On 31-12-2015 15:00, Alex Rousskov wrote:
> On 12/31/2015 10:58 AM, lucas castro wrote:
>> I have squid
>> Squid Cache: Version 3.5.7
>>
>> I don't know how to ask about this,
>> But I'm getting 100% load and squid don't accept connection anymore,
>> my cache.log show me this.
>>
>> 2015/12/31
On 12/31/2015 10:58 AM, lucas castro wrote:
> I have squid
> Squid Cache: Version 3.5.7
>
> I don't know how to ask about this,
> But I'm getting 100% load and squid don't accept connection anymore,
> my cache.log show me this.
>
> 2015/12/31 14:27:15.869 kid2| bio.cc(942) parseV3ServerHello: T
I have squid
Squid Cache: Version 3.5.7
I don't know how to ask about this,
But I'm getting 100% load and squid don't accept connection anymore,
my cache.log show me this.
2015/12/31 14:27:15.869 kid2| bio.cc(942) parseV3ServerHello: TLS
Extension: 0 of size:0
2015/12/31 14:27:15.869 kid2| bio.
Alex Rousskov measurement-factory.com> writes:
>
> On 12/30/2015 02:24 PM, Aashima wrote:
>
> > So it is like client -> Squid -> APP and return
> > If App return Transfer-Encoding header to Squid, Squid removes that
response
> > header and forwards rest to Client.
> >
> > Am not getting wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
http://wiki.squid-cache.org/KnowledgeBase/Block%20QUIC%20protocol
31.12.15 19:45, massimo.s...@asl.bergamo.it пишет:
> When you request a video on Youtube, its web servers send two new HTTP
> headers to the browser :
>
> alt-svc
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
# Disable alternate protocols
request_header_access Alternate-Protocol deny all
reply_header_access Alternate-Protocol deny all
+ (additional recommended) on network equipment:
! Cisco, for example
remark Deny alternate protocols
deny udp any
When you request a video on Youtube, its web servers send two new HTTP
headers to the browser :
alt-svc
alternate-protocol
suggesting to the browser to switch to the new protocol QUIC.
Unfortunately
1) QUIC, working over UDP, is not cacheable by squid 3.4
2) even if cacheable
Hi Amos
> Hi Massimo, why cc'ing squid-users? nothing this list can do about
it.
Package update : I know, it is a topic for debian users and package
maintainer, so strictly speaking it is off-topic.
youtube video, disabling QUIC : I think it will be of general interest, I
switch to a n
On 2015-12-29 11:46, George Hollingshead wrote:
I've had squid3.0 running with squidGuard on my old ubuntu 10.04
system with no problems for a few months now.
I just recently was enlightened by Yuri how to compile using a local
copy of openssl so i could upgrade to latest squid. This was a
succ
On 2015-12-31 22:35, Eliezer Croitoru wrote:
On 31/12/2015 00:48, SaRaVanAn wrote:
Hi, All,
I tired suggested refresh pattern, still i was getting
TCP_HIT/MEM_HIT.
It's not getting refreshed after 10 minutes.
*Conf*
refresh_pattern -i ^http://[a-z\-\_\.A-Z0-9]+\.wsj\.(net|net|com|edu)/
10
> you are better off building the more up to date 3.5 version available
> from Stretch/Testing repository.
I disagree with this one, use SID and not testing, testing has a longer delay
in security updates and is updated after unstable.
See : https://www.debian.org/security/faq
Greetz,
Louis
On 2015-12-30 03:26, massimo.s...@asl.bergamo.it wrote:
ciao Luigi
I ask to update the distro to squid 3.4.14, the last stable version,
released in august.
Rationale :
1) various bugs and memory leaks fixed;
2) security fix for CVE 2015 5400;
3) support for Alternate-Protocol HTTP header.
I ne
-Original Message-
From: "Amos Jeffries"
Sent: 12/31/2015 2:42 PM
To: "squid-users@lists.squid-cache.org"
Subject: Re: [squid-users] Assign multiple IP Address to squid
On 2015-12-31 21:55, Reet Vyas wrote:
> Hi all
>
> Thanks for reply. I have this squid setup and I am using squi
On 31/12/2015 00:48, SaRaVanAn wrote:
Hi, All,
I tired suggested refresh pattern, still i was getting TCP_HIT/MEM_HIT.
It's not getting refreshed after 10 minutes.
*Conf*
refresh_pattern -i ^http://[a-z\-\_\.A-Z0-9]+\.wsj\.(net|net|com|edu)/ 10
200% 10 override-expire override-lastmod reload-in
On 2015-12-31 21:55, Reet Vyas wrote:
Hi all
Thanks for reply. I have this squid setup and I am using squid as my
router and my requirement is like I have one local webserver and I
want to access it from home and I want to nat external ip to internal
ip so that I can access my local machine f
A simple test, and quick fix.
ping6 ipv6.google.com
No reply.
Add in your interfaces :
auto 6to4
iface 6to4 inet6 6to4
local YOUR_EXTERNAL_IP
ifup 6to4
and ping6 ipv6.google.com again.
Not the most elegant solution but works here for me.
Greetz,
Louis
> -Oorspronkelijk
On 2015-12-29 07:46, Eugene M. Zheganin wrote:
Hi.
I'm still trying to figure out why I get certificate generated for IP
address instead of hostname when the HTTPS traffic is intercepted bu
sllBump-enable squid. I'm using iptables to do this:
rdr on $iifs inet proto tcp from 192.168.0.0/16 to !
Hi all
Thanks for reply. I have this squid setup and I am using squid as my
router and my requirement is like I have one local webserver and I want to
access it from home and I want to nat external ip to internal ip so that I
can access my local machine from outside network. My ISP gave 10 ext
On 2015-12-29 04:55, joru.pacs wrote:
Hi!
Currently, I am using the version squid-3.5.12. I have configure the
SSL bump this way:
http_port 8080 ssl-bump \
cert=/usr/local/squid/etc/ssl_cert/myCA.pem \
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
acl step1 at_step SslB
On 2015-12-31 00:01, Garri Djavadyan wrote:
Hello Squid members and developers!
First of all, I wish you a Happy New Year 2016!
The current Host header forgery policy effectively prevents a cache
poisoning. But also, I noticed, it deletes verified earlier cached
object. Is it possible to implem
20 matches
Mail list logo
