Mike, you can also to try the dev branch
https://github.com/e2guardian/e2guardian/tree/develop
SSLMITM works now. The request from the client is intercepted, a spoofed
certificate supplied for
the target site and an encrypted connection made back to the client.
A separate encrypted connection
Leonardo Rodrigues writes:
> Em 24/06/15 15:28, Henry S. Thompson escreveu:
>> I've searched the documentation and mailing list archives w/o success,
>> and am not competent to read the source, so asking here: what is
>> logged as the 'remotehost' in Squid logs when a request that has been
>> enca
On Friday 26 Jun 2015 at 09:51, Henry S. Thompson wrote:
> > logs will show the IP address that reached squid, ie. the source
> > address of the connection. If that was NATted, squid will never know
> > (and thus is not able to log) the original address before the NAT.
>
> That's what I assum
Antony Stone writes:
> On Friday 26 Jun 2015 at 09:51, Henry S. Thompson wrote:
>
>> > logs will show the IP address that reached squid, ie. the source
>> > address of the connection. If that was NATted, squid will never know
>> > (and thus is not able to log) the original address before the N
On Friday 26 Jun 2015 at 10:42, Henry S. Thompson wrote:
> Antony Stone writes:
> >
> > It's entirely plausible (I'd even say common) for VPN clients to get
> > 192.168 addresses; also if there's a NATting router in the path
> > and Squid is logging its address, that could easily be 192.168..
Thanks for your valuable information Amos.
Regards,
Nithi
On Friday 26 June 2015 10:48 AM, Amos Jeffries wrote:
On 26/06/2015 4:36 p.m., Squid List wrote:
Hi,
Is the Squid can cache Microsoft Updates and IOS Updates?
If its cache means, please help me out for cache Chrome OS updates in
lates
On 26/06/2015 8:40 p.m., FredB wrote:
> Mike, you can also to try the dev branch
> https://github.com/e2guardian/e2guardian/tree/develop
> SSLMITM works now. The request from the client is intercepted, a spoofed
> certificate supplied for
> the target site and an encrypted connection made back
Thanks Amos, I will discuss this in more details with the dev of SSLMITM in E2
Fred
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Antony Stone writes:
> Imagine the following setup:
>
> Organisation has a bunch of servers (maybe at their office in a
> server room, maybe in a data centre, doesn't matter which), some of
> which have public IPs, but all of which have private IPs on an
> internal subnet (for system management pu
ufdbGuard, the fastest and free URL filter for Squid, has a new patch release.
Patch 13 resolves:
+ new installation procedure for Solaris 10 and 11 - with much appreciated help
from Yuri Voinov
+ various overblocking/underblocking issues with complex ACLs
+ redirection of URLs with HTTPS on Squ
aren't squid and nat box different ? that was my presumption..
On 25 June 2015 at 19:07, Amos Jeffries wrote:
> On 25/06/2015 12:45 p.m., Alex Samad wrote:
>> Hi
>>
>> why this, doesn't this block all traffic getting to the squid port.
>> iptables -t mangle -A PREROUTING -p tcp --dport $SQUIDPORT
On 27/06/2015 12:14 a.m., Alex Samad wrote:
> aren't squid and nat box different ? that was my presumption..
>
Best not to.
The dst-IP:port on the TCP packets entering the Squid machine is where
Squid will send the outgoing server requests. If that dst-IP is the IP
of the Squid machine itself yo
Yes we already have that version installed, that is the version having
these issues.
[root@Server1 ~]# e2guardian -v
e2guardian 3.0.4
On 6/26/2015 3:40 AM, FredB wrote:
Mike, you can also to try the dev branch
https://github.com/e2guardian/e2guardian/tree/develop
SSLMITM works now. The reque
Amos,
I would like to use e2guardian if possible, and after checking it out,
http://www.google.com/webhp?nord=1 does force the insecure, but previous
entries attempted just cause all searches to loop back to that same url
instead of passing it along.
We could use a regex option in squid, but
Nevermind... I found another fix within e2guardian:
etc/e2guardian/lists/urlregexplist
Added this entry:
# Disable Google SSL Search
# allows e2g to filter searches properly
"^https://www.google.[a-z]{2,6}(.*)"->"http://www.google.com/webhp?nord=1";
This means whenever google.com or www.google.
acl Y-TUBE dstdomain .googlevideo.com
range_offset_limit -1 Y-TUBE
this conf make the assertion bug,
we need a solution
am still waiting Amos
Thanks.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/assertion-failed-comm-cc-178-fd-table-conn-fd-halfClosedRea
Hi
Sorry missing something here.
I thought this was a mikrotek rtr , presumably acting as a default
gateway for the local lan to the internet.
it has a DNAT rule to capture all internet traffic that is port 80
(and presumably at some point in time port 443) and it DNATS it to the
SQUID box.
and
On 27/06/2015 10:02 a.m., Alex Samad wrote:
> Hi
>
> Sorry missing something here.
>
> I thought this was a mikrotek rtr , presumably acting as a default
> gateway for the local lan to the internet.
> it has a DNAT rule to capture all internet traffic that is port 80
> (and presumably at some poi
Better to use:
# Adobe/Java and other updates
acl adobe_java_updates urlpath_regex "/usr/local/squid/etc/urlregex.updates"
# Youtube & CDN store rewrite ACLs
acl store_rewrite_list urlpath_regex
\/(watch\?|get_video|videoplayback\?)
\.(jp(e?g|e|2)|gif|png|tiff?|bmp|ico|webp|flv|f4f|mp4)\? \/ad
19 matches
Mail list logo
