Thank you Amos,
version of squid is : squid-3.3.8-26.el7_2.4.x86_64
Is this statement true:squid is not aware or traffic that is made with connect
command ?since connect command make a tunnel within squid ?
passing below argument to JVM:-Dhttps.proxyHost=webcache.example.com
-Dhttps.proxyPort=808
On 6/12/2016 7:28 a.m., Ricardo Pardim Claus wrote:
Dear, I ask for help to resolve a connection failure with a particular
site. See the logs below. Even the log showing DENIED, I do not get
denied access message. One of the codes below that I did not find in
the Squid FAQ is TCP_MISS / 419.
On 6/12/2016 1:11 p.m., Sameh Onaissi wrote:
Hey,
Let me see if I understood that right.
I can change TPROXY to REDIRECT in my iptables.sh and in the ssl-bump
replace proxy with intercept.
You _can_ but dont have to. It is just an optimization made possible by
what that machine is doing to
Hey,
Let me see if I understood that right.
I can change TPROXY to REDIRECT in my iptables.sh and in the ssl-bump replace
proxy with intercept.
Then, I can run your bash script after creating domains-to-bypass.txt and
putting skype domains in there.
Is that right? or am I missing something?
P
On 6/12/2016 6:40 a.m., Blaxton wrote:
Hi
So I understand that using connect method https connection can pass
through http proxy
but I am seeing strange behavior and thought some one here might help
me to find
the problem we are facing.
I am using simple java app to test https connectivity
On 6/12/2016 11:46 a.m., Sameh Onaissi wrote:
I have a Ubuntu 16.04 server with Squid 3.5.22 installed. It acts as a
gateway in a LAN.
It is configured to intercept HTTP and HTTPS traffic (Transparent). So
iptables redirects were used for ports 80 and 443.
The server runs two scripts:
_*nat
Hello Eliezer, thank you for the reply.
Honestly, to get things working after several failed attempts to intercept
HTTPS, I followed this guide:
http://www.cyberscie.com/2015/08/installing-squid-357-as-transparent.html?showComment=1463513043421
My squid.conf is simple: http://pastebin.com/9uZ4k
I have a Ubuntu 16.04 server with Squid 3.5.22 installed. It acts as a gateway
in a LAN.
It is configured to intercept HTTP and HTTPS traffic (Transparent). So iptables
redirects were used for ports 80 and 443.
The server runs two scripts:
nat.sh to bridge the two network cards, allowing LAN co
On 12/05/2016 10:40 AM, Blaxton wrote:
> I am using simple java app to test https connectivity through http proxy:
> http://alvinalexander.com/blog/post/java/simple-https-example
>
> If we run below command agains squid running on RedHat:
> java -Dhttp.proxyHost=webcache.example.com -Dhttp.proxyP
Hi,
So, do you want IPv4/IPv6 dual-stacked transparent interception on your
NetBSD box? Unfortunately, you are out of luck.
On NetBSD, we have three choices for packet filtering:
- Darren Reed's "IPFilter". It has known bugs for years, and looks
abandoned.
- OpenBSD's "PF". It's NetBSD port is
Dear,
I ask for help to resolve a connection failure with a particular site.
See the logs below. Even the log showing DENIED, I do not get denied access
message.
One of the codes below that I did not find in the Squid FAQ is TCP_MISS / 419.
Can anyone tell me what this error means?
What happ
Hi
So I understand that using connect method https connection can pass through
http proxybut I am seeing strange behavior and thought some one here might help
me to findthe problem we are facing.
I am using simple java app to test https connectivity through http
proxy:http://alvinalexander.com/
Sorry a typo.. the dot needs to be escaped..
acl buggyroot dstdom_regex ^\.$
http_access deny buggyroot
Eliezer
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
-Original Message-
From: squid-users [mailto:squid-users-boun...@lists.sq
To resolve this issue quickly I would use a simple squid dstdom regex that
reject the request in the first place before passing it to the ICAP service.
The simples is:
acl buggyroot dstdom_regex ^.$
http_access deny buggyroot
Hope it helps to protect the ICAP service.
Eliezer
Eliezer Croi
On 5/12/2016 11:17 p.m., Silamael wrote:
> Hi,
>
> We are using the ICAP services of Squid for filtering HTTP-Requests. Now
> we encountered the problem that a buggy? web application creates
> requests with an URL with the hostname set to '.'.
Ok.
> These bad requests than cause the suspension o
On 05/12/16 00:29, Alex Rousskov wrote:
On 12/04/2016 03:05 PM, Alfredo Rezinovsky wrote:
Let say a client asks for a URL using a range: 0-256000.
I want squid to ask just for 10.000 bytes and answer as if the request
was server side aborted.
I can change the request Range: "bytes=0-256000" t
Hi,
We are using the ICAP services of Squid for filtering HTTP-Requests. Now
we encountered the problem that a buggy? web application creates
requests with an URL with the hostname set to '.'.
These bad requests than cause the suspension of the whole ICAP service
which then causes the bypass of th
17 matches
Mail list logo
