Re: [squid-users] Question: cache_mem share among multiple squid instances with the same service_name in SMP mode

Alex, On 20/05/2024 22:09, Alex Rousskov wrote: > On 2024-05-20 03:35, Zhijian Li (Fujitsu) wrote: > >> In SMP mode, is it possible that cache_mem can be share among >> multiple squid instances with the same service_name? > > Short answer: "Do not run multiple SMP Squid instances with the same

Re: [squid-users] Question: cache_mem share among multiple squid instances with the same service_name in SMP mode

On 2024-05-20 03:35, Zhijian Li (Fujitsu) wrote: In SMP mode, is it possible that cache_mem can be share among multiple squid instances with the same service_name? Short answer: "Do not run multiple SMP Squid instances with the same service_name". SMP Squid cache[1] is not supposed to be sh

Re: [squid-users] Question for Enterprise adoption

On 4/5/23 14:17, Thoppae, Venkataganesh x (Contractor) wrote: We are looking to get squid proxy as an authorized product for internal use at Fannie Mae and the approval team here has the below question, which is generally asked for all third party products. Any response or guidance would be ex

Re: [squid-users] Question regarding the release process

On Sun, Jan 22, 2023 at 02:55:54AM +1300, Amos Jeffries wrote: On 21/01/2023 4:02 am, Athos Ribeiro wrote: Hi! I am trying to understand how accurate the discussion in http://lists.squid-cache.org/pipermail/squid-dev/2015-March/001853.html is nowadays, That discussion was the latest on Squid n

Re: [squid-users] Question regarding the release process

On 21/01/2023 4:02 am, Athos Ribeiro wrote: Hi! I am trying to understand how accurate the discussion in http://lists.squid-cache.org/pipermail/squid-dev/2015-March/001853.html is nowadays, That discussion was the latest on Squid numbering. There have been modifications to release timing, but

Re: [squid-users] Question about compatibility SQUID 3.5.12 and UBUNTU 16.04 or UBUNTU 18.04

On 19/01/22 04:02, Massimiliano Toscano wrote:  Hi , i have a Linux UBUNTU 16 to update and possibly to upgrade and bring to UBUNTU 18.04 root@tortella1:~# cat /etc/issue Ubuntu 16.04.4 LTS root@tortella1:~# squid -v Squid Cache: Version 3.5.12 Service Name:

Re: [squid-users] Question about compatibility SQUID 3.5.12 and UBUNTU 16.04 or UBUNTU 18.04

> Hi , > > i have a Linux UBUNTU 16 to update > > and possibly to upgrade and bring to UBUNTU 18.04 > > root@tortella1:~# cat /etc/issue > Ubuntu 16.04.4 LTS > > root@tortella1:~# squid -v > Squid Cache: Version 3.5.12 > Service Name: squid > Ubuntu linux > > when we tried the first time SQUID 3.5

Re: [squid-users] Question regarding TPROXY and sslBump

On 16/02/20 2:58 am, Felipe Polanco wrote: > Thanks for the reply, > > Speaking strictly about TPROXY, are there any limitations compared to > regular transparent intercept? I assume that by "regular transparent intercept" you mean NAT intercept. The primary difference between TPROXY and NAT ...

Re: [squid-users] Question regarding TPROXY and sslBump

Thanks for the reply, Speaking strictly about TPROXY, are there any limitations compared to regular transparent intercept? We have full control of the network and TCP routing. We have done regular https intercept in the past and is working fine, but now we would like to try TPROXY in bridging mo

Re: [squid-users] Question regarding TPROXY and sslBump

On 15/02/20 10:28 am, Felipe Polanco wrote: > Hi, > > Can squid running in TPROXY mode intercept and decrypt HTTPS payload > with sslBump? > Maybe. It can do so about as well as NAT intercept mode can. Wherther TPROXY works depends on what level of access you have to control the TCP packet rout

Re: [squid-users] Question about HTTPS transparent proxy with cache_peer

On 9/02/20 3:47 pm, Felipe Arturo Polanco wrote: > Thanks for the reply, > > Is there a documentation for squid 5 on this feature?  > Just the release notes. There is nothing special to configure though. If the peer is allowed to be used by your policy but not supporting TLS on its connections

