On 14/10/2015 7:48 p.m., Eliezer Croitoru wrote:
> You now got my attention!
> Depends on what you want you might be able to use external logging
> helper for that.
> I am unsure if it is possible to use two access log directives in the
> configuration and Amos or others can answer that.
Yes it is
You now got my attention!
Depends on what you want you might be able to use external logging
helper for that.
I am unsure if it is possible to use two access log directives in the
configuration and Amos or others can answer that.
It is pretty simple to implement since the input data will flow li
Hi Amos,
Got it. Will go through the session helpers & figure out how to do it.
Thanks for the help :)
Ambadas
On Tue, Oct 13, 2015 at 1:25 PM, Amos Jeffries wrote:
> On 12/10/2015 6:51 p.m., Ambadas H wrote:
> > Hi Amos,
> >
> > Thanks for responding
> >
> > *"You would be better off taki
Hi Eliezer,
Its mostly like a live feed.
I am writing these sites+(a client tracking parameter) to a flat file via
squid, from where another process reads it & does further processing (eg.
analyze top sites used by any particular client).
And that is why i was working on getting just the urls en
On 14/10/2015 5:03 p.m., Dan Charlesworth wrote:
> I meant to say “forward secrecy”, which appears to be a list of specific
> ciphers:
> https://developer.apple.com/library/watchos/technotes/App-Transport-Security-Technote/index.html
>
> Anyone know how to translate that list of ciphers to use in
I meant to say “forward secrecy”, which appears to be a list of specific
ciphers:
https://developer.apple.com/library/watchos/technotes/App-Transport-Security-Technote/index.html
Anyone know how to translate that list of ciphers to use in sslproxy_cipher in
squid.conf?
> On 14 Oct 2015, at 2:39
¯\_(ツ)_/¯
All I really have to go on is those errors com.apple.WebKit.Networking is
logging which apparently points to a specific thing it’s missing called
“forward transport security”. Only the peek@step1 seems to make it as far as
any of squid’s logs.
No other browsers affected that I can f
On 14/10/2015 7:07 a.m., James White wrote:
> Hi all,
>
> I operate a squid box which has two http_port setups:
>
> http_port 3128
> http_port 3129 TPROXY
>
> I have implemented TPROXY to replace my NAT setup on a CentOS 7 Squid
> 3.3 box. Currently the IPv4 connectivity is working great, the IP
On 14/10/15 16:08, Dan Charlesworth wrote:
> I thought that fixed it for a second …
>
> But in reality ssl_bump peek step1 & ssl_bump bump step3 is actually splicing
> everything, it seems.
>
> Any other advice? :-)
Could this imply be a pinning issue? ie does Safari track the CAs used
by those s
On 14/10/2015 3:05 a.m., Nelson Manuel Marques wrote:
>
> Hi all,
>
> We have a squid running for quite a few years and with the increase of
> traffic we noticed a bit of I/O hammering on the squid server (local
> disks).
>
> For some testing, I've made a small 1.2GB tmpfs and pointed cache_dir
I thought that fixed it for a second …
But in reality ssl_bump peek step1 & ssl_bump bump step3 is actually splicing
everything, it seems.
Any other advice? :-)
> On 14 Oct 2015, at 1:51 PM, Amos Jeffries wrote:
>
> On 14/10/2015 1:13 p.m., Dan Charlesworth wrote:
>> Throwing this out to the
On 14/10/2015 11:46 a.m., Chico Venancio wrote:
> I have configured delay pools for a client that delays access to a few
> sites, including youtube and facebook.
> It seems to work for some clients, and has significantly reduced link
> congestion. However, some clients seem to be unaffected by the
On 14/10/2015 1:43 p.m., SaRaVanAn wrote:
> Hi Amos,
> I have tested squid 3.5.10 in linux kernel 3.16 compiled for debian wheezy.
> But still I am seeing same kind of errors.
> What could be the issue? Is there anything else we need to change?
>
> *Linux version *
> uname -r
> 3.16.7-ckt11-ram.cu
On 14/10/2015 1:13 p.m., Dan Charlesworth wrote:
> Throwing this out to the list in case anyone else might be trying to get SSL
> Bump to work with the latest version of Safari.
>
> Every other browser on OS X (and iOS) is happy with bumping for pretty much
> all HTTPS sites, so long as the prox
On 14/10/2015 12:37 p.m., Leonardo Rodrigues wrote:
> Em 13/10/15 18:14, sebastien.boulia...@cpu.ca escreveu:
>>
>> cache_peer ezproxyx.reseaubiblio.ca parent 80 0 no-query
>> originserver name=ezproxycqlm
>>
>> acl ezproxycqlmacl dstdomain ezproxycqlm.reseaubiblio.ca
>>
>> http_access allow ww
Hi Amos,
I have tested squid 3.5.10 in linux kernel 3.16 compiled for debian wheezy.
