-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
https://www.google.com/search?q=squid+watsup+blocking
Feel free to Google your question first.
08.06.15 20:37, Jonathan Filogna пишет:
Hi all, greetings from Argentina
I want to know if can be possible block whatsapp for mobiles with a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hm. Interesting.
You want to say, you uses ordinal server certificate, signed with
external trusted CA?
And users can't see MiTM?
25.05.15 22:26, James Lay пишет:
So following advice and instructions on this page:
Store ID can't get TCP_HIT. URL is changed.
19.05.15 3:18, Stakres пишет:
Hi Yuri,
Do you get a TCP_HIT with your rules ?
From my side, i get this: *X-Cache: MISS* from blablabla...
Bye Fred
--
View this message in context:
05.05.2015 um 12:51 schrieb Yuri Voinov:
This is not squid issue but your AV engine library or ICAP
intermediate
AV library configuration.
Thank you for your answer.
Can you explain me a litte bit more detailed why this is not a squid
issue?
In the icap-logfile, I can see a REQMOD-request
Kuegler пишет:
Am 18.05.2015 um 14:01 schrieb Yuri Voinov:
http://squidclamav.darold.net/config.html
Trust your cache (obsolete/unused in v6.x)
One of the main configuration directive for performance improvement is
'trust_cache'. SquidClamav detect if the file to download is already
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Transparent DNS interception is more reliable technics, but requires
some advanced things. Including continious support.
And also this will not proof against browser anti-proxy plugins.
BTW, gents, we are talking about advanced internet users -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Also note:
Most browser's anti-proxy plugins exists for Android/Apple.
19.05.15 0:25, Dwayne Hottinger пишет:
There is a way to use an internal dns server to redirect all google
searches to their safe search google. This does help with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
# Adobe/Java and other updates
acl adobe_java_updates urlpath_regex /usr/local/squid/etc/urlregex.updates
range_offset_limit none adobe_java_updates
store_id_access allow adobe_java_updates
store_id_program
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Because this is not assert.
alert unknown ca
16.05.15 0:56, HackXBack пишет:
in cache.log i found this,
2015/05/15 21:06:41 kid1| clientNegotiateSSL: Error negotiating SSL
connection on FD 11185: error:14094418:SSL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Latest Squid source's not in repositories. They are here:
http://www.squid-cache.org/Download/
13.05.15 19:53, Jose Torres-Berrocal пишет:
As said I followed the thread I included in the initial email. I have
added the --enable-ssl and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
13.05.15 0:17, Casey Daniels пишет:
Hi,
I've been trying to figure out how to do some web filtering on
HTTPs, with no really good options given the layout I have. But then
Solved.
I've add 3975 backport patch,
then this one:
acl text-html rep_mime_type text/html
acl http302 http_status 302
store_miss deny text-html
store_miss deny http302
send_hit deny text-html
send_hit deny http302
and this one:
# For YT block useragent header
acl googledomain_ua_deny
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Amos,
independent proxies also supported by Cisco WCCP. For redundancy it can
group any numbers of transparent proxies.
WBR, Yuri
10.05.15 12:57, Amos Jeffries пишет:
On 10/05/2015 6:31 p.m., Ibrahim Lubis wrote:
Hi,
Most of all know about
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
ufdbguard
08.05.15 0:52, Bob Cochran пишет:
Hi,
What is the best solution with squid for content filtering using lists
of domains that should be blocked?
We have been using squidGuard, and it works. However, we would like
to know if there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I think, this loop is changed in YT during last year.
HTML5 was winished since 2015. YT URL scheme was chagnged this year. So,
text/html is not valid for prevention looping. I see text/plain
redirector in YT exchange.
08.05.15 2:59, HackXBack
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Feature with acl will be useful. Not only YT uses this redirection scheme.
08.05.15 3:25, HackXBack пишет:
you are right, but this patch still work with me.
i dont know if we can find better solution for this like you said by acl
--
View
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
For 3.4.x series need patch. Correct patch. This copy-n-pasted is broken.
