squid -v gives this:
Squid Cache: Version 3.5.23
Service Name: squid
Raspbian linux
configure options: '--build=arm-linux-gnueabihf' '--prefix=/usr'
'--includedir=${prefix}/include' '--mandir=${prefix}/share/man'
'--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var'
'--libex
This is the first behaviour I don't want like this:
1568300283.479 3896 xxx.xxx.0.239 TCP_MISS/200 6724533 GET
https://xxx/1.mp4 - HIER_DIRECT/xxx.xxx.24.241 video/mp4
The content of the mp4 file has not changed. Nevertheless after clearing the
browser cache the content produces a MISS instead
In case a client has already downloaded the content and I request the content
again without deleting the local cache (this would be the scenario "same
client") in this case I see a 304 HEAD request which is sent out to the
server (no new download from the server). Probably this works due to the
eta
I will begin with you last question: the scenario I work on was not meant to
work with proxy so far but now we want to integrate it because of traffic
costs. Second point is that we cannot change anything on the application
right now.
This means I have to take everything as it is and to configure
In my scenrio (squid 3.5.23) I have several clients which download content.
Now I want to achieve two things: if one client has already downloaded the
content the second client requesting the same content should take it from
the squid cache.
But: when this content resource on the internet is chan
Problem was the --head option.
For real downloading it works.
ETAG='ed52a4-16cb8852696'
curl --header 'if-none-match: W/'\"${ETAG}\" --cacert ${CERT} --proxy
${PROXY} --proxy-insecure --insecure ${URL} > ${FILE}
With correct ETag the download is an emtpy file (TCP_INM_HIT/304).
With incorrect
Assuming my web application sends headers with information like this:
Cache-Control: public, max-age=0
Last-Modified: Thu, 22 Aug 2019 08:50:29 GMT
ETag: W/"ed52a4-16cb8852696"
Now I was under the impression I could do something like this with curl:
ETAG='ed52a4-16cb8852696'
curl --head --header
I have compiled squid 3.5.23 on a Debian Stretch (because I need SSL).
This means i could enable the collapsed_forwarding feature because this is
what we need (we don't have a case where we need to disable it - this could
be interesting if you have a scenario where speed is more important than
tr
In our scenario it might/will happen that clients will request the same
resources simultaneously.
I ran a test where I start one download with curl and with short delay
(about 1s) I request the same content by another client.
1567673769.781 12123 xxx.xxx.0.1 TCP_MISS/200 15553655 GET
https://xxx
If my understanding is correct when the client already has the content it
sends a HEAD request to the squid and it will be checked whether the content
on the squid is newer than the local cache of the client.
Is it possible to configure the squid in a way that such requests are not
answered by the
Seems that intercept is easier than tproxy.
I have now this config:
acl wifi_net src xxx.xxx.0.0/24
acl our_proxy localip xxx.xxx.0.1/32
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports por
OK - I cannot figure out the whole requirement right now.
In case it will not not work like this: with a) you mean "intercept" and
with b) "tproxy"?
Which of these scenarios would you recommend in case http_port will not do
for us?
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble
I have tested this and it is working.
This is what I said: when I use this http_port directive then it works.
So what is still unclear to me is: what is this https_port directive for? I
understood from one of you answers I found to someone else that this will
lead to something like double stacked
Thank you for your reply.
If I drop the keyword "intercept" I get this error message when starting
squid:
FATAL: ssl-bump on https_port requires tproxy/intercept which is missing.
Using "tproxy" does not help me either - I also end up with 403.
What I want to achieve with my scenario is just ca
I have to setup a TLS proxy connection between client and squid. My config is
working with http_port (without TLS) but as soon as I try https_port it does
not work (squid 3.5.23 compiled with --enable-ssl' '--enable-ssl-crtd'
'--with-openssl').
What I am trying to achieve is a proxy for https cont
15 matches
Mail list logo
