Re: [squid-users] Do I need to be technical to use squid proxy?

On Wednesday 15 August 2018 at 21:09:57, Oldman wrote: > Thanks > > I won't change any thing unless I am sure here. Well, you've certainly changed quite a lot of the standard config in the file you showed us earlier. > What was dangerous ? Did you mean I could be hacked with that > configurat

Re: [squid-users] What is a typical squid conf file

On Wednesday 15 August 2018 at 21:07:43, Oldman wrote: > For a typical user That's an "interesting" thing to define :) > who uses squid proxy at home for caching purpose > have dropbox , google drive etc skype running > on pc , mac , ios all together 5 My recommendation is to use the default

Re: [squid-users] Allow one country only be able to use squid proxy?

On Thursday 16 August 2018 at 11:39:29, Oldman wrote: > I can get block of a country ip from > > https://www.ip2location.com/blockvisitorsbycountry.aspx > > Where to put that in conf file so I from a particular country only can > access internet? Er, you are suggesting that you will run a Squid

Re: [squid-users] Allow one country only be able to use squid proxy?

On Thursday 16 August 2018 at 11:53:16, Vacheslav wrote: > Why not just use an ad & porn blocking dns server? Because that does something totally different from what Oldman appears to be trying to do? Antony. > -Original Message- > From: squid-users On Behalf Of > A

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 12:14:04, Oldman wrote: > OK I am newbie so please bear with me > > I am just learning nothing special no serious project > > what to change in my conf so I can access internet :) Let's start with some basics... 1. What operating system have you installed Squid on

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 12:35:40, Oldman wrote: > See I took your invoice and deleted every thing > installed Centos 6 32 bit in my VPS > > then yum install squid I installed it Okay, I'm going to guess that you're using Squid 3.4 then. > I have configured my browser correctly and this

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 13:05:31, Oldman wrote: > Abour your question number 8 > > This is the screenshot > > https://ibb.co/j4DcLp > > I just tested trying to access websites Okay, so firstly that tells me you're using Squid 3.1.23 and not 3.4 as I had assumed for CentOS 6. Secondly p

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 13:22:38, Oldman wrote: > The answer is simple :) > > Are you kidding? No. > Why do you want my proxy ip ? Because it may be relevant to understanding why your proxy is disallowing requests from your computer. > I do not have the knowledge but did you think I w

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 13:29:04, Oldman wrote: > You wanted to know my server ip and did you expect me to publish this > online? Well, let's just discuss "public" and "private" IP addresses for a moment. If your proxy server's IP address starts with 192.168, then nobody on the Internet

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 13:36:50, Alex Crow wrote: > If it's an internal/RFC1918 IP then it makes no difference to your > security in telling the list. Just in case you (Oldman) don't understand this reference, it's a document which explains in far more detail than I just did what a privat

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 14:47:39, Amos Jeffries wrote: > On second thought; were you wanting to use authentication or something > other than IPs to permit access to the proxy? such as what that installer > script was trying to setup for you. Based on "I am just learning nothing special no s

Re: [squid-users] simple question Installed squid right now all internet access is blocked

On Thursday 16 August 2018 at 17:16:42, Alex K wrote: > Why i have the feeling that this is a troll? I know what you mean. I had for the most part put Oldman's attitude down to ignorance of networking and related technical stuff, however given the stunning silence on his part since he accused

Re: [squid-users] https requests the squid rejects the connection

On Monday 20 August 2018 at 19:20:52, Marcelo J. Martinez wrote: > hello, > sorry but I do not write in english I had to translate it with google. > > I have a problem with the proxy server, install it with the default > parameters with the following modifications: 1. Which version of Squid do y

Re: [squid-users] How many network cards do I need?

On Thursday 23 August 2018 at 20:50:20, neok wrote: > Do I need 2 network cards for an explicit squid server 3.5.20 setup? Or can > I do it with just one card? One works fine. Antony. -- Is it venison for dinner again? Oh deer. Please reply

Re: [squid-users] Forward to SOCKS proxy?

On Monday 27 August 2018 at 02:53:38, davidjesse...@aol.com wrote: > Can Squid be used to convert incoming HTTP proxy requests to a SOCKS > server? https://wiki.squid-cache.org/Features/Socks Antony. -- This is not a rehearsal. This is Real Life.

