[squid-users] squid and c-icap configuration

Hi Guys, This is what I want: Browse the internet through a browser such that every url request goes to squid proxy first and then the squid proxy sends it to c-icap server. Finally the url should be logged into `/var/log/access.log` This is what I have tried: c-icap

Re: [squid-users] Dumping sslbump'd decrytped http using icap protocol

Hey, I think you might need fiddler not Squid. Eliezer Eliezer CroitoruTech SupportMobile: +972-5-28704261Email: ngtech1...@gmail.com From: ScottSent: Sunday, May 24, 2020 3:57 PMTo: squid-users@lists.squid-cache.orgSubject: [squid-users] Dumping sslbump'd decrytped http using icap protocol Hi,

Re: [squid-users] Squid 4.4 https_port and ssl-bump : Fatal bungled line

Hello, Thank you for your prompt and precise answer. Well I'm permit myself another question, sorry. If you have an opinion about securing the authentification without https_port : With a FreeIPA central users directory, what could be the best way to secure/protect the authentication process, th

Re: [squid-users] Dumping sslbump'd decrytped http using icap protocol

On Mon, May 25, 2020 at 06:34:19PM +1200, Amos Jeffries wrote: > On 25/05/20 12:56 am, Scott wrote: > > Hi, > > > > Can someone recommend an ICAP application that will allow me to dump the > > HTTP > > of a client-server conversation? > > > > I am doing some forensics on an app - I have sslbump

Re: [squid-users] Bypass squid using iptables

On 25/05/20 10:09 pm, Ben Goz wrote: > B.H >>Tunneling it elsewhere, > Where can I tunnel it? and how can I configure my machine to support it? > You will need at least Squid-4, with this line in squid.conf: on_unsupported_protocol tunnel see also

Re: [squid-users] Squid 4.4 https_port and ssl-bump : Fatal bungled line

On 25/05/20 9:59 pm, ben benml wrote: > Hello, > > I'm contacting you for some help. > I need to deploy a secure proxy based on Squid. > > I try to use https_port combined with sslbump. I get an error message > about a bungled line. > > The reasons I want to do this : > - secure connection betwe

Re: [squid-users] Squid marking QOS and matching marks with linux iptables problem !

On 25/05/20 9:25 pm, Ahmad Alzaeem wrote: > Here is debug result : > > > > 2020/05/25 12:04:58.043 kid1| 33,5| client_side.cc > (1375) parseHttpRequest: Prepare absolute URL from  > 2020/05/25 12:04:58.043 kid1| 33,5| client_side.cc > (2106) clientPa

Re: [squid-users] Bypass squid using iptables

B.H >Tunneling it elsewhere, Where can I tunnel it? and how can I configure my machine to support it? >You cannot have iptables suddenly divert packets to other software mid-stream. I want to tunnel it by IP or translate a group of URLs to IPs I'm not sure if this is the case that you mentioned, B

Re: [squid-users] Squid cache with SSL

On 25/05/20 8:09 pm, Andrey Etush-Koukharenko wrote: > Hello, I'm trying to set up a cache for GCP signed URLs using squid 4.10 > I've set ssl_bump: > *http_port 3128 ssl-bump cert=/etc/ssl/squid_ca.pem > generate-host-certificates=on dynamic_cert_mem_cache_size=4MB > > sslcrtd_program /usr/lib/sq

[squid-users] Squid 4.4 https_port and ssl-bump : Fatal bungled line

Hello, I'm contacting you for some help. I need to deploy a secure proxy based on Squid. I try to use https_port combined with sslbump. I get an error message about a bungled line. The reasons I want to do this : - secure connection between the client browser and the proxy server, so using https

Re: [squid-users] squid configuration with c-icap

On 25/05/20 7:14 pm, Amiq Nahas wrote: > Hi Guys, > > At this point, I have got squid installed on my system. I think it is > working fine since I can browse the internet by adding a manual proxy > in firefox at localhost:3128. > > What I want now is to configure squid such that it passes the req

Re: [squid-users] Squid marking QOS and matching marks with linux iptables problem !

Here is debug result : 2020/05/25 12:04:58.043 kid1| 33,5| client_side.cc(1375) parseHttpRequest: Prepare absolute URL from 2020/05/25 12:04:58.043 kid1| 33,5| client_side.cc(2106) clientParseRequests: local=45.150.17.10:3128 remote=50.254.22.18:62916 FD 540 flags=1: done parsing a request 2

[squid-users] Squid cache with SSL

Hello, I'm trying to set up a cache for GCP signed URLs using squid 4.10 I've set ssl_bump: *http_port 3128 ssl-bump cert=/etc/ssl/squid_ca.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MBsslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MBacl step1

[squid-users] squid configuration with c-icap

Hi Guys, At this point, I have got squid installed on my system. I think it is working fine since I can browse the internet by adding a manual proxy in firefox at localhost:3128. What I want now is to configure squid such that it passes the request to c-icap. Something like mentioned in this imag

Re: [squid-users] Squid marking QOS and matching marks with linux iptables problem !

[NP: it would help if you replied through the list instead of directly to me, even as a CC. Your messages keep getting diverted to spam folder. ] On 25/05/20 4:26 am, Ahmad Alzaeem wrote: > Hi Amos ,  > > Sorry I'm confused a a bit … > > Are my results expected not to work with below : > > > q