Ralf Hildebrandt wrote:
> Is it possible to somehow log the user agent in squid? Our goal is to
> find old/outdated versions of Windows and IE.
See http://www.squid-cache.org/Doc/config/logformat/ - the very last example at
the bottom shows User Agent
On Saturday 21 November 2015 at 17:02:56, Ahmad Alzaeem wrote:
> Hi Guys I have a squid runnng in intercept mode
Okay...
> I have a dns to resolve all the websites to the ip of proxy
Which instructions / documentation did you follow saying that was a good idea?
> I want the proxy to be able
On Tuesday 24 November 2015 at 14:31:15, Ahmad Alzaeem wrote:
> The DNS is not broken , it will resolve some websites to ip address of
> squid and other websites will rslve to other ip
That sounds pretty broken to me (unless the Squid machine really is the web
server for those sites whose
On Tuesday 24 November 2015 at 12:22:40, Ahmad Alzaeem wrote:
> Hi Devs ,
>
> I have a server that send to squid http/https with wrong destination ips
It has already been recommended that you fix your DNS so that it works
correctly / normally.
> So assume I want to open google
>
> The
om: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On
> Behalf Of Antony Stone Sent: Tuesday, November 24, 2015 2:42 PM
> To: squid-users@lists.squid-cache.org
> Subject: Re: [squid-users] TCP-MISS 503 for wrong destination ip
>
> On Tuesday 24 November 2015 at 12:22:4
1 - 100 of 529 matches
Mail list logo