Re: [squid-users] Transparent Squid Proxy - ERR_EMPTY_RESPONSE

On Monday 27 August 2018 at 16:04:16, zo_av wrote: > I'm trying to redirect all of my subnet traffic to a transparent squid > proxy using iptables on the router gateway (the squid proxy is located in > the LAN). So long as you use policy routing for this, and not address translation, it's possib

Re: [squid-users] (no subject)

On Friday 31 August 2018 at 10:59:03, Денис Степанов wrote: > Good day! > I have a some problem with Squid-3.5.27: after working of 15-20 minutes > appears problem with SubjectAlternativeName for any HTTPS websites (for > more details see > https://forum.netgate.com/topic/134054/squid-3-5-27-ssl-c

Re: [squid-users] Squid-3.5.27 MITM stopped work after few minutes

On Friday 31 August 2018 at 11:53:13, Денис Степанов wrote: > Good day! > I have a some problem with Squid-3.5.27: after working of 15-20 minutes > appears problem with SubjectAlternativeName for any HTTPS websites (for > more details see > https://forum.netgate.com/topic/134054/squid-3-5-27-ssl-c

Re: [squid-users] internet squid with https and just for domain resolution not for caching or so

On Friday 31 August 2018 at 17:44:41, --Ahmad-- wrote: > Dear Folks . > > i ask here > > if i wan to enable squid into intercpt/transparent or transparent > TCP_connect > > i dont want to decrypt the message > > all what i need say client requested google.com I assume you

Re: [squid-users] Using CA signed certificate for SSL bump

On Wednesday 05 September 2018 at 09:02:45, Arshad Ansari wrote: > Hi All, > > I have setup squid 4.2 for forward proxy and caching. It is working fine > when I am using self-signed certificate for SSL bump. Good. Well done. > However, our security requirement is to use only CA signed certific

Re: [squid-users] Using SSL bump and reverse proxy for DNS sinkhole

On Saturday 08 September 2018 at 10:25:44, thompsonm wrote: > Hello, I have a question about squid SSL bump and reverse proxy. Basically > for a final project I want to create a DNS sinkhole, where the client tries > to query a domain that has a bad reputation or is known for drive-by > downloads

Re: [squid-users] Using SSL bump and reverse proxy for DNS sinkhole

On Saturday 08 September 2018 at 11:00:41, thompsonm wrote: > "1. a web server which will generate an SSL certificate on the fly and then > serve HTTPS content back to the client using that certificate " > > Is there a way to do this? The only way I can find is to use wildcard > certificates. But

Re: [squid-users] Squid Cache Server

On Tuesday 11 September 2018 at 10:43:13, Mujtaba Hassan Madani wrote: > Hi Squid team, > > I just want to no if squid can cache software for example windows > update, Java,etc. Squid doesn't care what a file is for - whether it's "software", web pages, images, music, video... Squid wi

Re: [squid-users] R: R: SQUID does not insert server ip and port in logs for CONNECT method when the connection fails (error 503)

On Friday 14 September 2018 at 18:52:46, Troiano Alessio wrote: > I don't understand what I need to do... I already did my tests and see the > problem. Yes, but to file a bug we need to know whether it's still in the current code (it may already have been fixed). > But I see that last 3.5 squid

Re: [squid-users] want to change squid name

On Monday 01 October 2018 at 15:08:37, --Ahmad-- wrote: > i just need to have something not squid to run it on linux > > i dont want squid > > i want identical thing to all stuff > > want to use other word than squid in footprints and config files What problems does the word "Squid" create for

Re: [squid-users] Chrome 69

On Monday 01 October 2018 at 21:53:42, neok wrote: > Hello everyone! > I'm a bit lost with the behavior of Google Chrome 69.0 for Win 64 and my > squid rules 3.5.20. > Until a few days ago Any idea what changed a few days ago? > when browsing denied sites Chrome threw the error > "ERR_TUNNEL_CON

Re: [squid-users] socket failure: (24) Too many open files

On Friday 05 October 2018 at 17:57:39, Cherukuri, Naresh wrote: > Hello Squid Group, > > > I am using squid 3.5.20 as a proxy server. On what Operating System? > I Increased the memory from 12 GB to 32 GB You mean you put more memory into the server, or you re-configured something in softwar