Also, you have forgotten one thing: YT redirector has text/plain mime
type, not text/html. Just trace your YT session and check every exchange
between client and server.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
http://i.imgur.com/mW7gNwD.png
http://squidclamav.darold.net/config.html
This is for squidclamav (I use it and have no problems with malware).
05.05.15 17:45, Stefan Kügler пишет:
Hi Yuri.
Am 05.05.2015 um 12:51 schrieb Yuri Voinov
05.05.15 4:07, HackXBack пишет:
Okay Sir,
this is the solution
1st: put this conf in your squid.conf
for looping 302 on youtube
acl text-html rep_mime_type text/html
acl http302 http_status 302
store_miss deny text-html
store_miss deny http302
send_hit deny text-html
send_hit deny
This is not squid issue but your AV engine library or ICAP intermediate
AV library configuration.
05.05.15 16:43, Stefan Kügler пишет:
Hello.
I have a short question using squid as an ICAP-client.
It seems that squid doesn't send an already downloaded (and cached)
object to an
Hi gents.
I made a little research and found one funny problem with Youtube/HTML5
caching.
When youtube output video, it starts with similar URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
03.05.15 18:47, Hussam Al-Tayeb пишет:
Hello, how would I deny caching to replies containing Vary: User-Agent http
header?
For what?
I already use:
acl hasVary rep_header Vary .
store_miss deny hasVary
but it won't block caching of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Also refresh_pattern directives order is important.
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp:144020%10080
refresh_pattern ^gopher:14400%1440
refresh_pattern -i (/cgi-bin/|\?) 0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
About your configs:
# Uncomment and adjust the following to add a disk cache directory.
cache_dir aufs /var/spool/squid 100 16 256
This is toy cache. Are you are serious?
cache_mem 0 KB
You completely disabled memory cache. You sure this is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
04.05.15 0:07, Hussam Al-Tayeb пишет:
Sent: Sunday, May 03, 2015 at 8:04 PM
From: Yuri Voinov yvoi...@gmail.com
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] vary headers
Headers has own acl.
Example:
# Strip User
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Did you observe your caches access logs in runtime? For example, with
squidview?
This report contains no meaningful info.
03.05.15 21:13, Hierony Manurung пишет:
Hierony Manurung
Del Institute of Technology
Network Management
Pada
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
# TAG: cache_vary
#This option is not yet supported by Squid-3.
This is option your want. But - ooops! - not yet supported.
04.05.15 0:07, Hussam Al-Tayeb пишет:
Sent: Sunday, May 03, 2015 at 8:04 PM
From: Yuri Voinov yvoi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Something like this:
reply_header_access Vary deny all
reply_header_replace Vary Accept-Encoding
04.05.15 0:54, Hussam Al-Tayeb пишет:
wget --server-response
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Understand. You problem is duplicates. So, you need to de-duplicate
identical content.
May be, store ID saves you?
04.05.15 1:07, Hussam Al-Tayeb пишет:
Sent: Sunday, May 03, 2015 at 9:55 PM
From: Yuri Voinov yvoi...@gmail.com
To: squid
Amos,
what's up with bugzilla? It down and not available.
WBR, Yuri
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
acl no_cache urlpath_regex imageview\.gif\?
or
acl no_cache urlpath_regex imageview\.gif(\?|$)
30.04.15 6:58, Hussam Al-Tayeb пишет:
What rule would I have to add to not cache the following url?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Yes, it's ok now.
Thank you!
01.05.15 2:30, Kinkie ?:
Should be fine now.
Thanks for notifying of the issue.
On Thu, Apr 30, 2015 at 7:42 PM, Yuri Voinov yvoi...@gmail.com wrote:
Now server produces 500 error.
30.04.15 23:39, Kinkie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
cachemrg.cgi
SARG
squidanalyzer
sqtop
Munin+Squid plugins
27.04.15 19:05, Hierony Manurung пишет:
Dear Fellow,
Is there another tools / GUI tools to see Squid caching performance?