Re: [squid-users] Question about HTTPS transparent proxy with cache_peer

Thanks for the reply, Is there a documentation for squid 5 on this feature? On Sat, Feb 8, 2020, 8:34 PM Amos Jeffries wrote: > On 9/02/20 5:17 am, Felipe Arturo Polanco wrote: > > Hi, > > > > Can squid be set up as a transparent proxy for HTTP and HTTPS and at > > the same time use an upstream

Re: [squid-users] Question about HTTPS transparent proxy with cache_peer

On 9/02/20 5:17 am, Felipe Arturo Polanco wrote: > Hi, > > Can squid be set up as a transparent proxy for HTTP and HTTPS and at > the same time use an upstream proxy? > > It means converting GET request from a client to a CONNECT request to an > upstream server. > That depends on the GET reques

Re: [squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?

On 5/01/20 7:24 am, Andrei Pozolotin wrote: > Amos, hello: > > On 2020-01-04 05:14, Amos Jeffries wrote: >> Expires header is an HTTP/1.0 protocol feature. Its absence has no >> meaning. >> The 302 response is explicitly defined in HTTP as a *temporary* object >> which can change at any time. The

Re: [squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?

Amos, hello: On 2020-01-04 05:14, Amos Jeffries wrote: Expires header is an HTTP/1.0 protocol feature. Its absence has no meaning. The 302 response is explicitly defined in HTTP as a *temporary* object which can change at any time. The *presence* of Cache-Control:max-age or Expires set a mini

Re: [squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?

On 4/01/20 11:49 pm, Andrei Pozolotin wrote: > Alex: > > On 2020-01-03 14:19, Alex Rousskov wrote: >>> Question: how can one force the caching of 302 responses >>> without the Expires header and with Strict-Transport-Security max-age >>> header? >> >> >> You can modify Squid to handle Strict-Trans

Re: [squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?

Alex: On 2020-01-03 14:19, Alex Rousskov wrote: Question: how can one force the caching of 302 responses without the Expires header and with Strict-Transport-Security max-age header? You can modify Squid to handle Strict-Transport-Security specially or you can write an ICAP or eCAP service t

Re: [squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?

On 1/3/20 11:14, Andrei Pozolotin wrote: 3. here are response details via curl: a) curl --head https://archive.archlinux.org/repos/2020/01/01/community/os/x86_64/python-wheel-0.33.6-3-any.pkg.tar.xz HTTP/2 302 server: nginx/1.16.1 date: Fri, 03 Jan 2020 17:56:14 GMT content-type: text/html c

Re: [squid-users] Question on Many Clients to Many Proxy Lists

Yes both were before the cache, but I wasn't calling the correct group in the ACL, which caused the issue. Thanks for you help. Now to figure out why it's slow On Fri, Nov 30, 2018 at 2:17 PM Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 11/30/18 11:51 AM, Wire Cutter wrote: >

Re: [squid-users] Question on Many Clients to Many Proxy Lists

On 11/30/18 11:51 AM, Wire Cutter wrote: > cache_peer_access peerA1 allow port_8080 > > cache_peer 192.168.1.2 parent 8800 0 round-robin no-query name=peerA1 > Then this is the error I get when I start the service  > > Bungled /etc/squid/squid.conf line 3148: cache_peer_access peerA1 allow >

Re: [squid-users] Question on Many Clients to Many Proxy Lists

So thats exactly what I did. #Rules for Peer group - list 1 cache_peer_access peerA1 allow port_8080 cache_peer_access peerA2 allow port_8080 cache_peer_access peerA3 allow port_8080 cache_peer_access peerA4 allow port_8080 #cache_peer cache_peer 192.168.1.2 pa

Re: [squid-users] Question on Many Clients to Many Proxy Lists

On 11/29/18 7:57 AM, Wire Cutter wrote: > I’ve created 4 ports for clients to talk to, then created ACL lists for > those ports.  From there I’ve tried (and failed) to create naming groups > for cacheing peers, then added those to ACLs and it fails. Any ideas? Use cache_peer_access to allow http_

Re: [squid-users] question about squid and https connection .