Re: [squid-users] socket failure: (24) Too many open files

On Friday 05 October 2018 at 22:08:16, Cherukuri, Naresh wrote: > For just squid process open files count. > > [root@squidprod ~]# lsof -c squid | wc -l > 4385 Squid is not the only thing running on this machine... > [root@squidprod ~]# lsof | wc -l > 10875 But you seem to have sufficient file

Re: [squid-users] squid and iptables

On Friday 12 October 2018 at 16:41:44, morteza omidian wrote: > HiI asked my question before.It seems that anybody can not answer it!! Did you miss the response from Amos? http://lists.squid-cache.org/pipermail/squid-users/2018-October/019389.html > As you know, we can mark packets when they go

Re: [squid-users] acl "clientside_mark" problem

On Tuesday 16 October 2018 at 11:38:53, morteza omidian wrote: > Hi > why anybody don't answer me? Maybe we don't have experience with precisely what you're trying to do. Maybe we're busy with our day jobs. Maybe we're confused by the multiple messages you send about approximately the same top

Re: [squid-users] ERROR: NAT/TPROXY lookup failed to locate original IPs on local

On Friday 19 October 2018 at 18:42:00, Uchenna Nebedum wrote: > Good Day All, > i'm new to squid and i have configured squid as an http transparent proxy > with a mikrotik. > the squid server has only a single NIC, so i followed a tutorial and set up > a dst-nat to squid proxy for traffic on port

Re: [squid-users] Squid Cache Server

On Saturday 20 October 2018 at 14:56:33, Mujtaba Hassan Madani wrote: > Hi Amos, > >I get attached message when trying to access cache manger through web > interface below is my full URL > > http://proxy.com:3128/squid-internal-mgr/info 1. What IP address does "proxy.com" resolve to on your

Re: [squid-users] Squid Cache Server

On Saturday 20 October 2018 at 15:59:36, Mujtaba Hassan Madani wrote: > Hi Antony, > > this is the first IP Connection to 34.194.132.99 failed. That is the address which "proxy,com" resolves to on my machine too. > the IP of my server is 196.202.134.253 So, does this give you any clues as to

Re: [squid-users] Squid Cache Server

On Saturday 20 October 2018 at 16:53:12, Mujtaba Hassan Madani wrote: > Hi, > > now it works through URL > > http://196.202.134.253:3128/squid-internal-mgr/info instead of > http://proxy.com:3128/squid-internal-mgr/info Yes, that is because proxy,com does not belong to you - it points to someon

Re: [squid-users] Caching Vimeo Videos

On Friday 30 November 2018 at 10:05:49, Raju M K wrote: > Need help on how to cache Vimeo videos under squid proxy. Need info on what you tried already and how you identified it didn't work. Antony. -- Ramdisk is not an installation procedure.

Re: [squid-users] Fwd: ERROR: http_port or ACL larger than 65536 (short type)

On Friday 30 November 2018 at 19:07:58, kalice caprice wrote: > Hello, > > Inside my squid.conf I'm setting up ACL like this: > > http_port 0.0.0.0:20740 name=20740 So, you're using the name to represent the port number... > acl ip10740 myportname 20740 > > and then > > tcp_outgoing_address

Re: [squid-users] Advice - Squid Proxy

On Wednesday 19 December 2018 at 13:22:57, Squid users wrote: > The attached configuration is currently in use on my computer. It isn't a network diagram; I'm not quite sure what to describe it as, but I don't even see where Squid is on there. > My aim is to use my laptop while I'm out and abou

Re: [squid-users] Advice - Squid Proxy

On Wednesday 19 December 2018 at 16:04:36, Squid users wrote: > Hi, > > Re network diagram - Mish Mash / blended / spaghetti I think :p > > Squid is installed on the Ubuntu virtual machine. Sorry forgot to draw that > on. So, Squid is installed on an Ubuntu VM, which runs on your laptop? > Th

Re: [squid-users] SSL / TLS

On Thursday 20 December 2018 at 11:06:58, Squid users wrote: > Slightly off topic but am I correct in thinking TLS supersedes SSL? Short answer: yes. Long answer: https://en.wikipedia.org/wiki/Transport_Layer_Security Antony. -- #define SIX 1+5 #define NINE 8+1 int main() { printf("%d\n

Re: [squid-users] Sslbump with multiple users and multiple ACLs for each

On Thursday 03 January 2019 at 16:45:05, Benjamin E. Nichols wrote: > Why are you asking support questions about a commercial product, on the > squid proxy email users list? Maybe because s/he's only just been introduced to ufdbguard by an asnwer from someone else on this list, and therefore doe