I know that when we want to see whether the request is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
SSL can be proxying only with bump functionality with interception.
Interception can't use authentification.
27.04.15 23:24, Giuseppe пишет:
Hi, I'm successfully using squid with active directory authentication for
HTTP traffic.
Now I've
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Man, you decided to gather all possible errors? :)
26.04.15 20:51, HackXBack пишет:
in squid 3.5.3 cache.log
but it works normally ,
what this msg mean ?
--
View this message in context:
Clients must also be pointed to these DNS IP.
22.04.15 10:18, Hierony Manurung пишет:
Hierony Manurung
Del Institute of Technology
Network Management
Pada Rabu, 22 April 2015 10:53,
squid-users-ow...@lists.squid-cache.org
squid-users-ow...@lists.squid-cache.org menulis:
- Pesan yang
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Self-signed certificate is not suitable for use in a reverse proxy.
22.04.15 9:17, snakeeyes пишет:
Hi
I need to setup squid proxy as reverse proxy with https enabled
I tried the bash script below and it run ok :
Of Yuri Voinov
Sent: Tuesday, April 21, 2015 11:19 AM
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] problem in squid certificate installtion
Self-signed certificate is not suitable for use in a reverse proxy.
22.04.15 9:17, snakeeyes пишет:
Hi
I need
So, what?
What's the problem?
21.04.15 16:44, jaykbvt пишет:
Hi,
My squid is configured in interception mode with
http_port 3130
http_port 3129 intercept
squid is running with single network card. request comes from the Cisco ISG
and internet is also allowed from the same Cisco ISG only.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Man,
self-signed sertificate required only for SSL Bump (not pump :)).
For SSL reverse proxy you need CA's signed server certificate.
Feel the difference.
21.04.15 5:16, snakeeyes пишет:
Hi all , I need a help in setting up squid for https
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
http://sams.perm.ru/new/index.php?option=com_phocadownloadview=categoryid=3Itemid=128
This one?
20.04.15 20:34, Dan Berry пишет:
I have setup a squid proxy as a POC for user tracking. I am looking
for a way to track for close events, most of
...@lists.squid-cache.org]
On Behalf Of Yuri Voinov
Sent: Monday, April 20, 2015 6:22 AM
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] squid HTTPs as reverse proxy problem
Man,
self-signed sertificate required only for SSL Bump (not pump :)).
For SSL reverse proxy you need CA's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
18.04.15 17:27, Ali Raza пишет:
t there is a problem I can't figure out. I set up squid proxy on my linux
machine and want to work it as dumb proxy except two features.
1- It should allow me to delete objects of my choice (that I can do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Don't think so.
Simplified:
Squid cache store objects in disk cache with hash value as an index.
To replace object you need completely re-calculate hash, because of new
object become different.
This can be do with Squid itself with normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm ignoring this message.
All pages are loading. This is error 131 from openssl.
12.04.15 0:09, mattatrmc пишет:
Hi Yuri,
I just got my Squid up and running on a fairly active test
environment, and
am seeing the same error printed. Did you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Don't think this is critical. What is native fs block size?
09.04.15 13:29, Stakres пишет:
Hi Yuri,
We have checked the sslproxy_capath, all certifs updated.
OpenSSL is: OpenSSL 1.0.1e 11 Feb 2013 (Debian 7.8)
Additional point, the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Don't think this is critical. What is native fs block size?
09.04.15 13:29, Stakres пишет:
Hi Yuri,
We have checked the sslproxy_capath, all certifs updated.
OpenSSL is: OpenSSL 1.0.1e 11 Feb 2013 (Debian 7.8)
Additional point, the
that issue ?
Thanks in advance.
