On 2022-11-02 15:35, Grant Taylor wrote:
On 11/1/22 6:27 PM, squid3 wrote:
The working ones deliver an HTTP/1.1 302 redirect to their companies
homepage if the request came from outside the company LAN. If the
request came from an administrators machine it may respond with stats
data about
On 2022-11-02 13:58, mingheng wang wrote:
On Wed, Nov 2, 2022 at 6:17 AM squid3 wrote:
SSL-Bump implies interception of TLS
* intercept may happen at network level (port 443 redirect or NAT)
* intercept may be entirely within Squid (CONNECT tunnel unwrapped)
Decryption is independent of
On 2022-11-02 09:03, Grant Taylor wrote:
On 11/1/22 1:24 PM, squid3 wrote:
No I meant W3C. Back in the before times things were a bit messy.
Hum. I have more questions than answers. I'm not aware of W3C ever
assigning ports. I thought it was /always/ IANA.
Indeed, thus we c
On 2022-11-02 07:49, Grant Taylor wrote:
On 11/1/22 11:33 AM, squid3 wrote:
That is not true as a blanket statement.
Please clarify which statement / who you are addressing.
It seems as if you're addressing mingheng (copied below for
convenience):
Yes I was addressing mingh
On 2022-11-01 11:38, Grant Taylor wrote:
On 10/30/22 6:59 AM, squ...@treenet.co.nz wrote:
Duane W. would be the best one to ask about the details.
What I know is that some 10-12 years ago I discovered an message by
Duane mentioning that W3C had (given or accepted) port 3128 for Squid
use. I'v
On 2022-11-02 06:59, Armando Ramos Roche wrote:
Hi all.
I was working with squid v3.3 on ubuntu 18.04, after migrating to
ubuntu
20.04 a few months ago, squid was updated to version 3.5, currently
version
3.5.27.
And I have realized that nothing that uses the wss or ws protocol works
for
me,
On 2022-11-02 05:44, Grant Taylor wrote:
On 10/31/22 7:32 PM, mingheng wang wrote:
Sorry about that, don't know why it only went to you.
Things happen. That's why I let people know, in case unwanted things
did happen.
I delved into the configuration the last few days, and found that
Squid
On 2022-10-23 06:10, Grant Taylor wrote:
On 10/21/22 11:30 PM, Amos Jeffries wrote:
Not just convention. AFAICT was formally registered with W3C, before
everyone went to using IETF for registrations.
Please elaborate on what was formally registered. I've only seen 3128
/ 3129 be the default
On 2022-10-24 13:36, Matthew H wrote:
Hi,
I'm using Squid to proxy HTTP requests to another proxy. I can see
squid
sending the request to the parent and getting a response, but it sends
the
client that initiated the request a 502 Bad Gateway response.
That is correct behaviour. Squid does n
On 2021-07-28 00:25, robert k Wild wrote:
is it best to put my "ssl bump" and "no ssl interception" rules under
# Recommended minimum Access Permission configuration:
or
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
Both of the above comments are about the ordering of htt
On 2021-07-26 23:05, jens.altrock wrote:
Hi!
I got a little Problem:
We have a proxy server that should route special requests to a parent
proxy and forward the rest tot he standard gateway. I haven't found
any suitable and working configurations, so I'm asking ehre for help.
You appear to no
On 2021-07-27 21:27, Jason Spashett wrote:
If you look at the squid logformat page you can find various
additional logging options available to start with, such as ICAP
processing time. This is a good place to start if you are not using a
custom format already:
http://www.squid-cache.org/Doc/conf
On 2021-07-15 07:48, Vincent Tamet wrote:
You are totally right !
The problem was on my side with the acl regular expression used to
choose extensions to be cached:
acl images url_regex -i
\.(bmp|gif|ico|jpeg|jpg|png|svg|tif|tiff|webp)$
$ was not matching for '?query-string'
For this usage my
On 2021-07-15 09:11, Moti Berger wrote:
Meaning, it indeed added the X-My-Header as ICAP header for the
benefit of the ICAP server on the chain but it seems the value is just
a dot.
What am I doing wrong?
This is best asked via the libecap help channels (see below).
BTW, I'm struggling to f
On 2021-07-13 05:59, Vincent Tamet wrote:
Hi,
I would like to know how to deactivate the "?" refresh_pattern filter
?
There is no such filter. So "deactivate" has no meaning.
refresh_pattern is a directive that provides default values for the
caching Freshness heuristics defined by RFC 7234.
On 2021-07-05 04:42, Alex Rousskov wrote:
On 7/4/21 8:44 AM, Moti Berger wrote:
I established an environment with Squid and Datadog.
It periodically calls the endpoint:
/squid-internal-mgr/counters
Those requests are also sent to the ICAPs.
