Re: [squid-users] example of ecap code that filters incoming requests by filter ?

Hi Alex, I meant that the filter is of the HTTP of the client-request and not the client-response or server-response. >From what I've seen there is no example that monitors headers if at all possible. what I'm looking for is something like url_rewrite/redirect but based on headers as input to my f

Re: [squid-users] Question about delay pools again

On 5/01/2016 4:11 p.m., Alex Samad wrote: > On 5 January 2016 at 12:40, Amos Jeffries wrote: >> What the above does is not limit any particular user. But limits the >> total server bandwidth to those domains (combined) to 10Mbps. It is a >> good solution, but still has a few problems. >> >> WU wil

Re: [squid-users] Question about delay pools again

On 5 January 2016 at 12:40, Amos Jeffries wrote: > What the above does is not limit any particular user. But limits the > total server bandwidth to those domains (combined) to 10Mbps. It is a > good solution, but still has a few problems. > > WU will now be very slow, proportional to how many user

Re: [squid-users] More cache peer confusion

On 5/01/2016 2:01 p.m., Alex Samad wrote: > from the logs > > # these 2 are from my laptop to alcdmz which then talks to gsdmz1, > which responds with a 504 > > Jan 05 11:55:53 2016.808 0 alcdmz1.abc.com TCP_HIT/504 4800 GET > http://wiki.squid-cache.org/wiki/squidtheme/js/niftyCorners.css -

Re: [squid-users] Question about delay pools again

On 5/01/2016 1:38 p.m., Alex Samad wrote: > So thought I would try it out > > # > # Delay Pools > # http://wiki.squid-cache.org/Features/DelayPools > # > http://www.serverwatch.com/tutorials/article.php/3357241/Reining-in-Bandwidth-With-Squid-Proxying.htm > delay_pools 1 > delay_class 1 1 > > #

Re: [squid-users] monitoring

On 5/01/2016 12:10 p.m., Alex Samad wrote: > Hi > > Is there a way to see what is being downloaded by whom before it has finished. The cache manager "active_requests" report lists all current transactions. > > I had somebody doing a big download and I wanted to find it . only way > I could do

Re: [squid-users] ssl bumping question

On 5/01/2016 10:32 a.m., George Hollingshead wrote: > Sorry i'm a newb with dumb questions first of all :) > > I'm only interested in using bump so i can see https visited so i can block > as needed. Okay. A little more detail is needed to clarify what exactly you needed access to. TLS often pro

Re: [squid-users] ACL per http(s)_port

On 5/01/2016 8:31 a.m., Matus UHLAR - fantomas wrote: > On 04.01.16 14:43, Christian Kunkel wrote: >> is there any way to use different access control lists per listening >> port? >> >> http_port 1337 >> acl 1337 >> http_port 1338 >> acl 1338 > >> and so on. As i said in my previous question, ther

Re: [squid-users] Delay Pools or Traffic Shaping per port?!

On 5/01/2016 1:41 a.m., Christian Kunkel wrote: > > >> Am 04.01.2016 um 12:46 schrieb Amos Jeffries: >> >> Squid is limited to 64 listening ports. That can be extended a little in >> exchange for reducing Squid operating speed, but 200-500 is going very >> far. This will cause problems with your

[squid-users] More cache peer confusion

from the logs # these 2 are from my laptop to alcdmz which then talks to gsdmz1, which responds with a 504 Jan 05 11:55:53 2016.808 0 alcdmz1.abc.com TCP_HIT/504 4800 GET http://wiki.squid-cache.org/wiki/squidtheme/js/niftyCorners.css - HIER_NONE/- text/html Jan 05 11:55:55 2016.332 0 a

Re: [squid-users] Question about delay pools again

So thought I would try it out # # Delay Pools # http://wiki.squid-cache.org/Features/DelayPools # http://www.serverwatch.com/tutorials/article.php/3357241/Reining-in-Bandwidth-With-Squid-Proxying.htm delay_pools 1 delay_class 1 1 # 10Mb/s fille rate , 20Mb/s reserve # 10485760/8 = 1310720 # 2097

[squid-users] Question about delay pools again

Hi Just wanted to confirm my understanding of delay pools and the ability to ratelimit inbound traffic. Today one of our W10 machines did it windows update .. New patch .. .MS SQL SP3 - 384M big patch So it contacts our squid proxy with then downloaded it from WSUS update ... which is geocached

[squid-users] monitoring

Hi Is there a way to see what is being downloaded by whom before it has finished. I had somebody doing a big download and I wanted to find it . only way I could do that was by stoping squid and checking the log file. is there another way of doing that ? _

