On 27/07/18 16:18, Alex Rousskov wrote:
> On 07/26/2018 09:15 PM, Amos Jeffries wrote:
>> On 27/07/18 13:31, Alex Rousskov wrote:
>>> On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
>>>
By re-use I meant to say that the server-connection S (TCP + SSL) is
re-used across 2 client connec
On 27/07/18 16:10, Gordon Hsiao wrote:
> I'm running squid4.1 interception peek+splice mode.
>
> Some sites with HSTS(max-age=0) will not work whenever squid is on, HSTS
> max-age=0 is supposed to turn off HSTS, but chrome/firefox will keep
> redirecting https<-->http until it failed(too many redi
On 07/26/2018 09:15 PM, Amos Jeffries wrote:
> On 27/07/18 13:31, Alex Rousskov wrote:
>> On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
>>
>>> By re-use I meant to say that the server-connection S (TCP + SSL) is
>>> re-used across 2 client connections (C1 and C2), from the same client
>>> one
I'm running squid4.1 interception peek+splice mode.
Some sites with HSTS(max-age=0) will not work whenever squid is on, HSTS
max-age=0 is supposed to turn off HSTS, but chrome/firefox will keep
redirecting https<-->http until it failed(too many redirects). Once Squid
is removed all is good.
I als
On 27/07/18 13:31, Alex Rousskov wrote:
> On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
>
>> By re-use I meant to say that the server-connection S (TCP + SSL) is
>> re-used across 2 client connections (C1 and C2), from the same client
>> one after the other is torn down. I, presume that
>> “
On 27/07/18 03:06, erdosain9 wrote:
> Hi to all.
> Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
> I follow a lot of tutorial... and cant do it.
> The best i have is this (and is strange).
> When the pc start i see in log of squid the ip of that pc.
>
> tail -f /var/l
On 07/26/2018 05:47 PM, Vishali Somaskanthan wrote:
> By re-use I meant to say that the server-connection S (TCP + SSL) is
> re-used across 2 client connections (C1 and C2), from the same client
> one after the other is torn down. I, presume that
> “/server_persistent_connection on/” allows for su
Hi,
FYI, in all my examples below, one have the same client and same server
By re-use I meant to say that the server-connection S (TCP + SSL) is
re-used across 2 client connections (C1 and C2), from the same client one
after the other is torn down. I, presume that “*server_persistent_connection
On 07/26/2018 02:49 PM, Vishali Somaskanthan wrote:
> 1. Are there any security reasons behind /pinning the connection/ when a
> peek is done at Step1
I doubt there is some fundamental _security_ reason to pin if you bump
without forwarding the TLS client information to the server. The reasons
to
Hi,
Resuming the above conversation; When looking at the cache log and the
code, I find that when peek is done at step 1 and then bumped, the
connection gets pinned after *httpsPeeked() *is called.
Log:
*2018/07/23 11:40:29.572 kid1| 17,4| AsyncCallQueue.cc(55) fireNext:
entering ConnStateData::
On 26.07.2018 17:32, erdosain9 wrote:
Hi, thanks
I try Explorer 8.0 and Chrome 68.0...
this can be deactivated on browser side; then wpad is for the cats ...
Walter
smime.p7s
Description: S/MIME Cryptographic Signature
___
squid-users mailing l
Hi, thanks
I try Explorer 8.0 and Chrome 68.0...
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-use
On Thursday 26 July 2018 at 17:06:20, erdosain9 wrote:
> Hi to all.
> Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
> I follow a lot of tutorial... and cant do it.
> The best i have is this (and is strange).
> When the pc start i see in log of squid the ip of that pc.
Hi to all.
Im trying to put proxy trough DNS. Im working on a Windows Server 2012 r2.
I follow a lot of tutorial... and cant do it.
The best i have is this (and is strange).
When the pc start i see in log of squid the ip of that pc.
tail -f /var/log/squid/access.log | grep 192.168.6.22
1532616150
On 07/26/2018 07:15 AM, Ralf Hildebrandt wrote:
> Before destroying our Squid proxy with an ACL, I'd like to LOG ACL hits
> instead of using "http_access deny" straight away:
>
> --- nsip ---
> acl markURLhaus annotate_transaction accessRule=URLhaus
> acl URLhaus url_regex "/etc/squid5/generated-u
On 26.07.18 15:15, Ralf Hildebrandt wrote:
Before destroying our Squid proxy with an ACL, I'd like to LOG ACL hits
instead of using "http_access deny" straight away:
--- nsip ---
acl markURLhaus annotate_transaction accessRule=URLhaus
acl URLhaus url_regex "/etc/squid5/generated-urlhaus.acl"
htt
Before destroying our Squid proxy with an ACL, I'd like to LOG ACL hits
instead of using "http_access deny" straight away:
--- nsip ---
acl markURLhaus annotate_transaction accessRule=URLhaus
acl URLhaus url_regex "/etc/squid5/generated-urlhaus.acl"
http_access deny URLhaus markURLhaus
--- nsip --
On 7/25/18 7:07 PM, Andrea Venturoli wrote:
On 7/25/18 6:46 PM, Amos Jeffries wrote:
What is your "squid -v" output?
If --disable-http-violations is used then relaxed parser will not
include those "must never be transmitted in un-escaped form" (RFC 2396)
characters.
It's there!!!
Thanks for
18 matches
Mail list logo
