I would like to be able to inspect traffic from my android device. I have a
transparent squid proxy working with SSL bump (using WiFi to get traffic
through my proxy server). Everything works fine as long as I go through a
browser. But I would like to see the other traffic which the OS and other
ap
Hi
I run 2 squid boxes, and I use pacemaker to float 2 VIP's between the 2 boxes.
Basically I just run squid on both and I create a VIP resource that
test if squid is running to allocate the VIP.
But this doesn't really give you load balancing. but very good resilience.
Pacemaker and Linux hav
On 10/06/2015 1:11 p.m., TarotApprentice wrote:
> Yes I noticed that and assumed that was because 2.7 wasn't able to handle
> HTTP 1.1 fully.
>
> I think I better keep the squid 2.7 machine around for a bit. It was due to
> be retired as it's an old WinXP machine.
>
Maybe not.
I took a look t
On 10/06/2015 12:35 p.m., TarotApprentice wrote:
> In the examples on the squid site it gives a multi-worker example using carp
> (http://wiki.squid-cache.org/ConfigExamples/SmpCarpCluster). Now that rock
> storage has been updated with 3.5.5 is that still the best approach?
>
> I was thinking o
In the examples on the squid site it gives a multi-worker example using carp
(http://wiki.squid-cache.org/ConfigExamples/SmpCarpCluster). Now that rock
storage has been updated with 3.5.5 is that still the best approach?
I was thinking of a single rock cache so the workers could share it rather
Amos Jeffries wrote on 2015-06-09 17:10:
[CUT]
> You have to first configure ssl_bump in a way that lets Squid receive
> the clientHello message (step1 -> peek) AND the serverHello message
> (step2 -> peek). Then you can use those cert details to bump (step3 ->
> bump).
> The config is quite simple
Hello,
I am getting these errors on 3.5.5 any ideas? Here is my build configuration
INSTALL_DIR=/opt/Squid
INSTALL_DIR_CACHE=/opt/Squid/Cache/AUFS
MAN_DIR=/opt/man
USER=squid
LOG_FILE=/var/log/Squid
PID_FILE=/var/run/Squid/squid.pid
NUMBER_OF_FILE_DESCRIPTORS=65536
OPENSSL_DIR=/opt/OpenSSL
CC=
I traced the problem to the persistent_request_timeout variable. Once I set
this from 2 Min to 10 Seconds, it resolved the issue.
==
J.R. Swartz
Northern Computer Service, LLC
Owner
8821 Hwy 47 East
Woodruff, WI 54568
715.358.9806
Email: jrswa...@ncswi.com
Web
On 10/06/2015 2:09 a.m., TarotApprentice wrote:
> I have a number of machines running BOINC which are having issues uploading
> with one particular project (climateprediction.net) however if I redirect the
> client to a Squid 2.7 server they work fine. It doesn't do it every time,
> some files w
On 10/06/2015 2:33 a.m., Dieter Bloms wrote:
> Hello,
>
> I use squid 3.5.5 and use the sslbump feature.
> When I activate sslbump, the browsertest on www.ssllabs.com
> ( https://www.ssllabs.com/ssltest/viewMyClient.html )
> says TLS compression is activated and insecure.
> I use openssl 1.0.1m on
On 10/06/2015 2:51 a.m., Klavs Klavsen wrote:
> Amos Jeffries wrote on 06/09/2015 03:06 PM:
>>
>> The HTTP message log (access.log) is only logging the HTTP(S) messages.
>> The non-HTTP protools are not logged.
>>
>>>
>>> 10.xx.131.244 - - [09/Jun/2015:08:40:15 +0200] "CONNECT
>>> 64.233.184.94:443
Amos Jeffries wrote on 06/09/2015 03:06 PM:
The HTTP message log (access.log) is only logging the HTTP(S) messages.
The non-HTTP protools are not logged.
10.xx.131.244 - - [09/Jun/2015:08:40:15 +0200] "CONNECT
64.233.184.94:443 HTTP/1.1" www.google.dk - 200 20042
TCP_TUNNEL:ORIGINAL_DST peek
Hello,
I use squid 3.5.5 and use the sslbump feature.
When I activate sslbump, the browsertest on www.ssllabs.com
( https://www.ssllabs.com/ssltest/viewMyClient.html )
says TLS compression is activated and insecure.
I use openssl 1.0.1m on my proxyserver
I tried some settings like:
sslproxy_flag
I have a number of machines running BOINC which are having issues uploading
with one particular project (climateprediction.net) however if I redirect the
client to a Squid 2.7 server they work fine. It doesn't do it every time, some
files work just fine. They are usually 15Mb or 47Mb uploads.
B
On 9/06/2015 6:44 p.m., Klavs Klavsen wrote:
> Hi,
>
> James Lay just replied to me with his current config.. (pretty much like
> what he posted), and it seems he does not even try to use http_access
> rules to filter on urls from https requests..
>
> @Amos: are you certain that there's not an er
On 9/06/2015 7:15 p.m., Rafael Akchurin wrote:
> Hi Amos,
>
>
>
>> There seems to be a bit of a myth going around about how HAProxy does
>> load balancing. HAProxy is an HTTP layer proxy. Just like Squid.
>>
>> They both do the same things to received TCP connections. But HAProxy
>> supports les
On 9/06/2015 9:36 p.m., Eliezer Croitoru wrote:
> Hey Amos,
>
> I didn't had the chance to follow the PROXY protocol advancements.
> Was there any fix for the PROXY protocol issue that I can test?
IIRC the issues we found are all resolved. Though I've had no confirmation.
Amos
__
Hey Amos,
I didn't had the chance to follow the PROXY protocol advancements.
Was there any fix for the PROXY protocol issue that I can test?
Thanks,
Eliezer
On 09/06/2015 02:06, Amos Jeffries wrote:
We are somewhat recently added basic support for the PROXY protocol to
Squid. So HAProxy can re
Hi Amos,
> There seems to be a bit of a myth going around about how HAProxy does
> load balancing. HAProxy is an HTTP layer proxy. Just like Squid.
>
> They both do the same things to received TCP connections. But HAProxy
> supports less HTTP features, so its somewhat simpler processing is also
19 matches
Mail list logo
