Hi,
I am trying without success to use the "negotiate_kerberos_auth.exe" helper and
"basic_smb_auth.exe" on a Windows 2008R2 server on a 2008R2 domain.
Previously I have used mswin_negotiate_auth.exe and mswin_auth.exe from the
last stable 2.7 build with no issues.
Most of the instructions for s
Hey Walter,
Can you share your squid configuration as an example?
Thanks,
Eliezer
On 17/09/2015 23:17, Walter (NIF) wrote:
Hi, Amos!
I followed your suggestion and rewrote the code using only one helper
and a note ACL.
It's working perfectly. Thank you!
Walter
_
Hi, Amos!
I followed your suggestion and rewrote the code using only one helper
and a note ACL.
It's working perfectly. Thank you!
Walter
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 09/17/2015 04:00 AM, Marek Serafin wrote:
> Hello, I'm kinda confused about the "Peek and Splice" technique
> introduced in Squid 3.5.x.
> --
> My goal is to allow CONNECT-method ONLY to certain web-pages (mainly
> banks, payment systems). The rest of https-sites should be al
On 09/17/2015 05:05 AM, Marcus Kool wrote:
> ssl_bump splice tls_s2_client_hello tls_allowed_hsts
> ssl_bump splice tls_s2_client_hello tls_server_is_bank
> ssl_bump splice tls_s2_client_hello tls_allowed_software
> ssl_bump splice tls_s2_client_hello tls_allowed_pinned
Just FYI: Consider using an
On 17/09/2015 10:24 p.m., Emmanuel Garette wrote:
> Le 16/09/2015 11:40, Amos Jeffries a écrit :
>> On 16/09/2015 9:05 p.m., Emmanuel Garette wrote:
>>> Le 07/09/2015 18:40, Amos Jeffries a écrit :
On 8/09/2015 1:17 a.m., Emmanuel Garette wrote:
> Seems to be ok for me. Thanks for your fas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Squid 3.5.7 the same result:
1442420915.874 207879 127.0.0.1 TAG_NONE/200 0 CONNECT
torproject.org:443 - HIER_DIRECT/2001:41b8:202:deb:213:21ff:fe20:1426 -
1442493956.863 168528 127.0.0.1 TAG_NONE/200 0 CONNECT
torproject.org:443 - HIER_DIRECT/
17.09.15 16:18, Amos Jeffries пишет:
On 17/09/2015 7:57 p.m., Yuri Voinov wrote:
17.09.15 10:50, Amos Jeffries пишет:
On 17/09/2015 4:36 a.m., Yuri Voinov wrote:
Hm.
If I understand correctly, the right configuration must be:
# Privoxy+Tor access rules
never_direct allow CONNECT
never_dir
thank you all for the reply, here is the result of the command:
1 TAG_NONE/500
290 TAG_NONE/503
10 TAG_NONE_ABORTED/000
4 TCP_CLIENT_REFRESH_MISS/200
368 TCP_DENIED/403
1421 TCP_DENIED/407
5 TCP_HIT/200
7 TCP_HIT_ABORTED/000
7 TCP_IMS_HIT/200
39 TCP_IMS_
I just tried accessing https://banking.postbank.de/
using Squid 3.5.8 and Chrome.
I also got the ERR_CONNECTION_CLOSED error.
What is weird is that Squid sends a "CONNECT banking.postbank.de" 21 times to
the URL rewriter.
Then I changed the Squid configuration and added ".postbank.de" in our li
Le 16/09/2015 11:40, Amos Jeffries a écrit :
> On 16/09/2015 9:05 p.m., Emmanuel Garette wrote:
>> Le 07/09/2015 18:40, Amos Jeffries a écrit :
>>> On 8/09/2015 1:17 a.m., Emmanuel Garette wrote:
Seems to be ok for me. Thanks for your fast reply.
Need I open a bug in bugzilla ?
On 17/09/2015 7:57 p.m., Yuri Voinov wrote:
>
>
> 17.09.15 10:50, Amos Jeffries пишет:
>> On 17/09/2015 4:36 a.m., Yuri Voinov wrote:
>>> Hm.
>>>
>>> If I understand correctly, the right configuration must be:
>>>
>>> # Privoxy+Tor access rules
>>> never_direct allow CONNECT
>>> never_direct allo
If I disable SSL bump for tunneled sites, I've got an error SSL:
ssl_error_rx_record_too_long
17.09.15 10:50, Amos Jeffries пишет:
On 17/09/2015 4:36 a.m., Yuri Voinov wrote:
Hm.
If I understand correctly, the right configuration must be:
# Privoxy+Tor access rules
never_direct allow CONNECT
Hello, I'm kinda confused about the "Peek and Splice" technique
introduced in Squid 3.5.x.
--
My goal is to allow CONNECT-method ONLY to certain web-pages (mainly
banks, payment systems). The rest of https-sites should be allways bumped.
-
And this can be
17.09.15 10:50, Amos Jeffries пишет:
On 17/09/2015 4:36 a.m., Yuri Voinov wrote:
Hm.
If I understand correctly, the right configuration must be:
# Privoxy+Tor access rules
never_direct allow CONNECT
never_direct allow tor_url
# Local Privoxy is cache parent
cache_peer 127.0.0.1 parent 8118
On Thu, 17 Sep 2015 03:00:56 +1200
Amos Jeffries wrote:
> On 17/09/2015 12:37 a.m., Marko Cupać wrote:
> > Hi,
> >
> > I'm trying to setup squid in a way that it authenticates users via
> > kerberos and grants different levels of web access according to ldap
> > query of MS AD groups.After some
Hello Amos,
thank you for your hints.
On Thu, Sep 17, Amos Jeffries wrote:
> > the relevant part ist:
> >
> > --snip--
> > acl nodecryptdomains dstdomain "/etc/squid/nodecrypt.domains"
> > http_port MYIP:8080 ssl-bump cert=/etc/squid/ca.pem key=/etc/squid/ca.key
> > generate-host-certificates=
17 matches
Mail list logo
