02.03.16 2:34, Baselsayeh пишет:
Yuri Voinov wrote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Did you read
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
this first?
Look once more to examples.
02.03.16 2:15, Baselsayeh пишет:
Yuri Voinov wrote
Seems to some
Hi,
I have squid installed on a machine with two NICs.
eth0 - wan
eth1 - lan - 10.0.1.1
Squid server is running on eth1.
I am trying to use the squidclient to fetch a url so that squid will cache
it. Like prefetching.
Example:
squidclient -v -h 10.0.1.1 -p 3128 -m GET http://www.apple.com
Resu
On 2/03/2016 10:57 a.m., Heiler Bemerguy wrote:
>
> Hey guys.
>
> For the third time, we got a sudden high bandwidth usage, almost saturating
> our
> link, and it won't stop until squid is restarted.
> I'm totally SURE this inbound traffic comes from squid. It's like it's
> download
> stuff i
On 2/03/2016 3:02 p.m., Baselsayeh wrote:
> My proxy supports connecting to https website by using
> (Connect Website:443) (as if normal proxy in browser sittings)
> The problem is that the proxy dosent support tunnels
Yes, that is what we have been trying to tell you.
But then you ask for a conf
My proxy supports connecting to https website by using
(Connect Website:443) (as if normal proxy in browser sittings)
The problem is that the proxy dosent support tunnels
Can you give me a config example
A isnt my option because I use intercepter https port
Amos Jeffries wrote
> On 2/03/2016 9:4
On 2/03/2016 9:48 a.m., Baselsayeh wrote:
> Yuri Voinov wrote
> Aha, I'm stupid.
>
> Squid can't re-crypted peer connections. You need to splice peered
> URL's before tunnel it into your peer.
>
> 28.02.16 2:07, Baselsayeh пишет:
No
What I need i need is
Get ssl info from browser
Hey guys.
For the third time, we got a sudden high bandwidth usage, almost
saturating our link, and it won't stop until squid is restarted.
I'm totally SURE this inbound traffic comes from squid. It's like it's
download stuff itself
Look that after squid was restarted near 10:45, the n
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Aha, I'm stupid.
>
> Squid can't re-crypted peer connections. You need to splice peered
> URL's before tunnel it into your peer.
>
> 28.02.16 2:07, Baselsayeh пишет:
>> No
>> What I need i need is
>> Get ssl info from br
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Did you read
>
> http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
>
> this first?
>
> Look once more to examples.
>
> 02.03.16 2:15, Baselsayeh пишет:
>> Yuri Voinov wrote
>> Seems to some else misco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Also I don't see your squid's CA bundle/directory settings. Squid can
not see your openssl CA bundle.
02.03.16 2:15, Baselsayeh пишет:
> Yuri Voinov wrote
> Seems to some else misconfiguration in peek-n-splice section.
>
> Where is your at_step pe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Did you read
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
this first?
Look once more to examples.
02.03.16 2:15, Baselsayeh пишет:
> Yuri Voinov wrote
> Seems to some else misconfiguration in peek-n-splice section.
>
> W
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Seems to some else misconfiguration in peek-n-splice section.
>
> Where is your at_step peek definition?
>
> 02.03.16 2:08, Baselsayeh пишет:
>> Yuri Voinov wrote
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA256
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Seems to some else misconfiguration in peek-n-splice section.
Where is your at_step peek definition?
02.03.16 2:08, Baselsayeh пишет:
> Yuri Voinov wrote
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>>
>> Aha.
>>
>> You must know, that
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Aha.
>
> You must know, that stare is client initiated handshake. This is a bit
> specific option, which is useless in most usecases (IMHO).
>
> More reliable configuration is peek then bump.
>
> Did you client (android)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Aha.
You must know, that stare is client initiated handshake. This is a bit
specific option, which is useless in most usecases (IMHO).
More reliable configuration is peek then bump.
Did you client (android) contains your cache CA public key?
0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
This entries:
1.
1456862807.245375 192.168.1.2 TAG_NONE/200 0 CONNECT
173.194.112.73:443 - ORIGINAL_DST/173.194.112.73 -
2.
1456862807.900449 192.168.1.2 TAG_NONE/200 0 CONNECT
66.102.1.138:443 - ORIGINAL_DST/66.102.1.138 -
3.
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Man.
>
> You give no useful info.
>
> Telepathy on vacation.
>
> 1. access.log fragment with YT URL's
> 2. cache.log fragment with the same time
> 3. squid.conf
> 4. Details about your setup.
>
> Without this info there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Man.
You give no useful info.
Telepathy on vacation.
1. access.log fragment with YT URL's
2. cache.log fragment with the same time
3. squid.conf
4. Details about your setup.
Without this info there is nothing to discuss.