From: Alex Rousskov [mailto:rouss...@measurement-factory.com] Sent: Friday, July 20, 2018 6:17 PM To: Eliezer Croitoru ; 'Squid Users' Subject: Re: [squid-users] question about squid and https connection . On 07/20/2018 03:04 AM, Eliezer Croitoru wrote: > I think we can use MD5/SHA1/

Re: [squid-users] question about squid and https connection .

iginal Message- > From: Alex Rousskov [mailto:rouss...@measurement-factory.com] > Sent: Thursday, July 19, 2018 11:29 PM > To: Eliezer Croitoru ; 'Squid Users' > > Subject: Re: [squid-users] question about squid and https connection . > > On 07/19/2018 12:08 P

Re: [squid-users] question about squid and https connection .

5-28704261 Email: elie...@ngtech.co.il -Original Message- From: Alex Rousskov [mailto:rouss...@measurement-factory.com] Sent: Thursday, July 19, 2018 11:29 PM To: Eliezer Croitoru ; 'Squid Users' Subject: Re: [squid-users] question about squid and https connection . On

Re: [squid-users] question about squid and https connection .

uly 18, 2018 11:45 PM > To: Eliezer Croitoru ; 'Squid Users' > > Subject: Re: [squid-users] question about squid and https connection . > > On 07/18/2018 02:23 PM, Eliezer Croitoru wrote: > > >> Every certificate have the same properties of the original one

Re: [squid-users] question about squid and https connection .

July 18, 2018 11:45 PM To: Eliezer Croitoru ; 'Squid Users' Subject: Re: [squid-users] question about squid and https connection . On 07/18/2018 02:23 PM, Eliezer Croitoru wrote: > Every certificate have the same properties of the original one except > the "RSA key"

Re: [squid-users] question about squid and https connection .

From: Alex Rousskov [mailto:rouss...@measurement-factory.com] Sent: Wednesday, July 18, 2018 11:45 PM To: Eliezer Croitoru ; 'Squid Users' Subject: Re: [squid-users] question about squid and https connection . On 07/18/2018 02:23 PM, Eliezer Croitoru wrote: > Every certificate hav

Re: [squid-users] Question about traffic calculate

live access.log streams is probably the most efficient way of doing this. Concerning this moment So in the logs only one half of the traffic, and if the incoming + outgoing https://alter.org.ua/soft/fbsd/squid_tot_sz/ All the patches I found are related to the old versions of the SQUID for 3.5

Re: [squid-users] question about squid and https connection .

rom: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Alex Rousskov > Sent: Friday, July 13, 2018 2:01 AM > To: 'Squid Users' > Subject: Re: [squid-users] question about squid and https connection . > > On 07/12/2018 02:35 PM, Eliezer Croit

Re: [squid-users] question about squid and https connection .

rom: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Alex Rousskov Sent: Friday, July 13, 2018 2:01 AM To: 'Squid Users' Subject: Re: [squid-users] question about squid and https connection . On 07/12/2018 02:35 PM, Eliezer Croitoru wrote: > Every RSA

Re: [squid-users] question about squid and https connection .

On 13/07/18 08:27, Eliezer Croitoru wrote: > Alex, > > Just to be sure: > Every RSA key and certificate pair regardless to the origin server and the > SSL-BUMP enabled proxy can be different. > If the key would be the exact same one then we will probably have a very big > security issue/risk to

Re: [squid-users] question about squid and https connection .

s. Alex. > -Original Message- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Alex Rousskov > Sent: Thursday, July 12, 2018 11:27 PM > To: --Ahmad-- ; Squid Users > > Subject: Re: [squid-users] question about squid and https

Re: [squid-users] question about squid and https connection .

nux System Administrator > > Mobile: +972-5-28704261 > > Email: elie...@ngtech.co.il > > > > > > > > -Original Message- > > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Alex Rousskov > > Sent: Thursday, July

Re: [squid-users] question about squid and https connection .

Linux System Administrator > Mobile: +972-5-28704261 > Email: elie...@ngtech.co.il > > > > -Original Message- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of Alex Rousskov > Sent: Thursday, July 12, 2018 11:27 PM > To: -

Re: [squid-users] question about squid and https connection .

972-5-28704261 Email: elie...@ngtech.co.il -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of Alex Rousskov Sent: Thursday, July 12, 2018 11:27 PM To: --Ahmad-- ; Squid Users Subject: Re: [squid-users] question about squid and https connection

Re: [squid-users] question about squid and https connection .

