Re: [squid-users] url_rewrite_program and ACLs

From: Amos Jeffries > > acl foo ... > http_access deny foo > deny_info 302:http://example.com/ foo > > In Squid-3.2+ the deny_info URL portion can use logformat macros for > dynamic redirection - like the "rew" substitutions only changing > portions of the URL

Re: [squid-users] How to onfiguration https?

On 09/11/17 15:33, 赵 俊 wrote: I want to know squid4.0.21 version of the configuration https changes and how to configuration https in squid.conf? Almost the same as in Squid-3.5. "squid -k parse" after the upgrade should tell you what changes need to be made for renaming of things you are us

[squid-users] How to onfiguration https?

I want to know squid4.0.21 version of the configuration https changes and how to configuration https in squid.conf? Thank you ! ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] Request/Response sizes for traffic over TCP_TUNNEL

On 11/08/2017 04:38 PM, Jeffrey Dunham wrote: > logformat squid %ts.%03tu %6tr %>a %>A %Ss/%03>Hs %st %rm %ru %un > %Sh/% > And my logs for a 200MB upload look like (this is broken into a > multipart upload): > > 1510181731.211  53953  TCP_TUNNEL/200 3521 41 CONNECT  > s3.amazonaws.com:443... >

[squid-users] Request/Response sizes for traffic over TCP_TUNNEL

I am using squid as a proxy and one of the tasks using the proxy is upload some large files to S3 in AWS. I'm trying to later on aggregate how much data was going through to S3 by looking through the squid access log files. The reality is, any way I can tell how much traffic is going through to sq

Re: [squid-users] Non intrusive sslbump for whitelisting (asked many times but..)

Hi Amos, Many thanks for your detailed reply. I have modified the config following your comments, before you see the new config (attached below), pls let me know your thoughts on the following: 1. > The workarounds and gotcha's listed at >

Re: [squid-users] ALPN, HTTP/2 and sslbump

Thanks Amos. I guess I was assuming that squid was just copying the ALPN extension info from Client Hello without regard to capabilities (squid 3.5.26). I'll take another stab at the debug info and post more details if that doesn't pop something up. Senor On 11/7/2017 20:29, Amos Jeffries wr

Re: [squid-users] problem squid squidguard with outlook 2016

On Wednesday 08 November 2017 at 13:55:44, Mohammed Rahmatellah wrote: > hello guys, > > this is the access log for squid, and the bloc file (squidguard) No, don't just send us the entire log files and expect us to work out which requests were related to the problem. Pick a specific machine in

Re: [squid-users] url_rewrite_program and ACLs

On 09/11/17 03:12, Vieri wrote: Thanks. I defined the following, and it worked as expected: url_rewrite_access deny allowed_domains url_rewrite_access deny allowed_ips url_rewrite_program /usr/bin/squidGuard url_rewrite_children 80 startup=10 idle=3 How can I rewrite a URL in squid without a h

Re: [squid-users] SQUID memory error after vm.swappines changed from 60 to 10

On 11/08/2017 02:26 AM, Bike dernikov1 wrote: > I hope that someone can explain what happened, why squid stopped working. I can suggest a working theory: You did not have enough RAM before vm.swappiness changes and the same insufficient RAM problem led to failed system calls after you told the OS

Re: [squid-users] squid and squidGuard redirect

Hi Vieri, I suggest to replace squidGuard with ufdbGuard. Then you can set ufdb-debug-filter 1 or ufdb-debug-filter 2 # very verbose in ufdbGuard.conf and see exactly what happens. Note that squidguard has no maintenance for over 5 years and ufdbGuard has regular maintenance. Marcus O

Re: [squid-users] SQUID memory error after vm.swappines changed from 60 to 10

On 08/11/17 11:36, Bike dernikov1 wrote: Hi, We stumbled on ufdbGuard, but licence/price was problem, we didn't read documentation carefully. yes, ufdbguard is free. We will definitely try ufdbGuard, but we are now in process of moving squid/squidguard to production, so we can't test on prod

[squid-users] squid and squidGuard redirect

Hi, I have this in my SG config: acl { default { pass allowed !disallowed all redirect http://squidserver/proxy-error/ } } From a LAN client browser I can access and display the page at http://squidserver/proxy-error/ (direct access). However, when SG is triggered and should send that redirect

[squid-users] url_rewrite_program and ACLs

Thanks. I defined the following, and it worked as expected: url_rewrite_access deny allowed_domains url_rewrite_access deny allowed_ips url_rewrite_program /usr/bin/squidGuard url_rewrite_children 80 startup=10 idle=3 How can I rewrite a URL in squid without a helper such as SG? ie. how can emul

Re: [squid-users] ERR_ICAP_FAILURE unless squid reconfigure

I set icap_service_failure_limit -1. It seems to work OK now in my case. Thanks! ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] url_rewrite_program and ACLs

On 08/11/17 22:21, Vieri wrote: Hi, I'm not sure I understand how url_rewrite_program works. Squid takes the URI from an HTTP request it is servicing and delivers it to the helper. The helper delivers a new URI back to Squid (or not). Squid then generates an entirely new HTTP request to use

Re: [squid-users] SQUID memory error after vm.swappines changed from 60 to 10

There is definitely a problem with available memory because Squid cannot fork. So start with looking at how much memory Squid and its helpers use. Do do have other processes on this system that consume a lot of memory ? Also note that ufdbGuard uses less memory that squidGuard. If there are 30 he

[squid-users] SQUID memory error after vm.swappines changed from 60 to 10

Hi, I hope that someone can explain what happened, why squid stopped working. The problem is related to memory/swap handling. After we changed vm.swappiness parameter from 60 to 10 (tuning attempt, to lower a disk usage, because we have only 4 disks in a RAID10, so disk subsystem is a weak link)

[squid-users] url_rewrite_program and ACLs

Hi, I'm not sure I understand how url_rewrite_program works. In the example below I'm trying to allow traffic from CLIENT_IP_ADDR to SERVER_DOMAIN_ADDR where CLIENT_IP_ADDR is in the allowed_ips ACL, and SERVER_DOMAIN_ADDR is in the allowed_domains ACL (I know it's redundant, but it's just an