want me to
implement this but i could had done)
i attach my script if interested
thanks,
rob
--
Regards,
Robert K Wild.
squid.sh
Description: Binary data
___
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org
Hi all,
Sorry for the dumb question but what is the point of making squid into a
socks5 proxy and if I have already built squid how do I add it to squid
https://serverfault.com/questions/820578/how-to-enable-socks5-for-squid-proxy#820612
Thanks,
Rob
__
Thank you guys,
Tbh I didn't think regex would be more CPU intense so thanks for that
On Sun, 9 Jul 2023, 16:04 Matus UHLAR - fantomas, wrote:
> On 08.07.23 13:07, robert k Wild wrote:
> >True but I don't want to create two ACL lists, one for "ssl name" and one
&g
So will this
(^|\.)redshift3d\.com$
I know it will match
Blah.redshift3d.com and
redshift3d.com
But what about
Blah.Blah.redshift3d.com
On Sat, 8 Jul 2023, 22:32 Alex Rousskov,
wrote:
> On 7/8/23 06:14, Stuart Henderson wrote:
> > On 2023-07-07, robert k Wi
True but I don't want to create two ACL lists, one for "ssl name" and one
for "ssl name regex"
On Sat, 8 Jul 2023, 12:57 Matus UHLAR - fantomas, wrote:
> On 07.07.23 21:13, robert k Wild wrote:
> >i know ive been talking about this before but i want to under
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Thanks Alex
On Fri, 7 Jul 2023, 15:40 Alex Rousskov,
wrote:
> On 7/7/23 09:50, robert k Wild wrote:
>
> > i think this is a new feature in squid as i never saw it in squid 4/5
>
> It is, essentially, a bug fix: Depending on the Squid version, these
> lines were previo
/squid/var/cache/squid
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
tdom.txt"
>
> ## Any of will test what ever rule match first in a first match/hit fasion
> acl NoSSLInterceptAnyOf any-of NoSSLInterceptDstDom
> NoSSLInterceptDstDomFile NoSSLInterceptRegEx NoSSLInterceptRegExFile
>
> ssl_bump peek DiscoverSNIHost
> ssl_bump splice NoS
Great thanks Amos for that clarification :)
On Wed, 5 Jul 2023, 18:28 Amos Jeffries, wrote:
> On 4/07/23 06:02, robert k Wild wrote:
> > hi all,
> >
> > running squid proxy with SSL-bump and some sites dont like squid being
> > MITM and it breaks the SSL cert, so i
/bump issue ie i wont need it anymore
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
thanks Antony
On Mon, 3 Jul 2023 at 11:54, Antony Stone
wrote:
> On Monday 03 July 2023 at 11:46:20, robert k Wild wrote:
>
> > hi all,
> >
> > im reading this acl
> >
> > http://www.squid-cache.org/Doc/config/follow_x_forwarded_for/
> >
> > is
hi all,
im reading this acl
http://www.squid-cache.org/Doc/config/follow_x_forwarded_for/
is this to fool the dst server to think its coming from the client pc
instead of squid proxy
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing
Yes I understand as squid is a http/Https proxy only, even tho if you make
into an intercept proxy?
Is there a way I can make some traffic use iptables to get to the URL
instead of going through squid
On Sun, 2 Jul 2023, 10:02 Matus UHLAR - fantomas, wrote:
> On 01.07.23 23:29, robert k W
Will it work if I make my squid into a intercept proxy instead like below
https://wiki.squid-cache.org/SquidFaq/InterceptionProxy
https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpWithIntermediateCA
Thanks
On Sat, 1 Jul 2023, 23:15 robert k Wild, wrote:
> So you can't get
So you can't get clients that go through the proxy server to ping to
destination servers
On Sat, 1 Jul 2023, 23:10 Antony Stone,
wrote:
> On Saturday 01 July 2023 at 22:59:43, robert k Wild wrote:
>
> > Hi all,
> >
> > Is there a way to get ping to work via the prox
Hi all,
Is there a way to get ping to work via the proxy.
Thanks,
Rob
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
alnet special_url_any_of
> http_access deny all
> ## END OF FILE
>
> Once the above will work try to add other http_access rule like reply
> access rules
>
> Let me know what happens,
> Eliezer
>
> From: robert k Wild
> Sent: Tuesday, June 27, 2023 09:36
> To: ngtech
ll it is but it isn't, as it's an activation URL it isn't activating the
app via the proxy, as soon as I pop the pc on the internet, it activates
the app
Any ideas guys?
