Hey Omid,
I will try to answer about the subject in general and it should contain the
answers to what you have asked.
Windows Updates can somehow be cached when combining squid StoreID and a
refresh_pattern.
However the nature of squid is to be a "cache", and in many cases since we
can predict t
2016-07-15 12:11 GMT-03:00 Sergio Belkin :
>
> 2016-07-15 6:31 GMT-03:00 Amos Jeffries :
>
>> On 15/07/2016 4:07 a.m., Sergio Belkin wrote:
>> > Hi,
>> >
>> > Using squid squid-3.5.19-1.el7.centos.x86_64,
>> >
>> > I obtain a kerberos ticket but I get the following when trying to use
>> the
>> > p
On 07/19/2016 09:36 AM, Amos Jeffries wrote:
> On 20/07/2016 2:20 a.m., reinerotto wrote:
>> The patch for "Fast SNI" is included in 4.x, as I have seen. Any plans to
>> implement same patch i 3.5.x ?
> Not at this point, and not likely. It is almost a complete re-write of
> the TLS I/O processing
On 20/07/2016 2:20 a.m., reinerotto wrote:
> The patch for "Fast SNI" is included in 4.x, as I have seen. Any plans to
> implement same patch i 3.5.x ?
>
Not at this point, and not likely. It is almost a complete re-write of
the TLS I/O processing, so would be quite a big de-stabilizing change
fo
The patch for "Fast SNI" is included in 4.x, as I have seen. Any plans to
implement same patch i 3.5.x ?
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Fast-SNI-Also-on-3-5-x-tp4678588.html
Sent from the Squid - Users mailing list archive at Nabble.com.
According to my previous emails i have created this topic to summerize my
need .
Squid has peer config as follow
acl wu dstdom_regex \.download\.windowsupdate\.com$
\.download\.microsoft\.com$
acl wu-rejects dstdom_regex stats
acl GET method GET
cache_peer 1.1.1.14 parent 8080 0 proxy-only no-tpr
I did some further testing, and it would appear that even when `cache_peer`
uses `ssl` option, ERR_CANNOT_FORWARD is returned.
I believe `cache_peer` ACLs are incompatible with `ssl_bump`ed traffic.
These restrictions should be documented. I'd be happy to contribute to the
docs, but the procedure
Amos Jeffries wrote
> Sure, if I can assist with that I will do so in a reply to that thread.
Thanks . My bad , you have replied my last email in that thread but main
problem was in previous emails . Now i will describe it in new topic .
--
View this message in context:
http://squid-web-proxy
On 19/07/2016 10:58 p.m., Omid Kosari wrote:
> Eliezer Croitoru-2 wrote
>> Hey Omid,
>>
>> Indeed my preference is that if you can ask ask and I will try to give you
>> couple more details on the service and the subject.
>
> Hey Eliezer,
>
> 1.I have refresh patterns from days before your code .
On 19/07/2016 10:19 p.m., Omid Kosari wrote:
>
> If i understand correctly you mean the rule should work correctly with
> custom headers but the problem is squid is not at right place to see that
> header .
>
Correct.
> May i ask you please help me to solve problem from other thread
> http://sq
Amos Jeffries wrote
> On 18/07/2016 8:05 p.m., Omid Kosari wrote:
>> Maybe i should describe more .
>> The port 8080 is a parent peer of squid . It is
>> http://squid-web-proxy-cache.1019090.n4.nabble.com/Windows-Updates-a-Caching-Stub-zone-A-windows-updates-store-td4678454.html
>>
>> squid config
Eliezer Croitoru-2 wrote
> Hey Omid,
>
> Indeed my preference is that if you can ask ask and I will try to give you
> couple more details on the service and the subject.
Hey Eliezer,
1.I have refresh patterns from days before your code . Currently i prefer
not to store windows updates in squid i
Amos Jeffries wrote
> On 19/07/2016 5:48 p.m., Omid Kosari wrote:
>> Amos Jeffries wrote
>>> On 19/07/2016 2:42 a.m., Omid Kosari wrote:
Hello,
It seems rep_header does not work at all.
acl mshit rep_header X-SHMSCDN .
acl mshit rep_header Content-Type -i text\/html
>>
> Since Squid does not (yet) generate new outgoing CONNECT requests to
cache_peer's it cannot tunnel through a non-TLS peer to a server on the
other side.
I see. This is an undocumented and unexpected restriction of cache_peer.
The cache_peer documentation should mention that the `ssl` option is
m
On 19/07/2016 5:50 p.m., Omid Kosari wrote:
> Also i have seen that another guy did successfully something like that (not
> exactly ) in this thread
> http://squid-web-proxy-cache.1019090.n4.nabble.com/cache-peer-hit-miss-and-reject-td4661928.html
>
No. Niki's ACLs had nothing to do with HTTP rep
On 19/07/2016 7:26 p.m., Amos Jeffries wrote:
> On 19/07/2016 5:48 p.m., Omid Kosari wrote:
>> Amos Jeffries wrote
>>> On 19/07/2016 2:42 a.m., Omid Kosari wrote:
Hello,
It seems rep_header does not work at all.
acl mshit rep_header X-SHMSCDN .
acl mshit rep_header Con
On 19/07/2016 5:48 p.m., Omid Kosari wrote:
> Amos Jeffries wrote
>> On 19/07/2016 2:42 a.m., Omid Kosari wrote:
>>> Hello,
>>>
>>> It seems rep_header does not work at all.
>>>
>>> acl mshit rep_header X-SHMSCDN .
>>> acl mshit rep_header Content-Type -i text\/html
>>> acl html rep_header Content-
17 matches
Mail list logo