Is there a way to make Squid not to pass those
On 2021-06-26 01:16, hoper wrote:
Hi again,
If Squid trusts stale user credentials (i.e. allows new requests with
stale cached credentials without revalidating them with your
authentication helper), then this is a Squid bug.
No, I don't think there is a bug here.
Because each time my helper i
On 2021-06-26 07:18, Yosi Greenfield wrote:
Hello all,
I'm trying to use request headers in an external acl, and I'm probably
doing it incorrectly, and it's not working.
Looks like its working fine.
Here's my acl definiton:
external_acl_type ext_acl_program %SRC %>{Connection} %>{Accept}
On 2021-06-23 11:20, Arctic5824 wrote:
hey sorry i accidently directly sent it again, instead of the email
list:
On Tuesday, June 22nd, 2021 at 3:50 PM, Antony Stone wrote:
You might want to be aware that this is illegal in many countries, and
a number of Internet Service Providers have been
On 2021-06-08 23:34, Avinash . wrote:
Dear team, I am using a squid proxy server for 100 + users, but
Internet speed is very slow, I try many method/option but still not
able to resolve the issue
Please find the attached config file & squidclient mgr: info file for
reference.
The mgr:info log
On 2021-06-08 22:51, His Shadow wrote:
Greetings. I've been trying to make a patch for squid,
Code changes should be discussed on the squid-dev mailing list.
FWIW, we (Squid devs) have already discussed this functionality change
and I have a TODO list entry (far down sadly) of supporting your
On 2021-06-08 16:05, m k wrote:
hi all,
Thank you for always helping me with my difficulties.
With your help I am able to complete the proxy. Please help me again
this time.
I want to configure my squid authentication as follows.
Try single sign-on for squid with Kerberos authentication.
Squi
On 2021-06-08 00:04, Grails UK wrote:
Hello,
I hope you are well. I have two questions:
1. Is there any easy way to limit concurrent connections by a single
squid user or the local IP the client connected to.
What are you trying to achieve that make you think of doing that?
2. Our MySQL da
On 2021-05-29 05:42, Albretch Mueller wrote:
On 5/27/21, Matus UHLAR - fantomas wrote:
On 5/25/21, Amos Jeffries wrote:
You enter the IP address or hostname of the squid machine into the
browser
"proxy settings" for manual configuration.
On 27.05.21 03:50, Albretch Mueller wrote:
Yeah, exa
On 2021-05-27 06:58, robert k Wild wrote:
found a really good website to check http headers and i found the mime
type
https://gf.dev/http-headers-test
On Wed, 26 May 2021 at 15:11, robert k Wild wrote:
hi all,
i have in my squid config this
#deny MIME types
acl mimetype rep_mime_type "/usr/
On 2021-05-14 21:45, nikhil deshpande wrote:
Hi Guys,
I am Nikhil from India. We use squid in our project. Currently, we can
see squid version 5 release is in beta as per this link
http://www.squid-cache.org/Versions/.
I wanted to ask what is the probable timeline for Squid version 5
stable rele
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 2021-05-10 22:26, Stephane Simon wrote:
Hello,
I try to configure https with ssl bump.
I use redhat 8.
i follow https://blog.microlinux.fr/squid-https-centos-7/
when i restart squid, he doesn't cooperate and say:
"FATAL: The usr/lib64/squid/security_file_certgen -s
/var/lib/squid/ssl_db -M
Oh, I see. With that simple config the issue has to be lack of cert
chain support in GnuTLS. Simply rebuilding using --with-openssl should
resolve it.
Amos
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/lis
__
Squid Proxy Cache Security Update Advisory SQUID-2021:5
__
Advisory ID: | SQUID-2021:5
Date: | May 10, 2021
Summary: | Denial of Service
__
Squid Proxy Cache Security Update Advisory SQUID-2021:3
__
Advisory ID: | SQUID-2021:3
Date: | May 10, 2021
Summary: | Denial of Service
__
Squid Proxy Cache Security Update Advisory SQUID-2021:4
__
Advisory ID: | SQUID-2021:4
Date: | May 10, 2021
Summary: | Multiple issues i
__
Squid Proxy Cache Security Update Advisory SQUID-2021:2
__
Advisory ID: | SQUID-2021:2
Date: | May 10, 2021
Summary: | Denial of Ser
__
Squid Proxy Cache Security Update Advisory SQUID-2021:1
__
Advisory ID: | SQUID-2021:1
Date: | May 10, 2021
Summary: | Denial of Ser
The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-5.0.6 beta release!
This release is a security release resolving several issues found in
the prior Squid releases.
The major changes to be aware of since 5.0.4:
* SQUID-2020:11 HTTP Request Smuggling
(CVE-
The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-4.15 release!
This release is a security release resolving several issues found in
the prior Squid releases.
The major changes to be aware of since 4.13:
* SQUID-2020:11 HTTP Request Smuggling
(CVE-2020-25
36 matches
Mail list logo
