On 2/03/19 1:59 am, Egoitz Aurrekoetxea wrote:
> Good afternoon,
>
>
> Is it possible for Squid to do something like :
>
>
> - Receive request : https://ooo..ttt.thesquidserver.org/u?ii=99&j=88
>
>
> and
>
>
> to really perform a request as : https://ooo..ttt/u?ii=99&j=88
>
On 2/03/19 8:54 am, Joseph Jones wrote:
> I've been trying to get SslBump work for whitelist purposes and so far
> have been failing.
>
> It's my understanding in order for SslBump to do whitelist it will
> need to do a splice at step2 or step3.
Not quite. For intercepted traffic you do need a pe
> On 1 Mar 2019, at 9:34 pm, Enrico Heine wrote:
>
> >>just a shot into the dark<<, is it possible that you use the adaption
> >>service for ICAP?
There is an eCAP adaptation service but not ICAP, would eCAP be effected by the
same condition reported the bug report you linked to?
Early in t
On 3/1/19 1:47 PM, amlgp wrote:
> I have about 250 proxies/clients accessing squid and my cache deny all is on
> the first line in my squid.conf.
FYI: The position of the set of "cache" directives does not affect how
Squid works. Configuration is "compiled" at start time. At runtime,
Squid uses t
On 3/1/19 6:41 AM, mzgmedia wrote:
> we a squid server with both IPv4 and IPv6
> now if a user will connect to Ipv4, it will also get an Ipv6 from squid. We
> want to prevent that, if the user will connect to IPv4, to have just Ipv4
> and if connects to Ipv6 to have just Ipv6 and it seems that we
I am running on a i7-7700k with 32GB of ram on Centos 6.
Squid 3.5.28 is the latest version Centos 6 can run.
I have about 250 proxies/clients accessing squid and my cache deny all is on
the first line in my squid.conf. No errors in my logs and "squid -k parse"
shows no "WARNING" messages.
Clie
I've been trying to get SslBump work for whitelist purposes and so far
have been failing.
It's my understanding in order for SslBump to do whitelist it will
need to do a splice at step2 or step3.
Looking at my logs I see step1 matching but I never see step2. I
believe it's because of what I found
On 2/03/19 4:55 am, L.P.H. van Belle wrote:
> Hai Alex,
>
> Ahh.. You wanted with ssl, sorry missed that.
> Here you go.
>
> apt-get source squid
>
> cd squid-4.6/debian/
>
> Edit rules, after the line, --with-gnutls
> Add these: --enable-ssl --enable-ssl-crtd --with-openssl
> Save.
>
> Edi
On 2/03/19 2:41 am, mzgmedia wrote:
> hello
>
> we a squid server with both IPv4 and IPv6
>
> now if a user will connect to Ipv4, it will also get an Ipv6 from squid. We
> want to prevent that, if the user will connect to IPv4, to have just Ipv4
> and if connects to Ipv6 to have just Ipv6 and it
Hai Alex,
Ahh.. You wanted with ssl, sorry missed that.
Here you go.
apt-get source squid
cd squid-4.6/debian/
Edit rules, after the line, --with-gnutls
Add these: --enable-ssl --enable-ssl-crtd --with-openssl
Save.
Edit changelog
Change the version 4.6-1 to 4.6-1ssl
Save
Install libgnutl
Hello again community, I still have problems compiling squid 4. This is
what i did this time:
Basic support:
sudo apt install logrotate acl attr autoconf bison nettle-dev
build-essential libacl1-dev libaio-dev libattr1-dev libblkid-dev
libbsd-dev libcap2-dev libcppunit-dev libldap2-dev pkg-c
Its pretty simple..
Enable the debian sid source in your ubuntu 18
apt install -y software-properties-common debian-archive-keyring dirmngr
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
add-apt-
Hello again community, I still have problems compiling squid 4. This is
what i did this time
Soporte básico necesario:
# apt install arj bzip2 xz-utils cabextract cpio file lzma lhasa lzop
rpm2cpio gzip nomarch pax lzop rar unrar unzip zoo unace razor pyzor
tnef ripole zip p7zip-full mc multi
hello
we a squid server with both IPv4 and IPv6
now if a user will connect to Ipv4, it will also get an Ipv6 from squid. We
want to prevent that, if the user will connect to IPv4, to have just Ipv4
and if connects to Ipv6 to have just Ipv6 and it seems that we can't manage
to do this.
Can you pl
I've been trying to get SslBump work for whitelist purposes and so far have
been failing.
It's my understanding in order for SslBump to do whitelist it will need to
do a splice at step2 or step3.
Looking at my logs I see step1 matching but I never see step2. I believe
it's because of what I found
Good afternoon,
Is it possible for Squid to do something like :
- Receive request :
https://ooo..ttt.thesquidserver.org/u?ii=99&j=88
and
to really perform a request as : https://ooo..ttt/u?ii=99&j=88
[1]
I mean not to redirect users with url redirection. Just act as a prox
On 1/03/19 10:47 pm, Michael Hendrie wrote:
> Hi Guys,
>
> I have a squid-3.5.28 installation that is deployed to do transparent
> ssl-bump of HTTPS traffic (linux bridge, tproxy). The server is not
> overly busy, CPU and RAM usage is low + no swap being used yet regularly
> the squid service is
Hey Michael,
>>just a shot into the dark<<, is it possible that you use the adaption service
>>for ICAP?
If so, fast test, this should return 0 if u are not affected by this, if higher
than 0 check the link below:
netstat -pa | grep CLOSE_WAIT | wc -l
also have a look into /var/log/kern.log
Hi Guys,
I have a squid-3.5.28 installation that is deployed to do transparent ssl-bump
of HTTPS traffic (linux bridge, tproxy). The server is not overly busy, CPU
and RAM usage is low + no swap being used yet regularly the squid service is
choking HTTPS traffic to a point where websites are t
19 matches
Mail list logo