On 07/12/2018 01:17 PM, --Ahmad-- wrote: > if i have pc# 1 and that pc open facebook . > > then i have other pc # 2 and that other pc open facebook . > > > now as we know facebook is https . > > so is the key/ cert that used on pc # 1 is same as cert in pc # 2 to decrypt > the fb encrypted t

Re: [squid-users] Question about traffic calculate

On 06/21/2018 05:14 AM, Tiraen wrote: > where i can read more about this (I mean the development of custom > ICAP/eCAP modules and their connection to the proxy) ? The best place to start is probably https://wiki.squid-cache.org/SquidFaq/ContentAdaptation If you decide to go the ICAP route, you w

Re: [squid-users] Question about traffic calculate

and where i can read more about this (I mean the development of custom ICAP/eCAP modules and their connection to the proxy) ? 2018-06-13 18:35 GMT+03:00 Alex Rousskov : > On 06/13/2018 07:09 AM, Matus UHLAR - fantomas wrote: > > On 13.06.18 13:26, Tiraen wrote: > >> ICAP will help provide data on

Re: [squid-users] Question about traffic calculate

On 06/13/2018 07:09 AM, Matus UHLAR - fantomas wrote: > On 13.06.18 13:26, Tiraen wrote: >> ICAP will help provide data on incoming / outgoing traffic? > icap can get the data and work with it. > you don't have to manipulate, just do the accounting. > you just need ICAP module that will do it. Y

Re: [squid-users] Question about traffic calculate

On 13.06.18 13:26, Tiraen wrote: ICAP will help provide data on incoming / outgoing traffic? icap can get the data and work with it. you don't have to manipulate, just do the accounting. you just need ICAP module that will do it. 2018-06-13 12:54 GMT+03:00 Matus UHLAR - fantomas : On 13.

Re: [squid-users] Question about traffic calculate

ICAP will help provide data on incoming / outgoing traffic? 2018-06-13 12:54 GMT+03:00 Matus UHLAR - fantomas : > On 13.06.18 11:51, Tiraen wrote: > >> either such a question, perhaps someone in the course >> >> in the SQUID is still not implemented radius accounting? >> > > authentication - yes.

Re: [squid-users] Question about traffic calculate

On 13.06.18 11:51, Tiraen wrote: either such a question, perhaps someone in the course in the SQUID is still not implemented radius accounting? authentication - yes. But squid doese not support accounting (afaik). Maybe there are any third-party modules working correctly? maybe iCAP module

Re: [squid-users] Question about traffic calculate

either such a question, perhaps someone in the course in the SQUID is still not implemented radius accounting? Maybe there are any third-party modules working correctly? 2018-06-08 22:55 GMT+03:00 Tiraen : > > > > > > > *What is "online mode" ?> > Perhaps there are other solutions besides log >

Re: [squid-users] Question about traffic calculate

*What is "online mode" ?> > Perhaps there are other solutions besides log parsing?What information are you trying to get exactly? * There are actual data on incoming / outgoing traffic per user (when autorization by login is on) In principle, all the data is, except for the thing that I wrote abo

Re: [squid-users] Question about traffic calculate

On 08/06/18 17:29, Amos Jeffries wrote: On 09/06/18 02:56, Tiraen wrote: Small clarification If the normal behavior of the proxy server described above is correct, then maybe there are other methods of gathering information on traffic in online mode? What is "online mode" ? SNMP is built i

Re: [squid-users] Question about traffic calculate

On 09/06/18 02:56, Tiraen wrote: > Small clarification > > If the normal behavior of the proxy server described above is correct, > then maybe there are other methods of gathering information on traffic > in online mode? What is "online mode" ? > > Perhaps there are other solutions besides log

Re: [squid-users] Question about traffic calculate

Small clarification If the normal behavior of the proxy server described above is correct, then maybe there are other methods of gathering information on traffic in online mode? Perhaps there are other solutions besides log parsing? 2018-06-06 12:21 GMT+03:00 Tiraen : > >If you are using SSL-Bu

Re: [squid-users] Question about traffic calculate

>If you are using SSL-Bump features, please consider Squid-4 instead It is not used at all.Squid does not work with ssl. Frontend only Concerning incorrectly specified options at build Here on this squid happens the same thing: * squid3 -v* *Squid Cache: Version 3.4.8* * linux* *configure opti