Thanks,
Rob
On Tue, 27 Jun 2023, 07:36 robert k Wild, wrote:
> Hi Eliezer,
>
> this is a snippet of
ists and reload.
> It will depend on the size of your lists.
> What OS are you using for your squid proxy?
>
>
>
> More details will help us help you.
>
>
>
> Eliezer
>
>
>
> *From:* squid-users *On
> Behalf Of *robert k Wild
> *Sent:* Monday, June 26, 2
add the url to both files ie urlwhite and no intercept SSL
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
sorry i forgot to mention, its Alma Linux
On Thu, 16 Feb 2023 at 19:38, Alex Rousskov <
rouss...@measurement-factory.com> wrote:
> On 2/16/23 11:41, robert k Wild wrote:
>
> > installing squid from source and just want to know what default
> > repos/packages i shou
libxml2-devel libcap-devel openssl openssl-devel libarchive
#install clamAV packages
dnf install -y clamd clamav clamav-data clamav-devel clamav-lib
clamav-update
do i need anymore?
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
autoconf perl libxml2-devel libcap-devel openssl openssl-devel
#install clamAV packages
dnf install -y clamd clamav clamav-data clamav-devel clamav-lib
clamav-update
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid
I've sorted it, I had to put quotes around my file path to the URL whitelist
On Thu, 12 Jan 2023, 15:22 robert k Wild, wrote:
> hi all,
>
> i have no idea why but my acl for url whitelist doesnt work anymore
>
> this is the output of my parse
>
> /usr/local/squid/sbi
yCA.pem
acl whitelist ssl::server_name_regex /usr/local/squid/etc/urlwhite.txt
and in the url whitelist file is adobe.com
(^|\.)adobe.com$
but when i try to access on my browser "adobe.com" i get the proxy access
denied page
can anyone shed some light as im strugglin
help would be greatly appreciated
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
dele/squid-ubuntu
>
>
>
> Best regards,
>
> Rafael
>
>
>
> *From:* squid-users *On
> Behalf Of *robert k Wild
> *Sent:* Thursday, November 24, 2022 7:23 PM
> *To:* Squid Users
> *Subject:* [squid-users] ubuntu ecap clamAV adapter
>
>
>
> hi all,
&
dapter
any help would be great
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
LOL ok sorted
i uncommented out
http_access allow localnet
and reloaded the service and job done
On Thu, 24 Nov 2022 at 17:40, robert k Wild wrote:
> hi all,
>
> so i have installed squid on ubuntu 22.04 and i havnt made any changes,
> all i have done is
>
> apt install
the time i get
The proxy server is refusing connections
why is this please?
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 21.11.22 13:55, robert k Wild wrote:
> >so to get ecap working instead if icap
> >
> >from this
> >
> >wget http://www.squid-cache.org/Versions/v4/squid-4.17.tar.gz
> >wget
> >
> http://sourceforge.net/projects/c-icap/files/c-icap/0.5.x/c_icap
://www.e-cap.org/archive/ecap_clamav_adapter-2.0.0.tar.gz
what guide is best to follow for ecap as theres two
https://wiki.squid-cache.org/Features/eCAP
https://wiki.squid-cache.org/ConfigExamples/ContentAdaptation/eCAP
On Fri, 18 Nov 2022 at 07:33, robert k Wild wrote:
> Hi Amos,
>
&
at 09:29, Amos Jeffries wrote:
> On 17/11/2022 9:21 pm, robert k Wild wrote:
> > Wow thanks Amos so much for this,
> >
> > You think if I build it on rocky Linux, it would be easier?
> >
>
> I am not familiar with Rocky Linux beyond its existence.
> I expect it w
Wow thanks Amos so much for this,
You think if I build it on rocky Linux, it would be easier?