Re: [squid-users] can't access https://www.finanzamt.bayern.de/ with sslbump (other sites works well)

On Tuesday 08 January 2019 at 17:52:23, Dieter Bloms wrote: > Hello, > > I've compiled squid 4.5 with openssl1.1 as shipped with debian9. > Sslbump works fine for all sides, but I can't access only one site > https://www.finanzamt.bayern.de/ Given who that is, I would not be at all surprised if

Re: [squid-users] Squid - SSL-tunnel-error in Google Chrome

On Thursday 31 January 2019 at 18:13:38, Sébastien Genesta wrote: > Hi, > > We are encountering strange behaviour using squid proxy has a > non-transparent proxy. > > We're randomly encountering "ERR_TUNNEL_CONNECTION_FAILED". > > When this error occurs, just wait 1 minutes and the site we trie

Re: [squid-users] Proxing only special file types

On Wednesday 06 February 2019 at 10:48:19, alexmaystat wrote: > Hello. I have squid proxy server. Version? Operating system? > Configured SSL inspection How? Give us some details. > and add your JS code. What? > Is it possible to inspect and add JS code only to files of a specific file > t

Re: [squid-users] Proxing only special file types

On Wednesday 06 February 2019 at 11:21:57, alexmaystat wrote: > Squid version - 3.5 > Operation system - CentOS > SSL inspection - use SSL_Bump + ECAP for content modification. > I mean add my own JS code. > > I need user ECAP with modification to parse what file type and after that, > if javascr

Re: [squid-users] Squid 4.6 Transparent HTTP & HTTPS Proxy

On Thursday 07 March 2019 at 13:17:18, dkanejs wrote: > I'm trying to create a transparent (requires no client configuration) Squid > proxy for HTTP and HTTPS. > > In short, I want to whitelist specific domains on both HTTP and HTTPS. > Details > > - Building / Running in AWS > - Ubuntu 18.04 >

Re: [squid-users] How to extract decrypted traffic for further analysis using Snort?

On Monday 11 March 2019 at 20:53:13, Felipe Arturo Polanco wrote: > Hi, > > I'm trying to find a way to get the HTTP traffic analysed after being > decrypted, by using Snort. > > Does someone know how to do this? I can redirect IP traffic with regular > HTTP into Snort but I haven't found a way

Re: [squid-users] youtube restriction.

On Friday 05 April 2019 at 15:06:00, Wegner Michaël wrote: > Hi, > > I install squid + squidguard, and I can't play youtube video. > For example : https://m.youtube.com/watch?v=Hmj3LToi4W8 ; > https://m.youtube.com/watch?v=jbBUQ-uvlRU > > Error : video not available access to this video is limit

Re: [squid-users] youtube restriction.

Squid configuration which is causing the problem. > With a old version of squid (2.6) there are no problems There are a *lot* of differences between Squid 2.6 and 3.5, especially for HTTPS. You *have* made suitable adjustments to the configuration file, I hope? Antony. > Date: Fri, 5 Ap

Re: [squid-users] Squid proxy in Azure

On Monday 20 May 2019 at 09:43:56, Peter Spencer wrote: > Good morning > > Was hoping you could please advise.. we are looking to put a squid proxy in > Azure. Reason being, we have two sites with network resilience. At the > moment, we have one squid proxy on one of our local site DCs, and would

Re: [squid-users] Squid auth helpers aren't installing

On Thursday 23 May 2019 at 09:37:44, amlgp wrote: > Hi, I am using Centos 6 and for some reason the Squid helpers aren't > installing. I go to /usr/lib64 after installing squid and there is no auth > helpers in there at all. I am on a 64bit computer and I have checked > /usr/lib and they both don'

Re: [squid-users] Useragent request/reply headers with squid .

On Saturday 15 June 2019 at 10:57:44, --Ahmad-- wrote: > Hello Folks , > > im trying to disable user agent info to be leaked out of squid Just out of interest, why? > using : > > request_header_access User-Agent deny all > reply _header_access User-Agent deny all > > squid very 3.5.x I'm not

Re: [squid-users] Useragent request/reply headers with squid .