02.03.16 1:33, Baselsa
and also https work fine on the phone browser
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Youtube-wont-work-on-squid-tp4676349p4676354.html
Sent from the Squid - Users mailing list archive at Nabble.com.
___
squ
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Yes. Also squid.conf without comments and blank lines and details about
> your setup.
>
> Where?
>
> 02.03.16 1:26, Baselsayeh пишет:
>> Yuri Voinov wrote
>> Show your logs. And more details.
>>
>> 02.03.16 1:19, Baselsay
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Yes. Also squid.conf without comments and blank lines and details about
your setup.
Where?
02.03.16 1:26, Baselsayeh пишет:
> Yuri Voinov wrote
> Show your logs. And more details.
>
> 02.03.16 1:19, Baselsayeh пишет:
> >>> Hello,
> >>> for some r
Yuri Voinov wrote
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Show your logs. And more details.
>
> 02.03.16 1:19, Baselsayeh пишет:
>> Hello,
>> for some reason youtube app in android wont work
>> here is my config:
>>
>> even if
>>
>> ssl_bump stare all
>> #ssl_bump peek all
>> ssl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Show your logs. And more details.
02.03.16 1:19, Baselsayeh пишет:
> Hello,
> for some reason youtube app in android wont work
> here is my config:
>
> even if
>
> ssl_bump stare all
> #ssl_bump peek all
> ssl_bump bump all
> #ssl_bump allow all
>
Hello,
for some reason youtube app in android wont work
here is my config:
even if
ssl_bump stare all
#ssl_bump peek all
ssl_bump bump all
#ssl_bump allow all
it gives me this error:
"Please check your network connection"
--
View this message in context:
http://squid-web-proxy-cache.1019090.
Amos Jeffries wrote
> On 1/03/2016 3:23 a.m., joe wrote:
>> Squid Cache: Version 3.5.15-20160224-r13996
>> with 4447 patch
>> 2016/02/29 16:41:51 kid1| varyEvaluateMatch: Oops. Not a Vary match on
>> second attempt, 'http://cstatic.weborama.fr/iframe/external_libs.js'
>> 'accept-encoding="gzip,%20
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hm. I don't see some things in your code.
1. To redirect blocked https - you need SSL Bump configured.
2. To redirect blocked https to https ban page -you need local web with
configured SSL.
3. To make above work you need http/https compatible red
Sure,
squid version 3.5.13
squid.conf: http://pastebin.com/48eLeWvS
redirector: http://pastebin.com/RCDji3d0
On 1 March 2016 at 18:26, Yuri Voinov wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Details.
>
> Squid's version. Config. Redirector you using. It's config.
>
> Thelep
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Details.
Squid's version. Config. Redirector you using. It's config.
Thelepaty on vacations.
02.03.16 0:10, Spencer French пишет:
> Hi,
>
> I've been working on a redirector written in go that queries a
database then either returns a block messa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
01.03.16 23:37, Alex Rousskov пишет:
> On 03/01/2016 03:55 AM, Eray Aslan wrote:
>> On Mon, Feb 29, 2016 at 09:43:09AM -0700, Alex Rousskov wrote:
>>> Q2: Your Squid is asserting every 5 minutes. There is no [working] Squid
>>> version you can sw
Hi,
I've been working on a redirector written in go that queries a database
then either returns a block message or shows the relevant page. Everything
works as it should, except https for some reason, I keep getting 503s.
The redirector returns either http://10.10.254.254/block.php or a blank
mes
On 03/01/2016 03:55 AM, Eray Aslan wrote:
> On Mon, Feb 29, 2016 at 09:43:09AM -0700, Alex Rousskov wrote:
>> Q2: Your Squid is asserting every 5 minutes. There is no [working] Squid
>> version you can switch to. Your network topology does not allow you to
>> bypass Squid. Until the bug is fixed, w
Hey Eray,
Indeed all of these are good and sysadmins should be able to handle them
but.. in specific cases it's not easy.
The cases I know about are:
- SAT links (slow or costly)
- Sensitive acl\security systems
- Very low quality distance wireless links
In the case of ACLs system bypass or br
On Mon, Feb 29, 2016 at 09:43:09AM -0700, Alex Rousskov wrote:
> Q2: Your Squid is asserting every 5 minutes. There is no [working] Squid
> version you can switch to. Your network topology does not allow you to
> bypass Squid. Until the bug is fixed, would you prefer to see fewer
> assertions in ex
No, I don't want to gzip in all responses.
My problem is because I have to clients, one is waiting for a gzip response and
the other for non-compress response.
I like to cache two different responses one in gzip and other without it.
(depending of the header). Because if I send the request wit
34 matches
Mail list logo
