On 27.09.23 16:48, Fernando Giorgetti wrote:
I would like to know if it is possible to set up Squid to perform
TLS passthrough to a given backend, relaying TLS encrypted
traffic to the backend, similarly to what HAProxy does below?
https://www.haproxy.com/documentation/aloha/latest/security/tls/
Would you know anything about this Squid problem?
Given the squid-ota.conf file:
```
# An ACL named 'whitelist'
acl whitelist dstdomain '/etc/squid/whitelist.ota'
# Allow whitelisted URLs through
http_access allow whitelist
# Block the rest
http_access deny all
# Intercept tranparent HTTPS traff
On 2023-09-27 16:49, Ralf Hildebrandt wrote:
* Ralf Hildebrandt :
We're relying on
/usr/bin/squidclient -h 127.0.0.1 -p 8080 cache_object://127.0.0.1/counters
for monitoring purposes and 6.3 reports an error when accessing that
resource:
2023/09/27 22:42:57| ERROR: Squid BUG: assurance failed
On 2023-09-27 15:43, Dmitry Katsubo wrote:
On 2023-09-27 19:15, Alex Rousskov wrote:
On 2023-09-27 11:08, Dmitry Katsubo wrote:
After upgrading Squid from v4.13-10+deb11u2 (bullseye) to v5.7-2
(bookworm) I started to get about 5 core dumps per day like below, provided .
How can I find out the
On 2023-09-27 08:22, nikhil deshpande wrote:
[Question]: Are you trying to bump TLS client connections when and only when
the TLS
client is offering to use one of those ciphers in its ClientHello
message? Or do you want Squid to use one of those ciphers when bumping
all TLS client connections?
* Ralf Hildebrandt :
> We're relying on
>
> /usr/bin/squidclient -h 127.0.0.1 -p 8080 cache_object://127.0.0.1/counters
>
> for monitoring purposes and 6.3 reports an error when accessing that
> resource:
>
> 2023/09/27 22:42:57| ERROR: Squid BUG: assurance failed:
> tok.skip(WellKnownUrlPathP
We're relying on
/usr/bin/squidclient -h 127.0.0.1 -p 8080 cache_object://127.0.0.1/counters
for monitoring purposes and 6.3 reports an error when accessing that
resource:
2023/09/27 22:42:57| ERROR: Squid BUG: assurance failed:
tok.skip(WellKnownUrlPathPrefix())
exception location: cache_
Hello,
I would like to know if it is possible to set up Squid to perform
TLS passthrough to a given backend, relaying TLS encrypted
traffic to the backend, similarly to what HAProxy does below?
https://www.haproxy.com/documentation/aloha/latest/security/tls/encryption-strategies/#tls-passthrough
On 2023-09-27 19:15, Alex Rousskov wrote:
> On 2023-09-27 11:08, Dmitry Katsubo wrote:
>
>> After upgrading Squid from v4.13-10+deb11u2 (bullseye) to v5.7-2
>> (bookworm) I started to get about 5 core dumps per day like below, provided .
>> How can I find out the root of the problem and eliminate i
I have created the `myCA.pem` and `myCA.der` files in my Linux open
embedded `pyro` distribution.
How should I then configure Squid for SSL Intercept?
Any clue is appreciated.
Buda
www.trimble.com
This email may contain confidential information that is intended only for
the listed recipien
On 2023-09-27 09:30, Marko Cupać wrote:
169568.912 69973 10.X.X.X TCP_TUNNEL/500 8503669 CONNECT
ipv4-c002-beg001-oriontelekom-isp.1.oca.nflxvideo.net:443 some.gal
HIER_DIRECT/93.93.192.146 -
1695679277.395 876830 10.X.X.X TCP_TUNNEL/500 105991027 CONNECT
rostov1.nebula.to:443 some.guy H
On 2023-09-27 11:08, Dmitry Katsubo wrote:
After upgrading Squid from v4.13-10+deb11u2 (bullseye) to v5.7-2
(bookworm) I started to get about 5 core dumps per day like below.
How can I find out the root of the problem and eliminate it?
Your Squid is most likely suffering (among other v5 bu
Dear squid community,
After upgrading Squid from v4.13-10+deb11u2 (bullseye) to v5.7-2 (bookworm) I
started to get about 5 core dumps per day like below.
How can I find out the root of the problem and eliminate it? Thanks in advance!
# coredumpctl gdb -1 --no-pager
PID: 357187 (squid
Hi,
I have successfully been running AD-authenticated, ssl-bumped (for a
few sites of our own, the rest is spliced) squid proxy server for more
than a decade, where for such success I am greatly thankful to all the
people who develop squid and who helped me on this list numerous times.
Lately I a
Hi Team,
[Question]: Are you trying to bump TLS client connections when and
only when the TLS
client is offering to use one of those ciphers in its ClientHello
message? Or do you want Squid to use one of those ciphers when bumping
all TLS client connections? Or something else? Please clarify.
[An
15 matches
Mail list logo
