Hi,I am running squid-3.3.8 (I also tried with Squid 3.5.0.4) on a centos 6.7
machine with openssl-1.0.1e-30.el6.8.x86_64, I have no problem with most of the
ssl sites however when I try to connect to "https://www.elastic.co/"; browsers
cannot render the whole page (tried on windows 8 with chrom
For a quick fix, I defined the two directives in my squid.conf as follows:
url_rewrite_extras "%>a %un %>rm myip=%la myport=%lp"
store_id_extras "%>a %un %>rm myip=%la myport=%lp"
Basically, I removed the ">A" part, which is responsible for the PTR
lookup of client ips.
Afterwards, squid does no m
On 15/02/2016 10:51 p.m., Stefan Hölzle wrote:
> For a quick fix, I defined the two directives in my squid.conf as follows:
> url_rewrite_extras "%>a %un %>rm myip=%la myport=%lp"
> store_id_extras "%>a %un %>rm myip=%la myport=%lp"
>
> Basically, I removed the ">A" part, which is responsible for
Hi,
I've just upgraded from 3.4.4 to 3.5.13 and tcp_outgoing_mark is no
longer marking packets. Has anything changed in its behavior or
configuration recently?
Thanks,
Will
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.
Hi,
i've set up a CentOS 7 machine with Squid 3.3.8 and kerberos/ntlm
authentication in order to replace our older Squid Proxy.
The new Squid server runs fine and authentication is working as
expected. We use group policies to set proxy server address at terminal
servers and workstations,which
On 12/02/2016 11:04 p.m., Yuri Voinov wrote:
> Hi gents.
>
> Does anybody meet this issue?
>
> This one:
>
> ssl_bump peek step1
> ssl_bump splice disable-ssl-bump
> ssl_bump stare step2
> ssl_bump bump all
>
> always lead to much records in cache.log:
>
> 2016/02/12 15:59:40 kid1| hold w
On 15/02/2016 11:18 a.m., Ryan Slick wrote:
> Hi Guys,
> We built a new squid server on windows, the config as far as I can see is
> basically the same as our existing proxy (which works fine)
> but the problem is http will work fine, https does not.
> the client browser sees the error: "err_tunne
On 15/02/2016 9:15 p.m., Murat K wrote:
> Hi,I am running squid-3.3.8 (I also tried with Squid 3.5.0.4) on a centos 6.7
> machine with openssl-1.0.1e-30.el6.8.x86_64,
The Squid versions numbered 3.X.0.Z are beta releases from over a year ago.
Please use a stable version of 3.5. Preferrably 3.5.1
On 15/02/2016 4:20 p.m., Dan Charlesworth wrote:
> Did a bug end getting filed for this?
>
> I can probably provide some ALL,9 logs but I don’t understand the problem
> well enough to write up a decent report I don’t think.
>
Thanks for the reminder. I dont recall seeing a bug report being made
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
15.02.16 19:09, Amos Jeffries пишет:
> On 12/02/2016 11:04 p.m., Yuri Voinov wrote:
>> Hi gents.
>>
>> Does anybody meet this issue?
>>
>> This one:
>>
>> ssl_bump peek step1
>> ssl_bump splice disable-ssl-bump
>> ssl_bump stare step2
>> ssl
On 16/02/2016 1:18 a.m., Will Roberts wrote:
> Hi,
>
> I've just upgraded from 3.4.4 to 3.5.13 and tcp_outgoing_mark is no
> longer marking packets. Has anything changed in its behavior or
> configuration recently?
>
Hmm, years worth of code change between those. I dont see anything
NFMARK relat
On 15/02/2016 12:05 p.m., Jason Haar wrote:
> Hi there
>
> Given the major usage of Cloud file sharing and things like HD video
> sharing (eg Skype), the amount of outbound bandwidth used by "browsers"
> can be comparable with inbound - and yet by default squid does not
> record this in the loggin
Hi All,
With FF and Squid 3.5.10 do you notice whether the login prompt appears twice
and the second time it works ?
Digest or Basic auth no matter, I tried with www.google.com like start page.
The only way to avoid this, save the account in the browser
To reproduce remove the saved password,
What are the requirements for ssl::server_name to work with SNI (squid
3.5.12) ?
In principle, I want to do this (from squid.conf):
# get the public TLS metadata (includes SNI)
ssl_bump peek all
# block based on SNI matching
acl blocked ssl::server_name .example.com
ssl_bump terminate bl
On 16/02/2016 12:46 p.m., HackXBack wrote:
> What are the requirements for ssl::server_name to work with SNI (squid
> 3.5.12) ?
>
> In principle, I want to do this (from squid.conf):
>
> # get the public TLS metadata (includes SNI)
> ssl_bump peek all
>
This will peek at both step 1 and 2.
so am using wrong conf,
please can you help me to right conf to make sni work if cant be bumped ?
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/about-sni-tp4676005p4676007.html
Sent from the Squid - Users mailing list archive at Nabble.com.
On Tue, Feb 16, 2016 at 2:48 AM, Amos Jeffries wrote:
> Thanks for the reminder. I dont recall seeing a bug report being made.
> Though Jason has sent me a more detailed cache.log trace to work with.
>
Yeah - I actually got half-way through putting in a bug report twice - but
ditched it for thi
Hello All,
Can any one help me to add large file exception in squid proxy server. the
Squid server is use Centos 6 OS. Now could you please do let me know how we
will add large file exception on squid proxy
--
*Thanks & Regards*
Vibhor Saraswat
Mo: +91-9650238084
Email: vibhorsaras...@gmail.com
On 16/02/2016 5:26 p.m., Vibhor Saraswat wrote:
> Hello All,
>
> Can any one help me to add large file exception in squid proxy server. the
> Squid server is use Centos 6 OS. Now could you please do let me know how we
> will add large file exception on squid proxy
>
What do you mean by "large fi
On 16/02/2016 3:12 p.m., Jason Haar wrote:
> On Tue, Feb 16, 2016 at 2:48 AM, Amos Jeffries wrote:
>
>> Thanks for the reminder. I dont recall seeing a bug report being made.
>> Though Jason has sent me a more detailed cache.log trace to work with.
>>
>
>
> Yeah - I actually got half-way through
Pl do let me know the step by step entry which i make in squid.conf file for
large file download exception
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Add-large-file-download-exception-on-Squid-Proxy-server-tp4676010p4676019.html
Sent from the Squid - Use
On 16/02/2016 2:15 p.m., HackXBack wrote:
> so am using wrong conf,
> please can you help me to right conf to make sni work if cant be bumped ?
>
If I am understanding you right you need to add this:
acl step1 at_step SslBumpStep1
Then, replace the "peek all" with "peek step1"
Amos
22 matches
Mail list logo
