Re: [squid-users] Non-transparent proxy with cache_peer and ssl_bump

On 3/20/19 9:22 PM, Amos Jeffries wrote: > On 21/03/19 10:58 am, Alex Rousskov wrote: >> On 3/20/19 3:23 PM, Yosi Greenfield wrote: >> >>> ssl_bump splice step3 NoBump >>> ssl_bump bump step3 >> >>> cache_peer proxy2.ourserver.com ... ssl >> Forwarding most SslBump-related connections to cache_pe

Re: [squid-users] Non-transparent proxy with cache_peer and ssl_bump

On 21/03/19 10:58 am, Alex Rousskov wrote: > On 3/20/19 3:23 PM, Yosi Greenfield wrote: > >> ssl_bump splice step3 NoBump >> ssl_bump bump step3 > >> cache_peer proxy2.ourserver.com ... ssl > > Forwarding most SslBump-related connections to cache_peers is still > unsupported by official Squids,

Re: [squid-users] attempting to disable (or mute) logs

On 21/03/19 4:55 am, reinerotto wrote: >> * Please note that setting cache.log to /dev/null is highly dangerous. < > > Interesting. As this is standard when running squid on openwrt. > Is there any _safe_ method to disable output to cache.log ? > Not to disable, this is the log which receiv

Re: [squid-users] Squid HIER_NONE state in access logs

On 3/20/19 3:46 PM, Dave Mulford wrote: > I'm trying to determine what would cause Squid proxy to log a > TCP_MISS/200 with a HIER_NONE state in its access logs.  A sample line > looks like this (I've masked some of the values): > 1549073041.578 8 1.2.3.4 TCP_MISS/200 123456 GET > https://www.exa

Re: [squid-users] Non-transparent proxy with cache_peer and ssl_bump

On 3/20/19 3:23 PM, Yosi Greenfield wrote: > ssl_bump splice step3 NoBump > ssl_bump bump step3 > cache_peer proxy2.ourserver.com ... ssl Forwarding most SslBump-related connections to cache_peers is still unsupported by official Squids, including Squid v3 and v4. Measurement Factory code that i

[squid-users] Squid HIER_NONE state in access logs

Hi everyone, I'm trying to determine what would cause Squid proxy to log a TCP_MISS/200 with a HIER_NONE state in its access logs. A sample line looks like this (I've masked some of the values): 1549073041.578 8 1.2.3.4 TCP_MISS/200 123456 GET https://www.example.com:8443/mysite.js - HIER_N

[squid-users] Non-transparent proxy with cache_peer and ssl_bump

Hello all, I'm pretty sure this has been asked and answered more than once, but I've been over the emails and the docs, and I still can't figure out how to make this work. Might one of you be able to guide me here? We have the following setup in our network: Client Squid1 Squid2 In

[squid-users] security_file_certgen problem

> Have you initialized the /var/lib/ssl_db directory using the > low-privilege account Squid operates as? Yes i use -c option and set permissions for nobody and nogroup user which squid use! > The helper should have output a message before it shutdown. If that > managed to get written it would occ

Re: [squid-users] attempting to disable (or mute) logs

>* Please note that setting cache.log to /dev/null is highly dangerous. < Interesting. As this is standard when running squid on openwrt. Is there any _safe_ method to disable output to cache.log ? -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.htm

Re: [squid-users] attempting to disable (or mute) logs

On 20/03/19 2:34 am, Joey Officer wrote: > Confirmed I'm on Squid v4 > > # squid --version > Squid Cache: Version 4.4 > Service Name: squid > > I added the above and restarted my container, but the logged output has no > change. I also wanted to add that I may not have provided enough > inform

Re: [squid-users] url_rewrite_program, sslbump and CONNECT = broken redirect page?

On 19/03/19 4:55 pm, Amos Jeffries wrote: You should fix the helper (if possible) to cope with CONNECT and other unusual types of URI input it may receive. There may be protocols other than "http://";, path-only URLs, URN, or even just an asterisk ('*') on some methods.