Bye Fred
De : Yuri Voinov [mailto:yvoi...@gmail.com]
Envoyé : jeudi 9 avril 2015 15:04
À : Vdoctor; squid-users@lists.squid-cache.org
Objet : Re: ***SPAM*** Re: [squid-users] Random SSL bump DB corruption
- From my experience, it may occur as a result
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Yep,
especially with Unbound :)
07.04.15 2:29, Lawrence Pingree пишет:
Unless you are doing authoritative DNS lookups, you may only want to
use a caching forwarder like dnsmasq. Also, squid's ipcache_size
parameter can be tweaked to cache more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Note: This line:
ssl_bump server-first all
in config is from 3.4.x, in 3.5.x you must use new bump syntax.
Also:
- -what openssl/gnutls version used to build squid?
- -Is sslproxy_capath contains really complete set of root/intermediate
CA's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
What version of Squid you are using?
01.04.15 13:06, Yu-Hsuan Liao пишет:
Hello Everyone,
I got 'ssl_error_bad_cert_domain' message from browser when I was trying
to bump tw.bid.yahoo.com in transparent mode
I found that the certificate is
-follow-x-forwarded-for'
'--disable-auth-ntlm' '--disable-arch-native' '--enable-wccpv2'
'--enable-snmp'
'PKG_CONFIG_PATH=%{_PKG_CONFIG_PATH}:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
--enable-ltdl-convenience/
Looks like all ok.
Regards
On 4/1/2015 12:34 PM, Yuri Voinov wrote:
What version
] On Behalf Of
Yuri Voinov Sent: Tuesday, March 24, 2015 1:58 PM To:
squid-users@lists.squid-cache.org Subject: Re: [squid-users] i want
to block images with size more than 40 KB
Don't think so.
Probably you'll have to write your own helper to handle dynamic
content. Or use the content
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Don't think so.
Probably you'll have to write your own helper to handle dynamic
content. Or use the content adaptaion feature.
25.03.15 11:34, snakeeyes пишет:
BTW can squid block dynamically loaded images, and ajax request
which return
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
He answered you. Just re-read answer.
This is not possible absolutely in all cases.
World is changed. Too sad.
21.03.15 5:12, snakeeyes пишет:
I did try with google.com and yahoo.com
It seems not blocking images there
Can u help with that
As I can research,
this problem produces one of Apple service under HTTPS.
When client query something like iTunes, squid gets strange certificate
which is corrupts DB.
I found no solution at this time. Just stop squid and cleanup SSL db.
WBR, Yuri
18.03.15 11:21, Dan Charlesworth пишет:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Did you hear about rewriters and filters? I.e., squidGuard, or
Dansguardian? Or, of course
https://www.urlfilterdb.com/products/ufdbguard.html
?
It has separate server process which can be restart VERY quickly
independently of squid.
17.03.15 23:35,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alberto,
quetsion is not about this completely. ;)
18.03.15 0:08, Alberto Perez пишет:
I did this once, with external acl, you can specify a ttl of each
external acl and also make your acl reload the list any time you
want.
My external acl
appreciate it.
On Tue, Mar 17, 2015 at 11:39 AM, Yuri Voinov
yvoi...@gmail.com wrote:
Did you hear about rewriters and filters? I.e., squidGuard, or
Dansguardian? Or, of course
https://www.urlfilterdb.com/products/ufdbguard.html ? It has
separate server process which can be restart VERY
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
13.03.15 23:33, Amos Jeffries пишет:
On 14/03/2015 5:47 a.m., Monah Baki wrote:
snip
half_closed_clients off quick_abort_min 0 KB quick_abort_max 0
KB vary_ignore_expire on reload_into_ims on memory_pools off
cache_mem 4096 MB
requires some special tweaks I am very interested.
Thanks
On 3/13/15, Yuri Voinov yvoi...@gmail.com wrote:
13.03.15 23:33, Amos Jeffries пишет:
On 14/03/2015 5:47 a.m., Monah Baki wrote:
snip
half_closed_clients off quick_abort_min 0 KB
quick_abort_max 0 KB vary_ignore_expire
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
13.03.15 2:37, Mukul Gandhi пишет:
On Thu, Mar 12, 2015 at 11:04 AM, Yuri Voinov yvoi...@gmail.com
wrote:
You only have external helper (which is must wrote yourself) in
3.4.x.
