Peter:
Do you mean you've patched the source code, and if so, how do I get
that patch? Do I have to move from the stable trunk?
Amos:
Sorry yes that is what I meant and it can now be found here:
http://www.squid-cache.org/Versions/v3/3.HEAD/changesets/squid-3-12957.patch
It should apply
Eliezer:
I would assume that you setup your WCCP correctly.
DO you use them in tunnel or route mode?
in route mode you can easily get into a complex situation that you have a
routing endless loop(until X TTL).
I think the wccp2 is set up correctly - I am using tunnel mode. Here is the
output
On 28/07/2013 6:19 p.m., Peter Retief wrote:
Peter:
Do you mean you've patched the source code, and if so, how do I get
that patch? Do I have to move from the stable trunk?
Amos:
Sorry yes that is what I meant and it can now be found here:
Amos:
Squid starts with 16K of which 100 are reserved FD. When it changes that
the 16K limit is still the total, but the reserved is raised to make N
sockets reserved/unavailable.
So 16384 - 15394 = 990 FD safe to use after adjustments caused by the
error.
Peter:
I would have deduced that
To intercept HTTPS traffic, is SSL-bump a must? Even when I only want
to record the CONNECT traffic in access.log just like a normal forward
proxy without decrypting anything?
Is this any different with TPROXY?
On 07/28/2013 03:37 PM, csn233 wrote:
To intercept HTTPS traffic, is SSL-bump a must? Even when I only want
to record the CONNECT traffic in access.log just like a normal forward
proxy without decrypting anything?
Is this any different with TPROXY?
Indeed SSL-bump is a must..
You will be
On 29/07/2013 2:30 a.m., Eliezer Croitoru wrote:
On 07/28/2013 03:37 PM, csn233 wrote:
To intercept HTTPS traffic, is SSL-bump a must? Even when I only want
to record the CONNECT traffic in access.log just like a normal forward
proxy without decrypting anything?
Is this any different with
On 07/28/2013 05:21 PM, Amos Jeffries wrote:
On 29/07/2013 2:30 a.m., Eliezer Croitoru wrote:
On 07/28/2013 03:37 PM, csn233 wrote:
To intercept HTTPS traffic, is SSL-bump a must? Even when I only want
to record the CONNECT traffic in access.log just like a normal forward
proxy without