On Thu, 17 Nov 2022, 06:07 Amos Jeffries, wrote:
> On 16/11/2022 6:31 am, robert k Wild wrote:
> > hi all,
> >
> > atm i have written a script, once you have built a centos 7 VM,
od.conf
echo "clamav_mod.MaxFilesInArchive 1000" >> /etc/clamav_mod.conf
echo "clamav_mod.MaxScanSize 5M" >> /etc/clamav_mod.conf
echo "clamav_mod.HeuristicScanPrecedence on" >> /etc/clamav_mod.conf
echo "clamav_mod.OLE2BlockMacros on" >>
All The Bests and Hope This Helps,
>
> Eliezer
>
>
>
>
>
>
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
&
gt; Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> I don't have lysdexia. The Dog wouldn't allow that.
> ___
> squid-users mailing list
Mmm, maybe I should try
dstdom_regex
Instead of
ssl::server_name_regex
But when you using ssl bump in your squid.conf, isn't it best to use
ssl::server_name_regex
On Tue, 2 Aug 2022, 17:21 Matus UHLAR - fantomas, wrote:
> On 02.08.22 16:41, robert k Wild wrote:
> >that
t;
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* robert k Wild
> *Sent:* Tuesday, 2 August 2022 18:24
&
thats incorrect as
adobe\.com$ works but
.adobe\.com$ or
\.adobe\.com$
doesnt work so i just want to know why
On Tue, 2 Aug 2022 at 16:32, Antony Stone
wrote:
> On Tuesday 02 August 2022 at 17:23:51, robert k Wild wrote:
>
> > mmm... so i just want to know and really sorry
liezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* robert k Wild
> *Sent:* Tuesday, 2 August 2022 15:15
> *T
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* robert k Wild
> *Sent:* Tuesday, 2 August 2022 14:51
t;
>
> If someone might be able to make sense of things in a synchronic fashion
> it would help.
>
> (I do not see any debugs usage there or any helping comment )
>
>
>
> Thanks,
>
> Eliezer
>
>
>
>
>
> Eliezer Croitoru
>
> NgTech, Tech Support
&g
stupid question
On Wed, 27 Jul 2022 at 12:28, Amos Jeffries wrote:
> On 27/07/22 21:54, robert k Wild wrote:
> > hi all,
> >
> > think i got it right but just want to double check with you guys
> >
> > so in my "ssl::server_name" i had
> > .adobe
that's the weird thing, when i try this in "ssl::server_name_regex"
.adobe.com
it doesnt work
you mean escape ie the \ character
On Wed, 27 Jul 2022 at 11:05, Matus UHLAR - fantomas
wrote:
> On 27.07.22 10:54, robert k Wild wrote:
> >think i got it right but j
adobe.com$
it works, so im guessing its right
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
704261
>
> Email: ngtech1...@gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* robert k Wild
> *Sent:* Friday, 22 July 2022 13:23
> *To:* Eliezer Croitoru
> *Cc:* Squid Users
> *Subject:* Re: [squid-users] fo
probably make more sense into what
> you see.
>
>
>
> Eliezer
>
>
>
>
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https:/
c app
On Wed, 20 Jul 2022, 18:44 Antony Stone,
wrote:
> On Wednesday 20 July 2022 at 19:19:22, robert k Wild wrote:
>
> > ok i have realised something, my client cant resolve this address
> >
> > C:\Users\rkw>ping dns.msftncsi.com
> > Ping request could not find h
16:23, robert k Wild wrote:
> hi all,
>
> trying to fool windows it has internet access and not just network access
>
> looking at this guide
>
>
> https://docs.microsoft.com/en-US/troubleshoot/windows-client/networking/internet-explorer-edge-open-connect-corporate-publi
saying "microsoft connect test" if i
go to
http://www.msftconnecttest.com/connecttest.txt
but my network icon is still saying just network access only not internet
access
can anyone help me out please
thanks,
rob
--
Regards,
Robert K Wild.
___
So what your saying is change the
-k reconfigure to
-k rotate
Even tho I've configured squid from source
On Sat, 18 Jun 2022, 00:17 Amos Jeffries, wrote:
> On 18/06/22 07:06, robert k Wild wrote:
> > i understand it now
> >
>
> Er, no.
