[squid-users] Security concerns with using squidclient from a host separate from the server

2019-12-09 Thread Tom Karches
Are there any security concerns with running squidclient anywhere except on the local host? I have been told that squidclient "exposes a lot of data". Is that because transactions are passed over an insecure connection? If so, is there a workaround that solves this problem? Tom -- Thomas Karches

Re: [squid-users] Working proxy_protocol_access settings on Squid 3.5 or 4?

2019-09-24 Thread Tom Karches
ode? (or fall back to using LVS with 3.5.20) Just trying to understand my options. Thanks, Tom On Mon, Sep 23, 2019 at 4:47 PM Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 9/23/19 4:14 PM, Tom Karches wrote: > > > The suggestion was to move to Squid 4 as noted here

[squid-users] Working proxy_protocol_access settings on Squid 3.5 or 4?

2019-09-23 Thread Tom Karches
I am enabling proxy protocol on our FortiADC load balancer so that the source IP of the proxy request can be logged. In the current configuration, the address that is logged belongs to the NAT pool used by the load balancer. I added these config settings to configure the proxy_protocol_access. The

Re: [squid-users] Problems with squid 3.1 to 3.3 upgrade

2019-08-19 Thread Tom Karches
:08.725 kid1| 33,2| client_side.cc(817) swanSong: local= 152.7.114.135:3128 remote=10.50.54.22:57426 flags=12 Do you see anything else relevant in here? Thanks, Tom On Sat, Aug 10, 2019 at 1:57 PM Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 8/9/19 4:32 PM, Tom Karc

Re: [squid-users] Problems with squid 3.1 to 3.3 upgrade

2019-08-09 Thread Tom Karches
On Fri, Aug 9, 2019 at 2:37 PM Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 8/9/19 1:37 PM, Tom Karches wrote: > > On Fri, Aug 9, 2019 at 11:38 AM Alex Rousskov wrote: > > > Ok, here is the info from the real trace. First time with #dns_v4_first > &g

Re: [squid-users] Problems with squid 3.1 to 3.3 upgrade

2019-08-09 Thread Tom Karches
On Fri, Aug 9, 2019 at 11:38 AM Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 8/9/19 9:59 AM, Tom Karches wrote: > > > With this command : > > $curl --trace --proxy http://127.0.0.1:3128 https://www.google.com > > > Invalid URL > > Yeah, tha

Re: [squid-users] Problems with squid 3.1 to 3.3 upgrade

2019-08-09 Thread Tom Karches
> > > On 8/8/19 3:29 PM, Tom Karches wrote: > > > I am in the process of upgrading our Squid proxy server from 3.1 (on > > RHEL6) to 3.3 (on RHEL7). > > It could have been worse! For example, you could ask a question about > upgrading Squid from v1.0 to v2.0...

[squid-users] Problems with squid 3.1 to 3.3 upgrade

2019-08-08 Thread Tom Karches
I am in the process of upgrading our Squid proxy server from 3.1 (on RHEL6) to 3.3 (on RHEL7). It is configured as a explicit (not transparent) proxy that listens on port 3128. Clients are explicitly configured to use the proxy. On the 3.3 system with the same squid.conf as the 3.1 system (I have