Re: [squid-users] Question about traffic calculate

On 06/06/18 07:12, Tiraen wrote: > /The second transaction has not yet reached that state despite 81017sec > having past. > / > Thank you for clarification. > > About squid version > > /squid -v/ > /Squid Cache: Version 3.5.27/ ... If you are using SSL-Bump features, please consider Squid-4 inst

Re: [squid-users] Question about traffic calculate

*The second transaction has not yet reached that state despite 81017sechaving past. * Thank you for clarification. About squid version *squid -v* *Squid Cache: Version 3.5.27* *Service Name: squid* *configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/include' '--mandir=/

Re: [squid-users] Question about traffic calculate

On 05/06/18 11:34, Tiraen wrote: > Good day. I apologize in advance if this has already been discussed, if > so - just give a link to the discussion > > The proxy server has an interface for viewing current active sessions > > http://{}:{}/squid-internal-mgr/active_requests  > Please be aware t

Re: [squid-users] Question about shutdown_lifetime behavior.

Thanks, Alex. I do have some concerns that 'reconfigure' may cause disruptions in certain situations, but I haven't seen it yet. Perhaps it is most likely to cause problems when connections are first being established, or when they are changing states. It seems to do a good job of not disrupti

Re: [squid-users] Question about shutdown_lifetime behavior.

On 05/02/2018 03:07 PM, Cody Herzog wrote: > So, here is my shutdown sequence: > > 1.) Modify config file to prevent new client connections and 'reconfigure'. > 2.) Poll active requests until there are no connections to critical services. > 3.) Issue the shutdown command with a small value for sh

Re: [squid-users] Question about shutdown_lifetime behavior.

Thanks again, Amos. >Then Squids behaviour already matches your requirements. The "or when timeout >occurs" is shutdown_lifetime and you do not have to do anything. I'm confused by this. After issuing the first shutdown command, my desired behavior is for Squid to shut itself down fully as soon

Re: [squid-users] Question about shutdown_lifetime behavior.

On 02/05/18 05:17, Cody Herzog wrote: > Thanks very much for the quick response, Amos. > >   > > For my use case, I would like Squid to exit when all client connections > have been closed or when the timeout occurs, whichever comes first. > Then Squids behaviour already matches your requirement

Re: [squid-users] Question about shutdown_lifetime behavior.

Thanks very much for the quick response, Amos. For my use case, I would like Squid to exit when all client connections have been closed or when the timeout occurs, whichever comes first. My instances of Squid may be handling several persistent WebSocket connections, and I don't want to disrupt

Re: [squid-users] Question about shutdown_lifetime behavior.

On 01/05/18 18:04, Cody Herzog wrote: > Hello. > > I have a question about shutdown_lifetime: > > http://www.squid-cache.org/Doc/config/shutdown_lifetime/ > > Does Squid always wait the full amount of time before shutting down, even > after all active connections have closed? For now yes. Long

Re: [squid-users] Question with ACL and UrlRewrite ?

May be, because of FB is some years ago under HTTPS? 17.01.2018 03:17, Aismel пишет: > > Hi, > >   > > I need allow  all my users navigate through internet but starting at > 14:00pm to 20:00pm to X pages only so before no one can access to that > X pages. > >   > > I need redirect when a user ask

Re: [squid-users] question in :src/cf.data.pre "

On 13.12.17 12:13, --Ahmad-- wrote: ok great point amos . is there a way to change the default config squid file for squid ? i mean i want to change the default location from /etc/squid/squid.conf to something else ? can i change that from code cc before compile ? https://wiki.squid-cache.o

Re: [squid-users] question in :src/cf.data.pre "

ok great point amos . is there a way to change the default config squid file for squid ? i mean i want to change the default location from /etc/squid/squid.conf to something else ? can i change that from code cc before compile ? cheers > On Dec 12, 2017, at 6:42 PM, Amos Jeffries wrote:

Re: [squid-users] question in :src/cf.data.pre "

On 13/12/17 04:12, --Ahmad-- wrote: @amos about your question . i think “include option “ is ok , but i also need it to be hidden and not added to squid.conf say like : include /var/test.cc would like this is loaded automatically and don’t need to add it in squid.conf ??? i mean each ti

Re: [squid-users] question in :src/cf.data.pre "