On Saturday 15 June 2019 at 11:37:29, --Ahmad-- wrote: > Guys im just trying to understand HTTP protocol and squid as GW for > internet . Hm, "understand" or "break" :) ? > i just want to know how can squid deal with headers . You *have* read the warning / advice at http://www.squid-cache.org/D

Re: [squid-users] Squid + OpenSSL w/FIPS

On Tuesday 02 July 2019 at 23:05:27, Cody Cushing wrote: > Hello, I would like to use Squid as a forward proxy to ensure traffic > leaving my VM is using a TLS connection negotiated through a client using > FIPS certified encryption. I have OpenSSL w/FIPS configured on my VM, and > Squid properly

Re: [squid-users] squid.config

On Tuesday 13 August 2019 at 21:18:51, Sérgio Vieira wrote: > Hello, > Regarding squid config file, on MacOS, I can’t add the following parameter: > strip_query_terms off > > I can access the file and edit it, but after restart the file removes the > added line... > > I have the config file at /

Re: [squid-users] SQUID proxy to access web application from another subnet

On Friday 23 August 2019 at 00:21:48, jagadeesh am wrote: > Hello, > > I have one query. Could you please suggest me what to do. Read the documentation :) > I have a requirement to access a web application running on Server 1 which > is connected to Private network 192.168.2.2 network , from Cl

Re: [squid-users] squid email using curl/smtp using squid

On Sunday 08 September 2019 at 17:35:24, --Ahmad-- wrote: > ? It might be that: a) we don't quite understand what you have done: "i enabled port port in squid for mailing in squid ssl ports 587" is not easy to understand or b) Squid is not designed to be an email proxy, so why are you try to

Re: [squid-users] Multiple LDAP authentication server for Squid

On Monday 16 September 2019 at 12:17:12, Antonino Sanacori wrote: > Thanks Amos but I have a 3.x version. Try http://www.squid-cache.org/Versions/v3/3.5/manuals/basic_ldap_auth.html then. Antony. > On 13/09/2019 11:17, Amos Jeffries wrote: > > On 12/09/19 10:41 pm, Antonino Sanacori wrote: > >

Re: [squid-users] Unsuccessful at using Squid v4 with intercept

On Wednesday 30 October 2019 at 17:11:29, FOUTREL Sébastien wrote: > Hello, I would like to use squid as a transparent proxy for my users. > "Clients" are behind a Debian "Router" which MASQUERADE them (as they use > RFC 1918 ips). > > I have a Squid 4.6 from Debian Buster packages installed on

Re: [squid-users] After enabling IPv6 squid no longer responds

On Thursday 14 November 2019 at 19:50:00, James Moe wrote: > On 13/11/2019 12.36 pm, James Moe wrote: > > After adding v6 addresses to the server and hosts, and enabling an RA, > > squid no longer delivers anything from its cache, or is exceedingly slow > > about it. > > Here is a typical

Re: [squid-users] debug headers between squid --> website

On Monday 02 December 2019 at 18:34:31, Ahmad Alzaeem wrote: > Hello Tem , > > How can i debug Headers that is between squid——> website request made Run a packet sniffer (tcpdump, wireshark, tshark...) on the Squid server, looking at the external interface (ie: the one pointing to the website/s

Re: [squid-users] debug headers between squid --> website

packet sniffer capture what happened. After it's all over, you then have a packet capture which you can analyse (eg: using wireshark) to find out what Squid sent to the server/s, and what came back again. Antony. > > On Dec 2, 2019, at 8:58 PM, Antony Stone > > wrote: >

Re: [squid-users] About intercept https

On Tuesday 25 February 2020 at 20:49:25, Yurii wrote: > Hi to all. I need help. > The task is to configure squid in intercept mode to proxy http/https > traffic. I cannot view any of the pastebin links you provide below. Please just cut and paste the information into an email reply, so we can re

Re: [squid-users] Allowing a port only to certain IP/host

On Monday 09 March 2020 at 15:43:14, Service MV wrote: > Hello everyone, I need to enable port 22 in squid but only to a certain > server (host.domain.com) in particular, so that the rest of the world > cannot be accessed via SSH. Squid does not support SSH. > I would like to know this is the ri

Re: [squid-users] Squid transparent not caching apt requests from deb.debian.org

On Friday 03 April 2020 at 22:26:13, zrm wrote: > Greetings! Today I bring you a Squid cache mystery. > In the first case we get TCP_MISS every time because it isn't caching > the data, in the second case it's only the first time and after that we > get TCP_REFRESH_UNMODIFIED. But how and why is