>
> > cat /etc/log
postrotate just once for all logs
didnt need the squid -k rotate as already handled by logrotate
On Fri, 17 Jun 2022 at 19:27, robert k Wild wrote:
> just a question, im just playing with logrotate
>
> /usr/local/squid/var/logs/*.log {
> monthly
> rotate 4
> compress
> dela
;postrotate" as logrotate is
handling it
On Thu, 16 Jun 2022 at 14:06, robert k Wild wrote:
> Thanks Eliezer, really appreciate it :)
>
> On Thu, 16 Jun 2022, 14:03 , wrote:
>
>> So just create the file I sent you before or extract the file from the
>> squid RPM us
disable the
> cron you have created and if the squid binary is in a specific different
> folder change the path of the squid binary in the squid logrotate file
> accordingly.
>
>
>
> All The Bests,
>
> Eliezer
>
>
>
> *From:* robert k Wild
> *Sent:* Thursd
assistance let me know.
>
>
>
> Eliezer
>
>
>
> *From:* robert k Wild
> *Sent:* Thursday, 16 June 2022 14:52
> *To:* Eliezer Croitoru
> *Cc:* Squid Users
> *Subject:* Re: [squid-users] Logrotate question
>
>
>
> Self compiled from source with others ie
>
>
gt;
>
> Eliezer
>
>
>
> *From:* robert k Wild
> *Sent:* Thursday, 16 June 2022 14:05
> *To:* Eliezer Croitoru
> *Cc:* Squid Users
> *Subject:* Re: [squid-users] Logrotate question
>
>
>
> Oops sorry you did say that, sorry I didn't see that at first
&
Oops sorry you did say that, sorry I didn't see that at first
On Thu, 16 Jun 2022, 12:04 robert k Wild, wrote:
> I imagine Eliezer that's what I need to put in logrotate.conf file
>
> On Thu, 16 Jun 2022, 12:01 , wrote:
>
>> Oops,
>>
>>
>>
&
o change the squid number
> of logs to the same number.
>
>
>
> Let me know if you it’s helpful.
>
>
>
> Eliezer
>
>
>
> *From:* ngtech1...@gmail.com
> *Sent:* Thursday, 16 June 2022 14:00
> *To:* 'robert k Wild' ; 'Squid Users' <
Ok sorry as normally 3 months is 90 days and I just added a 1 to it, but I
get what you mean if months have 31 I should really do 93 as I want to give
it extra room incase
On Thu, 16 Jun 2022, 11:41 Antony Stone,
wrote:
> On Thursday 16 June 2022 at 11:26:37, robert k Wild wrote:
>
> &
Cool, so I will rotate daily and delete after 91 days, thanks guys
On Thu, 16 Jun 2022, 11:14 Matus UHLAR - fantomas,
wrote:
> On 16.06.22 10:54, robert k Wild wrote:
> >Basically I want to keep logs for 3 months then rotate so it overwrites
> >them with another 3 months, if t
t my CentOS 7 system and will try to find the
> right way to do it.
>
>
>
> Eliezer
>
>
>
> *From:* robert k Wild
> *Sent:* Thursday, 16 June 2022 11:28
> *To:* Eliezer Croitoru
> *Cc:* Squid Users
> *Subject:* Re: [squid-users] Logrotate question
>
>
&g
Cool, Thanks all, il try the logrotate program instead of using squids one
Thanks guys :)
On Thu, 16 Jun 2022, 10:26 Matus UHLAR - fantomas,
wrote:
> On 16.06.22 10:23, robert k Wild wrote:
> >So I can use the package logrotate instead of the squid one
>
> squid packages
So I can use the package logrotate instead of the squid one
On Thu, 16 Jun 2022, 10:22 Matus UHLAR - fantomas,
wrote:
> On 16.06.22 09:53, robert k Wild wrote:
> >All I know is I need to keep a record of up to 3 months, worth of logs,
> due
> >to gdpr, how would you s
Hi Antony,
All I know is I need to keep a record of up to 3 months, worth of logs, due
to gdpr, how would you say I go about this
Thanks,
Rob
On Thu, 16 Jun 2022, 09:49 Antony Stone,
wrote:
> On Thursday 16 June 2022 at 09:27:32, robert k Wild wrote:
>
> > Thanks Eliezer
> >
gt;
> What OS are you using?