@antony i will wait amos reply ! thanks for your time cheers > On Dec 12, 2017, at 5:12 PM, --Ahmad-- wrote: > > @amos about your question . > > i think “include option “ is ok , but i also need it to be hidden and not > added to squid.conf > > say like : > > include /var/test.cc

Re: [squid-users] question in :src/cf.data.pre "

On Tuesday 12 December 2017 at 16:12:59, --Ahmad-- wrote: > @amos about your question . > > i think “include option “ is ok , but i also need it to be hidden and not > added to squid.conf Who are you trying to hide this from? Antony. -- In Heaven, the beer is Belgian, the chefs are Italian, t

Re: [squid-users] question in :src/cf.data.pre "

@amos about your question . i think “include option “ is ok , but i also need it to be hidden and not added to squid.conf say like : include /var/test.cc would like this is loaded automatically and don’t need to add it in squid.conf ??? i mean each time i run squid it will load like includ

Re: [squid-users] question in :src/cf.data.pre "

you correct . but I’m asking about something different like non config in the file : acl ip1 myip 1.2.3.4 http_access allow ip1 http_port 6532 i know the pre.cc file has some config but i want to add something different thanks > On Dec 12, 2017, at 4:31 PM, --Ahmad-- wrote: > > acl

Re: [squid-users] question in :src/cf.data.pre "

On 13/12/17 03:31, --Ahmad-- wrote: as an example i want directives to be added automatically without adding them to squid.conf look below : acl ip1 myip 1.2.3.4 http_access allow ip1 http_port 6532 so above i want them to be added to squid.conf without add them there so i run squid in termi

Re: [squid-users] question in :src/cf.data.pre "

On Tuesday 12 December 2017 at 14:52:08, --Ahmad-- wrote: > Hello folks . > wanna ask if possible to add some directives to be by default added to the > squid config file and when the squid run after compilation to take effect > even i don’t add them to squid .conf http://lists.squid-cache.org/p

Re: [squid-users] question in :src/cf.data.pre "

as an example i want directives to be added automatically without adding them to squid.conf look below : acl ip1 myip 1.2.3.4 http_access allow ip1 http_port 6532 so above i want them to be added to squid.conf without add them there so i run squid in terminal it will contact default squid.co

Re: [squid-users] question in :src/cf.data.pre "

On 13/12/17 02:52, --Ahmad-- wrote: Hello folks . wanna ask if possible to add some directives to be by default added to the squid config file and when the squid run after compilation to take effect even i don’t add them to squid .conf Directives to do what? Amos __

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

On 19/10/17 19:11, Klaus Tachtler wrote: Hi Amos, hi list, is there a problem with the Splash-Screen example from squid homepage  - https://wiki.squid-cache.org/ConfigExamples/Portal/Splash if the squid is BEHIND a e2Guardian(Fork of DansGuardian)? No, http_access and the related session thi

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

Hi Amos, hi list, is there a problem with the Splash-Screen example from squid homepage - https://wiki.squid-cache.org/ConfigExamples/Portal/Splash if the squid is BEHIND a e2Guardian(Fork of DansGuardian)? Thank you! Klaus. -- -- e-Mail : kl...@tach

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

Hi Amos, first of all, thank you for help and advise, BUT I have still a problem - see my latest try: --- code --- # Set up the session helper in active mode. Mind the wrap - this is one line: - MODIFIED - external_acl_type session concurrency=100 ttl=3 negative_ttl=0 children-max=1 %SRC

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

On 16/10/17 07:17, Klaus Tachtler wrote: Hi Amos, after a little bit more testing, of course I must agree with you, it doesn't work as expected. Please can you give me another advice? Where is my fault? I tried to use the *ACTIVE* example from the squid documentation and modified it a littl

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

Hi Amos, after a little bit more testing, of course I must agree with you, it doesn't work as expected. Please can you give me another advice? Where is my fault? I tried to use the *ACTIVE* example from the squid documentation and modified it a little bit on 3 parts of the code, BUT a LOOP

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

On 15/10/17 10:02, Klaus Tachtler wrote: Hi Amos, On 14/10/17 04:40, Klaus Tachtler wrote:> Why I'm on a loop between splash page and accept page? You have two *separate* active (-a) session contexts going on simultaneously. They are both fighting over the session database. Oh my god, to

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

Hi Amos, On 14/10/17 04:40, Klaus Tachtler wrote:> Why I'm on a loop between splash page and accept page? You have two *separate* active (-a) session contexts going on simultaneously. They are both fighting over the session database. Oh my god, to delete "-a" on the "session_active_def"

Re: [squid-users] Question about: ext_session_acl Splash/Portal solution.