Re: [squid-users] Setting up proxy with private to public

On Monday 13 April 2020 at 21:19:04, Chris Bidwell - NOAA Federal wrote: > Hi all, > > Very new to squid and am looking to setup several internal subnets to > access external network (internet) through squid on a separate interface. What are you trying to achieve by using Squid? What is your ob

Re: [squid-users] Setting up proxy with private to public

On Monday 13 April 2020 at 23:46:46, Chris Bidwell - NOAA Federal wrote: > Sure. So we have a few internal networks that aren't meant to have direct > internet access without access through a proxy so that it can be better > regulated and monitored. Okay, that's a useful starting point. > We've

Re: [squid-users] Setting up proxy with private to public

On Tuesday 14 April 2020 at 16:03:19, Chris Bidwell - NOAA Federal wrote: > Okay, so I think I'm starting to get somewhere but the connection isn't > completing. I can see the connection come through my firewall, but the > handshake doesn't appear to be happening. Tell us more about your network

Re: [squid-users] Setting up proxy with private to public

Sorry, replying to the list this time - for some reason my previous reply went to your private address. On Wednesday 15 April 2020 at 15:08:36, Chris Bidwell - NOAA Federal wrote: > So after looking further. It looks like when I'm trying to wget from my > squid server, which has the two nics (

Re: [squid-users] Confirmation page not working

On Friday 17 April 2020 at 15:32:38, TarotApprentice wrote: > Trying to visit the confirmation page at > http://lists.squid-cache.org/confirm/squid-users/ but it doesn’t seem to > be responding. I’ve tried over a couple of days. When you say "not responding", do you mean you get no page content s

Re: [squid-users] [squid-announce] [ADVISORY] SQUID-2019:4 Multiple Issues in HTTP Request processing

On Sunday 19 April 2020 at 11:47:41, Dmitry Melekhov wrote: > 19.04.2020 12:37, Amos Jeffries пишет: > > On 19/04/20 8:22 pm, Dmitry Melekhov wrote: > > > > > 4.10 does not contain fix :-) > > > > Which fix are you talking about? > > > > The bug this advisory is talking about definitely is fixed

Re: [squid-users] setup FTP proxy and FTP content monitoring

On Tuesday 21 April 2020 at 17:26:05, Dawood Aijaz wrote: > Hi, > I am currently working on a task to monitor FTP traffic and analyze it. > So can somebody help me to set up FTP proxy for squid and to analyze FTP > data Squid supports FTP natively. You don't need to configure anything special p

Re: [squid-users] setup FTP proxy and FTP content monitoring (Antony Stone)

On Wednesday 22 April 2020 at 15:48:57, Dawood Aijaz wrote: > "a*ll I want from squid proxy is to intercept FTP and expose all the FTP > data "* I think you're looking at the wrong tool for a job like this. When you say "intercept" it sounds like you want something which will act in between an

Re: [squid-users] Configure A Native FTP proxy on Squid

On Saturday 25 April 2020 at 19:27:51, Dawood Aijaz wrote: > Hi, > > Currently, I am developing a Data Loss Prevention Tool. One of the > requirements is to monitor FTP traffic. So can someone help me set up an > FTP native proxy is squid and how will I be able to monitor FTP traffic Why do you

Re: [squid-users] Configure A Native FTP proxy on Squid

On Sunday 26 April 2020 at 08:42:11, Amos Jeffries wrote: > On 26/04/20 8:26 am, Antony Stone wrote: > > On Saturday 25 April 2020 at 19:27:51, Dawood Aijaz wrote: > >> > >> Currently, I am developing a Data Loss Prevention Tool. One of the > >> requiremen

Re: [squid-users] Squid - Can't visit (government site and Banking Site) - Please help

On Sunday 26 April 2020 at 15:14:40, russel0901 wrote: > Hi, upon checking I am using squid version 3.1 on CentOS 6.10 Wow, that's impressive (in a way). Squid 3.1 was released ten years ago (29 March 2010). On Wednesday 15 August 2012 at 13:29:07, Amos Jeffries wrote: > The Squid HTTP Proxy t

Re: [squid-users] Using a Baltimore root certificate in transparent ssl proxying

On Monday 27 April 2020 at 23:44:41, Lei Wen wrote: > The issue we are having right now is the certificate installed on the > container is a self signed cert, we were trying to migrate this cert to a > real trusted CA cert, or a Baltimore root cert. That will not work for an intercepting ("transp