[squid-users] ssl bumping question

Sorry i'm a newb with dumb questions first of all :) I'm only interested in using bump so i can see https visited so i can block as needed. I am using latest 3.5.12 and was told i can use ssl bumping and have a wiki link to show me how. only problem on the wiki is that it says i have to install

Re: [squid-users] ACL per http(s)_port

On 04.01.16 14:43, Christian Kunkel wrote: is there any way to use different access control lists per listening port? http_port 1337 acl 1337 http_port 1338 acl 1338 and so on. As i said in my previous question, there is no way i can autheticate or authorize a user. The only way is to use un

[squid-users] ACL per http(s)_port

Hey guys, is there any way to use different access control lists per listening port? http_port 1337 acl 1337 http_port 1338 acl 1338 and so on. As i said in my previous question, there is no way i can autheticate or authorize a user. The only way is to use unique ports. I know that squid is so

Re: [squid-users] Squid 3.5.x Certificate validator + SslBump memory leak

On 29/12/2015 1:55 a.m., William Lima wrote: > Hi all, > > When the certificate validator feature is enabled in Squid 3.5.x, its memory > usage is up to 4.5Gb (and keeps growing). Even with r13967. > I think you may be seeing A simple test you

Re: [squid-users] SSL Bump - Splice - Chrome error

Thanks all for your help. Is there a minimal config example to see splicing correctly Google sites? It would be very helpful. El 04/01/2016 09:28, "Amos Jeffries" escribió: > On 4/01/2016 1:16 p.m., Alejandro Martinez wrote: > > Thanks again Yuri. > > > > I have tried blocking udp protocol on p

Re: [squid-users] Delay Pools or Traffic Shaping per port?!

> Am 04.01.2016 um 12:46 schrieb Amos Jeffries : > > Squid is limited to 64 listening ports. That can be extended a little in > exchange for reducing Squid operating speed, but 200-500 is going very > far. This will cause problems with your stated goal of handling Gbps, > Squid will need some fi

Re: [squid-users] SSL Bump - Splice - Chrome error

On 4/01/2016 1:16 p.m., Alejandro Martinez wrote: > Thanks again Yuri. > > I have tried blocking udp protocol on port 80 and 443 but without luck. That does not help resolve the errors Chrome is displaying when using the proxy. It does help resolve the errors that happen by Chrome trying to bypas

Re: [squid-users] youtube video, caching, disabling QUIC

On 1/01/2016 2:45 a.m., massimo.s...@asl.bergamo.it wrote: > When you request a video on Youtube, its web servers send two new HTTP > headers to the browser : > > alt-svc > alternate-protocol > > suggesting to the browser to switch to the new protocol QUIC. > > > Unfortunately

Re: [squid-users] Delay Pools or Traffic Shaping per port?!

On 4/01/2016 9:42 a.m., Christian Kunkel wrote: > How many users do you have? >>> >>> i wanted to put about 200-500 users on a server. is that possible? >> >> Certainly no problem for Squid, and I guess you could assign that number of >> separate listening ports for use one per user, but I'l

Re: [squid-users] Compile install Squid, configure default options.

On 4/01/2016 10:22 p.m., 郑伟 wrote: > > Hi, I have tried to compile and install Squid 3.5.12 in a fresh > CentOS 7 VPS host, because I doesn't understood so many configure, > so I just with minimum configure I understood, I need openssl > to open a https port, and I need basic_auth to support use

Re: [squid-users] SSL Bump - Splice - Chrome error

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Not sure. I'm only bump Google for caching static content (and some dynamic). In my setup I have much google-related traffic. 04.01.16 6:16, Alejandro Martinez пишет: > Thanks again Yuri. > > I have tried blocking udp protocol on port 80 and 443 b

Re: [squid-users] squid 4.0.3 - sslflags not working?

On 4/01/2016 8:58 a.m., Florian Stamer wrote: > Hi I,m currently testing Squid 4.0.3 in Reverse Proxy Mode. > > It seems that the sslflags directives "DONT_VERIFY_PEER" and > "DONT_VERIFY_DOMAIN" do not work. > Should be. They are planned for removal, but nothing towards that has ot happened ye

[squid-users] Compile install Squid, configure default options.

Hi, I have tried to compile and install Squid 3.5.12 in a fresh CentOS 7 VPS host, because I doesn't understood so many configure, so I just with minimum configure I understood, I need openssl to open a https port, and I need basic_auth to support user/password authentication, so I just with fol