Are there any examples that I can look at to implemented
On proxy box.
06.03.15 19:47, monahb...@gmail.com пишет:
From squid or router?
Thanks
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE
network.
*From: *Yuri Voinov
*Sent: *Friday, March 6, 2015 8:44 AM
*To: *Monah Baki
*Cc: *squid-users@lists.squid-cache.org
*Subject
Did you have another listening process on 80 port on your proxy box?
I.e., web-server?
06.03.15 19:26, Monah Baki пишет:
I went and changed the 10.0.0.0/8 http://10.0.0.0/8 to 10.0.0.23,
which is the client station we are testing on, same results. Forward
loop detected
Thanks
On Fri, Mar
.
Thanks
On Fri, Mar 6, 2015 at 8:28 AM, Yuri Voinov yvoi...@gmail.com
mailto:yvoi...@gmail.com wrote:
Did you have another listening process on 80 port on your proxy box?
I.e., web-server?
06.03.15 19:26, Monah Baki пишет:
I went and changed the 10.0.0.0/8 http://10.0.0.0/8
0 *.123 *.* udp4 0 0 *.123
*.* udp4 0 0 *.514 *.* udp6 0
0 *.514 *.*
On Thu, Mar 5, 2015 at 12:12 PM, Yuri Voinov yvoi...@gmail.com
wrote:
- From your PC run telnet 10.0.0.24 80. You've seen if TCP socket
*.* udp6 0
0 *.123 *.* udp4 0 0 *.123
*.* udp4 0 0 *.514 *.* udp6 0
0 *.514 *.*
On Thu, Mar 5, 2015 at 12:12 PM, Yuri Voinov yvoi...@gmail.com
wrote:
- From your PC run telnet 10.0.0.24 80. You've seen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Can you run pfctl -s nat state on proxy box?
06.03.15 0:05, Monah Baki пишет:
Ok let me ask the client tomorrow to run telnet 10.0.0.24 80 from
a workstation
Thanks for he help Yuri
On Thu, Mar 5, 2015 at 1:02 PM, Yuri Voinov yvoi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- From your PC run telnet 10.0.0.24 80. You've seen if TCP socket opens.
05.03.15 23:10, Monah Baki пишет:
How can I confirm, I have access only to the BSD box
Thanks
On Thu, Mar 5, 2015 at 11:12 AM, Yuri Voinov yvoi...@gmail.com
wrote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Show complete pf.conf, please.
05.03.15 19:45, Monah Baki пишет:
In my squid.conf
http_port 3128 http_port 3129 intercept
Thanks
On Thu, Mar 5, 2015 at 8:44 AM, Yuri Voinov yvoi...@gmail.com
wrote:
Squid access denied?
Look
pass out log quick on bge0
pass out keep state
Thanks
On Thu, Mar 5, 2015 at 8:50 AM, Yuri Voinov yvoi...@gmail.com
wrote:
Show complete pf.conf, please.
05.03.15 19:45, Monah Baki пишет:
In my squid.conf
http_port 3128 http_port 3129 intercept
Thanks
On Thu, Mar 5, 2015
in on bge0:
10.0.0.14.54264
10.0.0.24.22: Flags [S], seq 3823043622, win 8192, options [mss
1460,nop,wscale 2,nop,nop,sackOK], length 0
On Thu, Mar 5, 2015 at 10:20 AM, Yuri Voinov yvoi...@gmail.com
wrote:
Hm. No.
We not checked only OS.
Does your BSD really loads PF module
?
On Thu, Mar 5, 2015 at 10:14 AM, Yuri Voinov yvoi...@gmail.com
wrote:
Wow, 7600!