On 14/10/17 04:40, Klaus Tachtler wrote:> Why I'm on a loop between splash page and accept page? You have two *separate* active (-a) session contexts going on simultaneously. They are both fighting over the session database. Amos ___ squid-users m

Re: [squid-users] Question about refresh_pattern and access time...

On 12/10/17 19:43, EdouardM wrote: Amos, here is an example: http://au.download.windowsupdate.com/d/msdownload/update/software/updt/2017/09/windows10.0-kb4023814-x86_f07f9708c76807b1b19545521f17d6e2fefdd627.cab HTTP/1.1 200 OK Cache-Control: public,max-age=172800 Content-Length: 6150968

Re: [squid-users] Question about refresh_pattern and access time...

Amos, here is an example: http://au.download.windowsupdate.com/d/msdownload/update/software/updt/2017/09/windows10.0-kb4023814-x86_f07f9708c76807b1b19545521f17d6e2fefdd627.cab HTTP/1.1 200 OK Cache-Control: public,max-age=172800 Content-Length: 6150968 Content-Type: application/vnd.ms-cab-c

Re: [squid-users] Question about refresh_pattern and access time...

On 12/10/17 04:57, EdouardM wrote: Hi All, question i have in mind about the refresh_pattern and multi-access... let say i use a refresh_pattern about 1 month with an already cached object, the question is: - scenario 1: whatever the number of times the object will be requested, once the delay (1

Re: [squid-users] question about : NOTICE: Authentication not applicable onintercepted requests.

Hey, What you see is not a misconfiguration in the general meaning. Squid and any other proxy cannot authenticate without some kind of special tricks on an Intercept mode and port. There are products which offers transparently to hijack the web traffic and authenticate with the windows credentials

Re: [squid-users] question about : NOTICE: Authentication not applicable onintercepted requests. ( SOLVED )

On 16/02/2017 3:38 a.m., L.P.H. van Belle wrote: > If this one arived in the list. > > > > This is solved, the wpad.dat was guiding my to the other proxy while my > gateway was set to me new proxy. > > This happend at the policy refresh and did not notice it. > > Sorry for the noice. >

Re: [squid-users] question about : NOTICE: Authentication not applicable onintercepted requests. ( SOLVED )

If this one arived in the list.   This is solved, the wpad.dat was guiding my to the other proxy while my gateway was set to me new proxy. This happend at the policy refresh and did not notice it. Sorry for the noice.   But if you see anything that incorrect, or can have a better setup,

Re: [squid-users] Question on no-cache

On 10/11/2016 10:00 a.m., Adiseshu Channasamudhram wrote: > Hello There, > > I recently upgrade squid from 2.7 to 3.3.8 and started seeing a problem where > in the squid was caching > even when no-cache was set. > > I upgraded to 3.5.20 and now what I see is that the content is cached for 60 >

Re: [squid-users] Question: Is it possible adaptation_service_chain from services with different access lists?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 27.09.2016 0:08, Alex Rousskov пишет: > On 09/26/2016 11:32 AM, Yuri Voinov wrote: >> 26.09.2016 23:16, Alex Rousskov пишет: >>> On 09/26/2016 10:42 AM, Yuri Voinov wrote: How can I make a chain of adaptation with different acl's for dif

Re: [squid-users] Question: Is it possible adaptation_service_chain from services with different access lists?

On 09/26/2016 11:32 AM, Yuri Voinov wrote: > 26.09.2016 23:16, Alex Rousskov пишет: >> On 09/26/2016 10:42 AM, Yuri Voinov wrote: >>> How can I make a chain of adaptation with >>> different acl's for different chained services? >> By configuring several chains and then writing adaptation_access ru

Re: [squid-users] Question: Is it possible adaptation_service_chain from services with different access lists?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 26.09.2016 23:16, Alex Rousskov пишет: > On 09/26/2016 10:42 AM, Yuri Voinov wrote: >> 26.09.2016 22:25, Alex Rousskov пишет: >>> I assume you meant that Squid should >>> not send service B non-text messages at all. > >> And how to do it? > > I g

Re: [squid-users] Question: Is it possible adaptation_service_chain from services with different access lists?

