Hello Folks ,
Im trying to mark outgoing squid request based on Mark linux matching .
I added to squid conf :
qos_flows mark local-hit=0xd7
qos_flows mark local-miss=0xd7
-A OUTPUT -m mark --mark 0xd7 -j ACCEPT
But on iptables there is no match with the mark 0xd7
Im testing marking with sq
Hi Alex,
Good news. It's working now fine.
I have it running on https_port and can successfully make requests
using https://proxy.
Just adding some comments:
>> I can't trust the source network, it's on the cloud and sure it has
>> other applications in the same public network. I also plan to sen
On 5/20/20 1:38 PM, Ronan Lucio wrote:
>>> My scenario is:
>>> I have a serverless API that needs to connect to a couple specific
>>> targets from a static IP.
>>> As this serverless API doesn't have a static IP, I thought to do this
>>> through a proxy server.
>>> That's why I need to enforce secu
Hi Alex,
> > My scenario is:
> > I have a serverless API that needs to connect to a couple specific
> > targets from a static IP.
> > As this serverless API doesn't have a static IP, I thought to do this
> > through a proxy server.
> > That's why I need to enforce security on the authentication la
On 5/20/20 1:00 PM, Ronan Lucio wrote:
> My main need is to encrypt/protect username and password (or
> Proxy-Authentication header) sent on the first CONNECT to the proxy
> server, in a way this username and password can't be sniffed.
>
> The other need is creating a rule allowing only some dstdo
OK guys, I think you got my point.
@Alex, thank you for the well-detailed answer.
My main need is to encrypt/protect username and password (or
Proxy-Authentication header) sent on the first CONNECT to the proxy
server, in a way this username and password can't be sniffed.
The other need is creati
On 5/20/20 12:20 PM, sjmeyer wrote:
> I have a squid configured as a reverse proxy on RHEL 7.8
>
> the certificates on the squid box seem okay the squid -k parse passes,
> however when I attempt to access the back-end server via squid I get
>
> Error negotiating SSL connection on FD 13: error:140
I have a squid configured as a reverse proxy on RHEL 7.8
the certificates on the squid box seem okay the squid -k parse passes,
however when I attempt to access the back-end server via squid I get
Error negotiating SSL connection on FD 13: error:14094416:SSL
routines:ssl3_read_bytes:sslv3 alert
B.H.
I'm using squid with c-icap module for specific content filtering. I
configured squid with ssl bump so website with WSS won't work on it as
mentioned on squid documentation. So for such URLs (with WSS) I need
bypassing squid. I read in some posts that squid doesn't fully supports
bypassing UR
On 5/20/20 6:02 AM, Matus UHLAR - fantomas wrote:
>> On 5/19/20 9:24 AM, Matus UHLAR - fantomas wrote:
>>> David, note that requiring browsers to connect to your proxy over
>>> encrypted (https) connection, and then decrypting tunnels to real server
>>> will
>>> lower the clients' security
> On 1
On 5/20/20 3:51 AM, David Touzeau wrote:
> How to be a sponsor?
There are many ways, including these two:
1. You privately find a developer (a person or an organization) and pay
them for implementing the changes you need.
2. You post an RFQ to squid-dev and solicit quotes/bids from developers.
On 5/20/20 6:07 AM, Matus UHLAR - fantomas wrote:
> On 20.05.20 05:07, Ronan Lucio wrote:
>> I read a similar thread a couple of weeks ago, but my scenario has
>> some differences.
>> Anyway, my need is sending CONNECT method requests over HTTPS as well.
> already possible.
I assume that, here an
On 20.05.20 07:13, Leonardo Bacha Abrantes wrote:
Please does anyone has a effective way how to block file download over
https connection?
I tried many things but didn't work. Only worked over http.
this requires SSL bumping. in https, you don't see the content unless you
bump, and therefore
Hi guys,
Please does anyone has a effective way how to block file download over
https connection?
I tried many things but didn't work. Only worked over http.
Sorry for my english.
Thanks!
___
squid-users mailing list
squid-users@lists.squid-cache.org
h
On 20.05.20 05:07, Ronan Lucio wrote:
I read a similar thread a couple of weeks ago, but my scenario has
some differences.
Anyway, my need is sending CONNECT method requests over HTTPS as well.
already possible.
If read the docs and just would like to confirm with you if I got it right:
1)
T
On 18/05/20 10:15 am, David Touzeau wrote:
Hi we want to use squid as * * * Secure Proxy * * * using https_port
We have tested major browsers and it seems working good.
To make it work, we need to deploy the proxy certificate on all browsers
to make the secure connection running.
On 19.05.20 1
Thanks for the answer details
How to be a sponsor ? ( cost ) of such feature
Could you think it can be planned for 5.x ?
I think it should be a "future" "standard" in the same way of DNS over SSL
Le 19/05/2020 à 16:46, Alex Rousskov a écrit :
On 18/05/20 10:15 am, David Touzeau wrote:
Hi we wa
17 matches
Mail list logo