But why is so antique iOS?! Current is 15.4
05.03.15 21:09, Monah Baki пишет:
PORT STATE SERVICE VERSION 23/tcp open telnet Cisco IOS
telnetd MAC Address: 88:5A:92:63:77:81 (Cisco) Device type:
router
/8 to any port = http - 10.0.0.24 port 3129
On Thu, Mar 5, 2015 at 1:08 PM, Yuri Voinov yvoi...@gmail.com
wrote:
Can you run pfctl -s nat state on proxy box?
06.03.15 0:05, Monah Baki пишет:
Ok let me ask the client tomorrow to run telnet 10.0.0.24 80
from a workstation
Thanks for he
' '--enable-snmp'
'--with-pthreads' '--with-filedescriptors=65535'
'--enable-cachemgr-hostname=hostname'
'--enable-storeio=ufs,aufs,diskd,rock' '--enable-ipfw-transparent'
'--enable-pf-transparent' '--with-nat-devpf'
--enable-ltdl-convenience
On Thu, Mar 5, 2015 at 9:14 AM, Yuri Voinov yvoi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Transparent interception in 3.5 still not completely supports SNI.
Only in 3.4.x branch.
And yes - you do it wrong in your config:
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
05.03.15 17:53, Sergey Pronin пишет:
Hello
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You cannot combine HTTP and HTTPS in one WCCP service.
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
03.03.15 23:04, Guy Helmer пишет:
This used to work in 3.3.x:
wccp2_service_info 94 protocol=tcp
..65535)\n, tmp);
On Mar 3, 2015, at 11:06 AM, Yuri Voinov yvoi...@gmail.com
wrote:
You cannot combine HTTP and HTTPS in one WCCP service.
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
03.03.15 23:04, Guy Helmer пишет:
This used to work in 3.3.x
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A-ha!
Can I use ICAP - for example, with ecap to extract metadata from ecap
adapters?
02.03.15 17:09, Amos Jeffries пишет:
On 2/03/2015 11:56 p.m., Yuri Voinov wrote:
But Amos,
wait:
root @ cthulhu / # /usr/local/squid/bin/squidclient -p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Logins/passwords? ;)
02.03.15 17:24, HackXBack пишет:
POST request come from input form . i want to read this data in
squid .
-- View this message in context:
.
Not obvious how to use this code.
01.03.15 8:14, Amos Jeffries пишет:
On 28/02/2015 9:59 a.m., Yuri Voinov wrote:
Hi gents.
Can I use log codes in custom error page and how to do this? Some
examples will be useful.
In details, interested in using adapt::last_h code.
Just point me on right
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eh... :(
No way to get metadata from adaptation module?
02.03.15 16:43, Amos Jeffries пишет:
On 2/03/2015 11:25 p.m., Yuri Voinov wrote:
Not clear:
I can use %adapt directly? This completely undocumented.
The documented ones are the only
-Signature;
Via: ICAP/1.0 cthulhu (C-ICAP/0.3.5 SquidClamav/Antivirus service )
X-Cache: MISS from cthulhu
X-Cache-Lookup: MISS from cthulhu:3127
Connection: close
How ICAP does it?
02.03.15 16:43, Amos Jeffries пишет:
On 2/03/2015 11:25 p.m., Yuri Voinov wrote:
Not clear:
I can use %adapt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So what else can be interesting in POST. ;)
02.03.15 23:48, HackXBack пишет:
Yuri :P Why you are asking
-- View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/squid-and-post-method-tp4670122p4670166.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
01.03.15 23:18, Julianne Bielski пишет:
I have an https client (not a browser) that normally connects to a
reverse proxy. When it needs to go through a forward proxy, it
requests a CONNECT tunnel. I now have a requirement to also be able
to
.