Re: [squid-users] Let Squid use SSL certificate for a parent cache peer

On Tuesday 05 May 2020 at 11:48:12, mariolatif741 wrote: > Since you said "If the client is participating in the TLS handshake it > *always* requires the CA to be installed.", then I guess what I want to do > is not possible. > > Can I make Squid send the requests received from the client to the

Re: [squid-users] Let Squid use SSL certificate for a parent cache peer

On Tuesday 05 May 2020 at 12:21:19, mariolatif741 wrote: > The purpose of proxy A is that its the proxy that will be given to my > clients. The purpose of all what I am doing is to let my clients use proxy > B indirectly through proxy A (so they can use proxy B without installing > the CA certific

Re: [squid-users] SQUID PROBLEM WITH SITES THAT HAVE MORE THAN ONE IP ADDRESSES

On Monday 11 May 2020 at 11:53:15, leomessi...@yahoo.com wrote: > Hi againthank you for your reply. > sorry but I didn't yell only asked for help! Writing in all capital letters (see your Subject line, for example) in online communications is generally interpreted as shouting. Regards, Anton

Re: [squid-users] Switch cache peer Parent server for every 30 minutes

On Wednesday 10 June 2020 at 18:11:03, Prem Chand wrote: > Hi Alex, > > Thanks for responding to my issue . I didn't get how the math was done(why > it's multiplied by 2) to get 16 slots if possible could you please elaborate > with an example. I believe what Alex meant was: You want 30 minute

Re: [squid-users] Server monitoring

On Wednesday 10 June 2020 at 21:08:35, Ronan Lucio wrote: > Hi guys, > > How do you suggest to monitor service availability? > A know that some people use to monitor a few URLs through the proxy, > but, I'd like to know if there is any way to remotly monitor squid service. Do you mean "is it run

Re: [squid-users] remove all squid pages & errors pages footprints

On Sunday 20 Nov 2016 at 11:22, --Ahmad-- wrote: > i want to protect squid from being scanned and flagged as open proxy So, make sure it isn't an open proxy - restrict who has access, either by IP address or by authentication. If you *do* have an open proxy on the Internet, it doesn't matter wh

Re: [squid-users] TCP_DENIED/403 on raspberrypi

On Friday 02 December 2016 at 21:30:57, domshyra wrote: > So I have changed the file to a sample conf file. Here is what it looks > like now http_access allow all Looks to me to be your biggest problem. Standard security practice is "allow what you specifically know you want to allow,

Re: [squid-users] Looking for additional information about securing squid

On Tuesday 13 December 2016 at 23:44:12, Steve Becker wrote: > Hi all, Hi. > My background's in networking, I'm very new to unix/linux and server > administration, I don't know a whole lot about security beyond ACLs and > setting up crypto for VPNs. > > I'm setting up a box at home with CentOS a

Re: [squid-users] unknown source IP in access.log

On Wednesday 14 December 2016 at 16:16:17, Sameh Onaissi wrote: > Looking at access.log, to find the Skype IPs, I noticed a LOT of unknown > source IPs. All those IPs seem to be originated from China. In my config > file I deny all but local net IPs 10.0.0.0/24. I suggest you show us your squid.c

Re: [squid-users] unknown source IP in access.log

uot;find / -name squid.conf" on your machine. > Dovecot used its default ports: > 110: pop > 143: imap > 995: pop3s > 993: maps > > Postfix SMTP 587 Okay, so nothing to do with Squid, then. I just wondered whether it might have a web interface. Regards, Antony. &

Re: [squid-users] Crash: every 1-2 hour: kernel: Out of memory: Kill process (squid)

On Monday 19 December 2016 at 12:34:19, n...@forceline.net wrote: > Anybody can help? > Maby I need to change mailing list? Did you try the suggestions already made? http://lists.squid-cache.org/pipermail/squid-users/2016-December/013777.html http://lists.squid-cache.org/pipermail/squid-users/20

Re: [squid-users] squidcliente stopped working!

On Monday 19 December 2016 at 17:44:11, Sameh Onaissi wrote: > Hello, > > I was using squid client to get cache stats, however this morning it > completely stopped working. > http://mydomainname.com/squid/access_denied.jpg"; > alt="Acceso Denegado" style="width:704px;height:428px;"> > the html

Re: [squid-users] squidcliente stopped working!

