On 2016-05-17 07:49, J Green wrote:
Sorry, I was looking for logging of traffic management events, where
maximum download/upload size has been violated. Thank you.
The Squid native format logs size of things delivered to the client, not
the upload/request size.
You will need to define a cu
Thanks for answer, Alex!
Alex Rousskov писал 2016-05-17 00:24:
> When access is prohibited via http_access deny, Squid needs to send an
> "Access Denied" error response to the user (this is how http_access
> works). To send that error to the user, Squid needs to establish a
> secure connection w
On 05/16/2016 01:49 PM, J Green wrote:
> Sorry, I was looking for logging of traffic management events, where
> maximum download/upload size has been violated.
When it comes to logging, I recommend that you think in terms of
transactions rather than traffic management events because Squid logs
tra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Which side to this refers squid? Check the need to configure another server.
17.05.16 2:23, Aashima Madaan пишет:
> Hi,
>
> I have a PNG file uploaded on server.
> As part of Download process, it passes through SQUID to another server
for scanning
Hi,
I have a PNG file uploaded on server.
As part of Download process, it passes through SQUID to another server for
scanning and then to Client .
When I send request to Download , the response sends only 27kb of image
back from server of of 700kb file
But when I turn off the respmod in squid.co
Sorry, I was looking for logging of traffic management events, where
maximum download/upload size has been violated. Thank you.
On Mon, May 16, 2016 at 12:39 PM, Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 05/16/2016 12:37 PM, J Green wrote:
> > Re logging, does this eventually
On 05/16/2016 12:37 PM, J Green wrote:
> Re logging, does this eventually get logged by Squid, somewhere?
All transactions accessing Squid must be logged in access.log. If a
transaction is not logged, it is a Squid bug.
Please note that Squid logs transactions when they complete, not when
they st
On 05/16/2016 10:47 AM, Walter H. wrote:
> I updated squid 3.4.10 to 3.5.19 on my CentOS VM, I noticed that the
> generated certificates are now SHA2 and not SHA1,
> can I influence somewhere to generate still SHA1 certificates?
Yes, you can:
http://www.squid-cache.org/Doc/config/sslproxy_cert_si
On 05/16/2016 04:47 AM, admin wrote:
>>> acl blocked_https ssl::server_name "/etc/squid/urls/block-url"
>>> https_port 3129 intercept ssl-bump options=ALL:NO_SSLv3:NO_SSLv2
>>> connection-auth=off cert=/etc/squid/squidCA.pem
>>> acl step1 at_step SslBump1
>>> ssl_bump peek step1
>>> ssl_bump termi
Re logging, does this eventually get logged by Squid, somewhere?
For this implementation, I was going to use pfSense. Turns out that Sarg
is no longer included in the package list for pfSense (current version).
On Tue, May 10, 2016 at 2:43 PM, J Green wrote:
> Very interesting, thank you bot
Hi.
I'm using squid for a long time, I'm using it to authenticate/authorize
users accessing the Internet with LDAP in a Windows corporate
enviromnent (Basic/NTLM/GSS-SPNEGO) and recently (about several months
ago) I had to switch to the SMP scheme, because one process started to
eat the whole
Hey Walter,
I am not sure if it's the ssl_crtd which does such a thing but this is my
main suspect.
If you can extract the ssl_crtd binary from 3.4.X(newest) and test it before
maybe Alex will respond then it will verify some of the doubt.
Eliezer
Eliezer Croitoru
Linux System Administrator
Hello,
I updated squid 3.4.10 to 3.5.19 on my CentOS VM, I noticed that the
generated certificates are now SHA2 and not SHA1,
can I influence somewhere to generate still SHA1 certificates?
(I have devices which use this proxy and are not able to handle SHA2)
Thanks,
Walter
smime.p7s
Descri
Hello,
I am receiving this error while authenticating a user with the AD and the
internet access is denied. I know there is a switch '-R' to explicitly enable
do not follow referrals which I am not using here.
Did anyone faced similar issue ? My AD is using nested groups between domains
where
Hi Eliezer,
Thanks for your feedback, much appreciated, /especially/ from you.
The most important part is in dedup.py. I've kept an eye on efficiency without
sacrificing readability (much) and extendability:
https://github.com/frispete/squid_dedup/blob/master/squid_dedup/dedup.py
A big
Amos Jeffries писал 2016-05-16 13:34:
> Please upgrade to 3.5.19.
Upgrade to 3.5.19
>> acl blocked_https ssl::server_name "/etc/squid/urls/block-url"
>> https_port 3129 intercept ssl-bump options=ALL:NO_SSLv3:NO_SSLv2
>> connection-auth=off cert=/etc/squid/squidCA.pem
>> acl step1 at_step SslBu
Hey Tim,
I have been working for quite some time on packages for couple Linux
distributions and in them Ubuntu and Debian.
I was planning to publish them(Ubuntu + Debian) inside a tar.xz and to attach
them a tiny "update\install" script.
This is since I was trying to use the deb packaging system
https://itcrowd72.ru/cloud/index.php/s/W4Sv8ojnf5dVKvc
squid 3.5.19 with SSL. Compiled and build deb in Debian 8. Enjoy :)
Amos Jeffries писал 2016-05-16 14:25:
Please update those to 3.5.19. A dozen CVE's went out these past few
months. :-(
___
s
On 16/05/2016 7:20 p.m., Matus UHLAR - fantomas wrote:
>>> Tim Bates писал 2016-05-14 14:36:
>>>
>>> Are there any Linux distros with pre-compiled versions of Squid with SSL
>>> Bump support compiled in?
>>>
>>> Alternatively, does anyone reputable do a 3rd party repo for
>>> Debian/Ubuntu that inc
On 16/05/2016 5:48 p.m., admin wrote:
> Hi!
>
> Squid 3.5.17 with SSL, intercept.
Please upgrade to 3.5.19.
>
> I use SSL-Bump only step1 that get SNI and terminate HTTPS sites by
> domain name. The certificate's is not replaced !
The certificate is never replaced. Though if you dont know how
On 16/05/2016 12:53 p.m., Eliezer Croitoru wrote:
> Hey Amos,
>
> You are right that it seems like there is no point since you already
> decrypt the connection.
> But in the real world the price of maintaining an encrypted session for
> many users for a long period is not the same as maintaining t
Tim Bates писал 2016-05-14 14:36:
Are there any Linux distros with pre-compiled versions of Squid with SSL
Bump support compiled in?
Alternatively, does anyone reputable do a 3rd party repo for
Debian/Ubuntu that includes SSL Bump?
On 16.05.16 10:36, admin wrote:
I make deb's compiled squid
Yes
Can send to email if needed
Matus UHLAR - fantomas писал 2016-05-16 11:55:
> On 16.05.16 10:36, admin wrote:
>
>> I make deb's compiled squid in Debian 8:
>>
>> 3.5.8
>>
>> 3.5.17
>>
>> 4.0.10
>
> OpenSSL?
>
> Tim Bates писал 2016-05-14 14:36:
>
> Are there any Linux distros with p
23 matches
Mail list logo