>
>
>
> Eliezer
>
>
>
> *From:* squid-users *On
> Behalf Of *robert k Wild
> *Sent:* Wednesday, 15 June 2022 20:19
> *To:* Squid Users
> *Subject:* [squid-users] Logrotate question
>
>
>
> Hi all,
>
>
>
>
Hi all,
ATM to clear the logs, I do this in crontab, every 3 months
0 0 1 */3 * echo "" > /usr/local/squid/var/logs/access.log and do the same
for cache log
It works but I want to really use log rotate ie
0 0 1 */3 * /usr/local/squid/sbin/squid -k rotate
I hear log rotate keeps 10 files by def
tial.
>
> Diving back to your original request:
>
> On 20/05/22 02:25, robert k Wild wrote:
> > hi all,
> >
> > want to make the below into a regex as after the io..., could be any
> > number and letter, the - stays in the same position but to make it
Thanks Amos,
So does that mean for all my SSL::server_name ACLs, I should be using
SSL_bump and not http_access
On Sat, 21 May 2022, 06:10 Amos Jeffries, wrote:
> On 20/05/22 23:26, robert k Wild wrote:
> > Sorry I'm a bit thick
> >
>
> Don't be. These th
Sorry I'm a bit thick
So I've read SSL::server_name_regex which uses sni is better than
dstdomain_regex
So I think I'm better of using the sni one then ?
On Fri, 20 May 2022, 12:20 Matus UHLAR - fantomas,
wrote:
> On 20.05.22 11:21, robert k Wild wrote:
> >So for SSL
So for SSL inspection, for squid to look into the URl headers, what's the
better one
Server name or
DST domain
Thanks,
Rob
On Fri, 20 May 2022, 11:12 Matus UHLAR - fantomas,
wrote:
> On 19.05.22 19:29, robert k Wild wrote:
> >Think I found it but, what the difference bet
Think I found it but, what the difference between these two
acl aclname ssl::server_name_regex [-i] \.foo\.com ...
acl aclname dstdom_regex [-n] [-i] \.foo\.com ...
On Thu, 19 May 2022, 19:01 robert k Wild, wrote:
> Hi all,
>
> ATM in my squid.conf I have two acls, one for normal
Hi all,
ATM in my squid.conf I have two acls, one for normal whitelist urls and one
for whitelist reg ex urls, like so
#HTTP_HTTPS whitelist websites
acl whitelist ssl::server_name "/usr/local/squid/etc/urlwhite.txt"
#
#HTTP_HTTPS whitelist websites regex
acl whitelistreg ssl::server_name_reg
//wiki.squid-cache.org/SquidFaq/SquidAcl
>
> I suggest have a look there also.
>
> Greetz,
>
> Louis
>
>
>
>
>
>
>
> *Van:* robert k Wild
> *Verzonden:* donderdag 19 mei 2022 16:45
> *Aan:* L.P.H. van Belle
> *CC:* Squid Users
> *Onderwerp:* Re:
gt; If that is what you mean..
>
> I use XCA to create certificate.
>
>
> Greetz,
>
> Louis
>
>
>
>
>
> *Van:* squid-users *Namens *robert k Wild
> *Verzonden:* donderdag 19 mei 2022 16:25
> *Aan:* Squid Users
> *Onderwerp:* [squid-users] Regex for URL
hi all,
want to make the below into a regex as after the io..., could be any number
and letter, the - stays in the same position but to make it simple i just
want to make anything a wildcard
http://zzz-iobuckets-io50-1lnk65fe5gm7n.s3.amazonaws.com/
something like this ive done but it doesnt work
>
> -Original Message-
> From: squid-users On Behalf Of
> Alex Rousskov
> Sent: Wednesday, May 18, 2022 21:39
> To: squid-users@lists.squid-cache.org
> Subject: Re: [squid-users] disable https inspection for licensing some apps
>
> On 5/18/22 12:28, robe
in the url white list so it
can actually see the url
is there something else i need to add for this to work
or maybe some websites ie license website just dont like it going
through a proxy
On Wed, 18 May 2022 at 16:57, robert k Wild wrote:
> hi all,
>
> i have squid proxy configure
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
roitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@gmail.com
>
>
>
> *From:* robert k Wild
> *Sent:* Tuesday, February 22, 2022 10:38
> *To:* Eliezer Croitoru
> *Cc:* Squid Users
> *Subject:* Re: [squid-users] squid proxy reall
to capture the scenario:
>
> https://getsharex.com/
>
>
>
> (if you are using windows)
>
>
>
> Thanks,
>
> Eliezer
>
>
>
>
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1...@g
kes way to long i get "the connection has timed
out"
on my squid server im running htop and pinging google and both seem fine
anything else what it could be
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@l
nice, i dont have any, thanks Amos
i normally dont use parse, i normally use reconfigure and rotate
On Sat, 12 Feb 2022 at 13:43, Amos Jeffries wrote:
> On 11/02/22 23:04, robert k Wild wrote:
> > thanks Amos and Eliezer!