On Tuesday 20 December 2016 at 16:59:11, Eliezer Croitoru wrote: > The issue is with acls and probably squidguard. > You should add to the configuration something like: > http_access allow localhost manager Er, that line is already in his squid.conf > and also another line that will deny localho

Re: [squid-users] Bypassed Proxy

On Thursday 22 December 2016 at 22:50:33, Sameh Onaissi wrote: > The user has hotspot shield installed on his PC, which I believe is a > similar extension to the one you mentioned. > He is getting by squid with some sort of VPN, I thought squid can be > configured against such things? It sounds

Re: [squid-users] How to bypass Squid proxy in intercept mode using acl/always_direct

On Monday 26 December 2016 at 20:07:03, mabi wrote: > Hello, > > I am using Squid 3.5.20 in intercept mode for HTTP and HTTPS traffic with > my OpenBSD 6.0 firewall. For some internal servers located on two > different subdomains I would like to access these directly and as such > bypass the Squi

Re: [squid-users] ACL and outgoing IP

On Tuesday 27 December 2016 at 17:03:52, qdmetro wrote: > I have a squid connected behind a firewall. On the firewall, only the Ip of > the squid (192.168.1.1) is allowed to go on Internet. > > Usually, when a user authenticate itself on the proxy, all the requests use > the outgoing IP of the sq

Re: [squid-users] Intercept mode failing

On Tuesday 03 January 2017 at 10:17:54, Hoggins! wrote: > Hello list, > > I'm trying to do a simple intercept with Squid. Here is my setup : > > I have a LAN with machines on 192.168.22.0/24. Their gateway is > 192.168.22.10. On this machine, I have set the following iptables rule : > > ipt

Re: [squid-users] Intercept mode failing

On Tuesday 03 January 2017 at 11:13:33, Hoggins! wrote: > Okay, I get that. > > Le 03/01/2017 à 10:33, Antony Stone a écrit : > > No - you must do the NAT (or REDIRECT) rule *on the Squid server*. > > Well, my Squid server is not on the same network as my clients, so I

Re: [squid-users] keep source ip when user connect over squid using ip:port

On Saturday 07 January 2017 at 19:23:47, --Ahmad-- wrote: > hey mate i total understand Tporxy with CISCO /wccp > > but I’m asking here other way like connecting ip:port and keep squid using > my original ip as source So, where do you expect the reply packets from the remote web server to end

Re: [squid-users] squid http speed/ ms

On Tuesday 10 January 2017 at 10:20:04, --Ahmad-- wrote: > hi folks > i want to ask . > when i do ping imp from my squid server itself to website like aaa.com > lets say i have ping over 10ms but when i configured my > server as squid and visit aaa.com from sq

Re: [squid-users] Customize squid to make it understand malformed requests

On Monday 16 January 2017 at 09:03:52, Oğuz İsmail Uysal wrote: > For a private reason, I want to customize squid version 3.5.12 the way I > stated above. For example I have customized it already to make it > understand \r\n /\r\n instead of \r\n\r\n as request's end > now I want it to remove the

Re: [squid-users] SSL Bump

On Friday 20 January 2017 at 17:12:04, Mustafa Mohammad wrote: > What are the steps to setup SSL Bump? Don't. Use peek and splice instead. See http://wiki.squid-cache.org/Features/SslBump for info, then http://wiki.squid-cache.org/Features/SslPeekAndSplice for guidance. Antony. -- If at fi

Re: [squid-users] Native FTP relay: connection closes (?) after 'cannot assign requested address' error

On Thursday 26 January 2017 at 17:41:21, Alexander wrote: > It seems that I have solved the issue by using nf_conntrack_ftp and > redirecting "NEW,RELATED" traffic to squid: Excellent news. > ftp_port 2121 intercept > > modprobe nf_conntrack_ftp ports=2121 > > iptables -t nat -A PREROUTING -p

Re: [squid-users] squid on it's own server

On Friday 27 January 2017 at 05:17:28, John Pearson wrote: > hi all, my current setup: laptop(10.0.1.10) and squid-box(10.0.1.11) and > debian router(10.0.1.1). > > I am doing wget on laptop > > wget squid-cache.org > > I am redirecting packets on the router to squid-box by changing the > desti

<    1   2   3   4   5   6   >