But still I am seeing same kind of errors.
What could be the issue? Is there anything else we need to change?
*Linux version *
uname -r
3.16.7-ckt11-ram.custom-1.4
*Squid version*
/usr/sbin/squid -v
Squid Cache:
Throwing this out to the list in case anyone else might be trying to get SSL
Bump to work with the latest version of Safari.
Every other browser on OS X (and iOS) is happy with bumping for pretty much all
HTTPS sites, so long as the proxy’s CA is trusted.
However Safari throws generic “secure
Em 13/10/15 18:14, sebastien.boulia...@cpu.ca escreveu:
cache_peer ezproxyx.reseaubiblio.ca parent 80 0 no-query
originserver name=ezproxycqlm
acl ezproxycqlmacl dstdomain ezproxycqlm.reseaubiblio.ca
http_access allow www80 ezproxycqlmacl
cache_peer_access ezproxycqlm allow www80 ezprox
I have configured delay pools for a client that delays access to a few
sites, including youtube and facebook.
It seems to work for some clients, and has significantly reduced link
congestion. However, some clients seem to be unaffected by the delay pools.
The output to squidclient mgr:delay is as
Hi,
I searched on the doc and on the web, I cant find what I want.
The primary site is http://ezproxyx.reseaubiblio.ca.
After the user is authentificated, he cans access many ressources / other sites.
In the access.log, I got an TCP_DENIED
TCP_DENIED/403 4524 GET
http://www.worldbookonline.c
Hi all,
I operate a squid box which has two http_port setups:
http_port 3128
http_port 3129 TPROXY
I have implemented TPROXY to replace my NAT setup on a CentOS 7 Squid
3.3 box. Currently the IPv4 connectivity is working great, the IPv6
connectivity is broken when going through TPROXY. All IPv6
On 10/13/2015 10:17 AM, Nelson Manuel Marques wrote:
> Hi Antony,
>
> I had actually seen that document and it's "10%". That's why I've left
> 20% also taking in mind the space reserved for 'root'.
>
> I suppose we have to increase it and go on trial/error until we find a
> safe margin?
Another
Hi Antony,
I had actually seen that document and it's "10%". That's why I've left
20% also taking in mind the space reserved for 'root'.
I suppose we have to increase it and go on trial/error until we find a
safe margin?
NMM
On Tue, 2015-10-13 at 17:42 +0200, Antony Stone wrote:
> On Tuesday 1
On Tuesday 13 October 2015 at 16:37:10, Nelson Manuel Marques wrote:
> On Tue, 2015-10-13 at 20:22 +0600, Yuri Voinov wrote:
> >
> > Squid has its own in-memory cache, what's the point to put the disk
> > cache to the same ?!
>
> The problem here isn't the tmpfs, but instead Squid going 20% over
On Tue, 2015-10-13 at 20:22 +0600, Yuri Voinov wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Squid has its own in-memory cache, what's the point to put the disk
> cache to the same ?!
The problem here isn't the tmpfs, but instead Squid going 20% over the
max size defined in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Squid has its own in-memory cache, what's the point to put the disk
cache to the same ?!
13.10.15 20:05, Nelson Manuel Marques пишет:
>
> Hi all,
>
> We have a squid running for quite a few years and with the increase of
> traffic we noticed a bit
Hi all,
We have a squid running for quite a few years and with the increase of
traffic we noticed a bit of I/O hammering on the squid server (local
disks).
For some testing, I've made a small 1.2GB tmpfs and pointed cache_dir
to it so that our cache would be in the 'ramdrive'.
This did help a l
Hey Ambadas,
I was wondering if you want it to be something like a "live feed" or
just for logs analyzing?
Eliezer
On 09/10/2015 15:47, Ambadas H wrote:
Hi,
I am using below setup:
Squid proxy 3.5.4.
CentOS 7.1
I am trying to analyze the most used websites by the users via Squid proxy.
I j
On 12/10/2015 6:51 p.m., Ambadas H wrote:
> Hi Amos,
>
> Thanks for responding
>
> *"You would be better off taking the first use of any domain by a client,*
>
> *then ignoring other requests for it until there is some long period*
> *between two of them. The opposite of what session helpers do.
Hi,
Thanks for responding
*"You would be better off taking the first use of any domain by a client,*
*then ignoring other requests for it until there is some long period*
*between two of them. The opposite of what session helpers do."*
Could you please elaborate a little on the above logic.
My
On 13/10/2015 12:19 p.m., joe wrote:
> ok again i filter out most of the squid conf with this minimum config should
> i get any static img or anything as hit or not
> caus i dont get any
> i test on squid 3.5.8 and up same think
Please continue to use that later version. In absence of any othe
31 matches
Mail list logo