> >
> > tbh i dont know if im using WCCP with my
OK I'm fine
All Squid-4.x up to and including 4.16 built without
--disable-wccpv2 and configured with wccp2_router in squid.conf
are vulnerable.
Thanks Amos for this link
On Fri, 11 Feb 2022, 10:09 robert k Wild, wrote:
> ok so build my squid 4.17 with this option
>
> --
ok so build my squid 4.17 with this option
--disable-wccpv2
as i have no lines in my squid.conf referencing wccp
is that what i should do, tbh i dont even know if i do or dont need wccp
On Fri, 11 Feb 2022 at 02:27, Amos Jeffries wrote:
> On 11/02/22 07:55, robert k Wild wrote:
> &g
y chance? (I really don’t know about a
> setup that doesn’t require this these days)
>
>
>
> If you would be able to share more information on your setup so I might be
> able to clone such a setup it will help a lot.
>
>
>
> Thanks,
>
> Eliezer
>
>
>
&
c package?
> Also, what is your squid setup purpose?
>
> Eliezer
>
> בתאריך יום ה׳, 10 בפבר׳ 2022, 20:56, מאת robert k Wild <
> robertkw...@gmail.com>:
>
>> Hi all,
>>
>> Is there any security vulnerabilities with squid 4.15, should I update to
>&
Hi all,
Is there any security vulnerabilities with squid 4.15, should I update to
4.17 or is it OK to still use as my squid proxy server
Sorry for silly question
Thanks,
Rob
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.sq
found out i need to block
application/json
but if i do that it blocks teams aswell as thats a json, maybe i will try
this
request body max size
but theres another one i can use called
request header max size
whats the best one to use?
On Thu, 28 Oct 2021 at 17:05, robert k Wild wrote
essed
application/x-msdownload
application/x-iso9660-image
application/x-tar
but the deny upmime isnt working as on when i try to upload an exe on teams
website it allows me to upload it
any ideas,
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-
the squid server and tried to
download the txt file again i got the squid virus page
i did have to update my clamav service via yum as when i run "freshclam" it
errored saying running an old version but once i updated all was good
On Wed, 29 Sept 2021 at 13:46, robert k Wild wrote:
&g
allow all
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
riction is now applied to more
> situations than those described in the article OR Rob has circumvented
> Crhome's idea of "publicly trusted CAs".
>
> Alex.
>
> >
>
> > *Van:* sq
googled and its because my cert is too long age, i made it 999 days
and i find out now it should be longer than 397 days
is this correct?
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http
Thanks Amos
On Thu, 12 Aug 2021, 04:05 Amos Jeffries, wrote:
> On 12/08/21 4:06 am, robert k Wild wrote:
> > Great thanks Amos as always
> >
> > So shall I leave this ssl bump lines in
> >
> > ssl_bump splice NoSSLIntercept
> >> ssl_bump peek Discover
't spot that
My understanding is the "no ssl intercept", squid doesn't even bother to
inspect the packets ie man in the middle and just literally passes it
straight to the client
Is that right?
Thanks,
Rob
On Wed, 11 Aug 2021, 06:48 Amos Jeffries, wrote:
> On 11/08/21 4
urls to the nointerceptssl and why
isnt it enough just to add it to urlwhite list
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Thanks Amos
On Tue, 27 Jul 2021, 13:57 , wrote:
> On 2021-07-28 00:25, robert k Wild wrote:
> > is it best to put my "ssl bump" and "no ssl interception" rules under
> >
> > # Recommended minimum Access Permission configuration:
> >
> > or
&
ver_name "/usr/local/squid/etc/pubkey.txt"
ssl_bump splice NoSSLIntercept
ssl_bump peek DiscoverSNIHost
ssl_bump bump all
thanks,
rob
--
Regards,
Robert K Wild.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
1 - 100 of 187 matches
Mail list logo