On 09/26/2016 10:42 AM, Yuri Voinov wrote: > 26.09.2016 22:25, Alex Rousskov пишет: >> I assume you meant that Squid should >> not send service B non-text messages at all. > And how to do it? I gave a specific example. > To adapt the chain is only one access control list. You are approaching t

Re: [squid-users] Question: Is it possible adaptation_service_chain from services with different access lists?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 26.09.2016 22:25, Alex Rousskov пишет: > On 09/26/2016 09:44 AM, Yuri Voinov wrote: > >> I have to adaptation service A, which has the access list "All". >> >> And B adaptation service that has access list "only text types". > >> I want to chain

Re: [squid-users] Question: Is it possible adaptation_service_chain from services with different access lists?

On 09/26/2016 09:44 AM, Yuri Voinov wrote: > I have to adaptation service A, which has the access list "All". > > And B adaptation service that has access list "only text types". > I want to chain both services in adaptation_service_chain with next logic: > In this scheme, service A must adapt

Re: [squid-users] Question about the url rewrite before proxy out

Did not resolve yet. anyone can help to provide an example plase On 23 September 2016 at 07:57, Bill Yuan wrote: > Thanks for replying > > I see, it is a url rewrite and i am trying to find an sample to have a > test > > > the content are not required to be updated if it is a image > > > On T

Re: [squid-users] Question about the url rewrite before proxy out

Thanks for replying I see, it is a url rewrite and i am trying to find an sample to have a test the content are not required to be updated if it is a image On Thursday, September 22, 2016, Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 09/22/2016 04:20 AM, squid-us...@filter.l

Re: [squid-users] Question about the url rewrite before proxy out

On 09/22/2016 04:20 AM, squid-us...@filter.luko.org wrote: > Then not only the request needs to be rewritten, but probably the > page content too. [...] If that is the case, > then Squid doesn't seem like the right tool for the job. Why not? If rewriting is needed, an ICAP or eCAP service can re

Re: [squid-users] Question about the url rewrite before proxy out

> > > > If you input http://www.yahoo.com/page.html, this will be transformed > > to http://192.168.1.1/www.google.com/page.html. > > I got the impression that the OP wanted the rewrite to work the other way > around. My apologies, that does seem to be the case. > Squid sees http://192.168.1.1

Re: [squid-users] Question about the url rewrite before proxy out

On Thursday 22 Sep 2016 at 06:04, squid-us...@filter.luko.org wrote: > > i am looking for a proxy which can "bounce" the request, which is not a > > classic proxy. > > > > I want it works in this way. > > > > e.g. a proxy is running a 192.168.1.1 > > and when i want to open http://www.yahoo.com,

Re: [squid-users] Question about the url rewrite before proxy out

> i am looking for a proxy which can "bounce" the request, which is not a > classic proxy. > > I want it works in this way. > > e.g. a proxy is running a 192.168.1.1 > and when i want to open http://www.yahoo.com, i just need call > http://192.168.1.1/www.yahoo.com > the proxy can pickup the th

Re: [squid-users] question about ssl_bump

On 03/09/2016 08:38 PM, Alex Samad wrote: >>> I am not sure how haveServerName is constructed >> It is up to the Squid admin. > I'm the squid admin. I am presuming maybe wrongly that this is test to > see if squid has worked out a serverName. Yeah. Ideally, haveServerName should match when an

Re: [squid-users] question about ssl_bump

On 10 March 2016 at 14:17, Alex Rousskov wrote: >> >> I am not sure how haveServerName is constructed > > It is up to the Squid admin. Thanks for the replay to the other stuff I'm the squid admin. I am presuming maybe wrongly that this is test to see if squid has worked out a serverName. ___

Re: [squid-users] question about ssl_bump

On 03/09/2016 08:00 PM, Alex Samad wrote: > from http://wiki.squid-cache.org/Features/SslPeekAndSplice > > # Better safe than sorry: > # Terminate all strange connections. > ssl_bump splice serverIsBank > ssl_bump bump haveServerName > ssl_bump peek all > ssl_bump terminate all > > I am not sure

  1   2   >