Re: [squid-users] Squid + ICQ contest ;)

2015-10-27 Thread Yuri Voinov
Here is two parallel blocks of data: sniffing session from proxy box, and the same time squid access.log entries: root @ cthulhu / # snoop 192.168.100.103|grep icq Using device aggr1 (promiscuous mode) 192.168.100.103 -> bos-m028c-rdr1.blue.icq.net HTTPS C port=9040 bos-m028c-rdr1.blue.icq.net

Re: [squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Amos Jeffries
On 27/10/2015 9:36 a.m., Yuri Voinov wrote: > > The problem is: I can't see most part of ICQ traffic. Because of it uses > non-HTTP/HTTPS/FTP ports. Only with sniffer. Okay, that should not matter much. That part of the traffic there is nothing we can do about in Squid. > > Looks like this: >

Re: [squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The problem is: I can't see most part of ICQ traffic. Because of it uses non-HTTP/HTTPS/FTP ports. Only with sniffer. Looks like this: 1. Login starts over 5190 port with CONNECT method. And normal squid's config blocks it - this is non-SSL

[squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi gents. There is a good contest for all squidmans ;) So. We have wey idiotic protocol - OSCAR, and very antique IM client. This is ICQ. So what - it's work via Squid 3.4.x (both transparent and forwarding) using proxy settings by client.

Re: [squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Amos Jeffries
On 27/10/2015 4:54 a.m., Yuri Voinov wrote: > > Hi gents. > > There is a good contest for all squidmans ;) > > So. > > We have wey idiotic protocol - OSCAR, and very antique IM client. > > This is ICQ. > > So what - it's work via Squid 3.4.x (both transparent and forwarding) > using proxy

Re: [squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I think the right question is not "What headers pass through Squid" and "Why did they pass through a transparent proxy, if the port that is used, not 80 or 443?" 26.10.15 23:26, Amos Jeffries пишет: > On 27/10/2015 4:54 a.m., Yuri Voinov wrote:

Re: [squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Amos Jeffries
On 27/10/2015 6:30 a.m., Yuri Voinov wrote: > > I think the right question is not "What headers pass through Squid" and > "Why did they pass through a transparent proxy, if the port that is > used, not 80 or 443?" > ICQ speaks HTTP on port 80. Not sure about 443, it should at least speak TLS

Re: [squid-users] Squid + ICQ contest ;)

2015-10-26 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 ICQ, like Skype later, uses special technique to bypass proxies/firewalls, and conventionally checks, after it native port 5190, other ports: 80,443,110,25 and other before it can connect to it's load balancer. Moreover, when use 443, it CONNECT