To know more about explicit bump look at this:
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
From: Yuri Voinov yvoi...@gmail.com To: Julianne
Bielski/Raleigh/IBM@IBMUS Cc: squid-users@lists.squid-cache.org,
squid-users squid-users-boun...@lists.squid-cache.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
02.03.15 2:03, Antony Stone пишет:
On Sunday 01 March 2015 at 19:17:22 (EU time), Yuri Voinov wrote:
02.03.15 0:07, Julianne Bielski пишет:
http_port 443 ssl-bump
cert=/usr/local/squid3/etc/site_priv+pub.pem
http_port 3128 intercept
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
If it was possible, all of this simply would not be necessary:
http://wiki.squid-cache.org/ConfigExamples/Intercept#Traffic_Interception_capture_into_Squid
02.03.15 2:03, Antony Stone пишет:
On Sunday 01 March 2015 at 19:17:22 (EU time), Yuri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi gents.
Can I use log codes in custom error page and how to do this? Some
examples will be useful.
In details, interested in using adapt::last_h code.
Just point me on right way.
Thank you.
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://wiki.squid-cache.org/ConfigExamples/Intercept
26.02.15 23:12, Monah Baki пишет:
Hi all,
I have client who has his Policy Based Routing as:
interface GigabitEthernet0/0/1.1 (route policy on the LAN
interface)
ip policy route-map
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
And if you seen this:
- --enable-ipfw-transparent
- --enable-pf-transparent
I think this is xBSD. ;)
27.02.15 0:36, Eliezer Croitoru пишет:
On 26/02/2015 19:12, Monah Baki wrote:
Hi all,
I have client who has his Policy Based Routing as:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
:
Parity Check? ;) You need better RAM with ECC ;)
27.02.15 0:52, Eliezer Croitoru пишет:
On 26/02/2015 20:43, Yuri Voinov wrote:
Directly, Eliezer:)
His installation doesn't work. Somebody have forgotten about
NAT;)
It happen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Directly, Eliezer :)
His installation doesn't work. Somebody have forgotten about NAT ;)
27.02.15 0:36, Eliezer Croitoru пишет:
On 26/02/2015 19:12, Monah Baki wrote:
Hi all,
I have client who has his Policy Based Routing as:
interface
:)))
26.02.15 17:39, Greg пишет:
Hi all,
I'm a ~beginner sysadmin starting managing a flock of (10+) existing
Squid proxies in different VPS companies. Right now it's a mix of
different OSes and Squid versions, some of them are rather old, and
all is managed manually over SSH - I'd
Yep, this is very funny. :)
https://www.google.com/search?q=Squid+gui+management+tool
First result is yours. :)
26.02.15 18:26, Greg пишет:
On 26 February 2015 at 11:57, Yuri Voinov yvoi...@gmail.com wrote:
:)))
Why is this funny? :/ I'd like to make one step ahead. Even though
Transparent SSL Bump interception, eh?
20.02.15 15:14, Ilya Karpov пишет:
Hi guys,
can anyone suggest solution to make following scenario work using squid:
step1.
Client(actually server application) calls HTTP://example
http://example.org squid via proxy.
|
V
step2.
Proxy(Squid) understands
февр. 2015 г., в 12:24, Yuri Voinov yvoi...@gmail.com
mailto:yvoi...@gmail.com написал(а):
Transparent SSL Bump interception, eh?
20.02.15 15:14, Ilya Karpov пишет:
Hi guys,
can anyone suggest solution to make following scenario work using squid:
step1.
Client(actually server application) calls
Message- From: squid-users
[mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of
Yuri Voinov Sent: Friday, February 20, 2015 7:41 AM To:
squid-users@lists.squid-cache.org Subject: Re: [squid-users] many
vms behind router to same proxy ips problems !
This is not squid problem, man
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://www.google.com/search?q=ipv4+to+ipv6
19.02.15 23:35, masterx81 пишет:
After futher search seem that the webpage now is trying to get
files from cdnjs.cloudflare.com, but it resolves as an ipv6
address. My network is not ready for ipv6.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos
19.02.15 21:44, Mail_Agent пишет:
Hello, can you tell me where can i find detailed instruction about
negotiate_kerb_auth_helper, please, I've configured squid.conf,
checked
901 - 1000 of 1174 matches
Mail list logo
