Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Now you need to go one step back and reorganize your rules to work in a non tproxy setup but a REDIRECT one. I can turn on a lab tomorrow to simulate your network but I can only work with regular skype and not for business. If you want to start configuring squid and iptables from 0 with understa

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Hello, thank you Eliezer! We managed to fix the issue, but we created another. Restoring those iptables gives an error at first: Set bypasidrpool doesn’t exist. So I ran the scripts (bypass domains and bypass-skye-cird) then restored the iptables you sent me and now I can access Skype for Busin

Re: [squid-users] squid SMP notes

May I ask about the purpose of the proxy? Caching or ACL? Eliezer http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of senor Sent: Thursday, December 1, 2

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Try to load these iptables rues using "iptables-restore < file.txt" http://pastebin.com/mYsqu8D7 You are either running the script wrongly or my script is wrong. Is this a trial or a production system? It seems to me that you need to first test and resolve the iptables and squid setup and then add

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

iptables is the same.. here is after I ran the script twice (with and without proxy) http://pastebin.com/YFtbG6St I have a script that bridges the two network cards, that uses nat, hence having both I can send you all the scripts I run to set up squid and the bypasses so you can reproduce the

Re: [squid-users] for people who suffer from https ssl pump and not interested with caching it

bro this is just an option .not an alternative . thanks > On Dec 7, 2016, at 5:35 PM, Alex Rousskov > wrote: > > IMHO ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Are you sure this setup works? You have both REDIRECT and TPROXY on the same machine so you need to bypass for both of these. Is this iptables-save snapshot after you ran the script? Also for this to work you will need to use the updated version of the script at: https://gist.github.com/elico/a54c2

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

iptables-save: http://pastebin.com/9JrVANtt ipset list : http://pastebin.com/wtMtzaQe [http://pastebin.com/i/facebook.png] Name: bypascidrspool Type: hash:net Revision: 6 Header: family inet hashsiz - Pastebin.com pastebin.com [htt

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Give us the “iptables-save” output and also “ipset list”. (or what ever was the command of ipset to dump the content of the list). After this we can understand what is causing this issue. Eliezer http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ng

Re: [squid-users] for people who suffer from https ssl pump and not interested with caching it

On 12/07/2016 07:53 AM, --Ahmad-- wrote: > yes thats why i posted that and hope that it can help guys . IMHO, replacing what is supposed to be a working feature with a whole other product is unlikely to be helpful long-term. * If "ssl_bump splice all" does not work for an intercepting https_port,

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Still not working and I do not know what to do next. access.log shows IPs and domains that are supposed to be bypassed already. Any further instructions are hugely appreciated. [cid:2FD1C3AB-E45C-49F0-84AB-0F8AC658BD11@routerb408e2.com]Piensa en el medio ambiente antes de imprimir este email.

Re: [squid-users] for people who suffer from https ssl pump and not interested with caching it

yes thats why i posted that and hope that it can help guys . thanks > On Dec 6, 2016, at 11:58 PM, Alex Rousskov > wrote: > > On 12/06/2016 02:43 PM, --Ahmad-- wrote: > >> i always see many people suffer from problems of https pump with some >> websites . >> and in the same time i see that t

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

Was there any progress with the script and the issues? Eliezer http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il From: Sameh Onaissi [mailto:sameh.onai...@solcv.com] Sent: Wednesday, December 7, 2016 12:36 AM To: Eliezer Croitoru C

Re: [squid-users] Skype for Business behind a transparent squid (TProxy) HTTP/S

I kept on adding, now the log is showing an ip and domain that are already in the bypass pool. when I manually define internal and external servers to sipdir.online.lync.com:443 1481069419.028 338 10.0.0.38 TCP_CLIENT_REF