Hai,
This is what i now use for the remote ip logging.
cat /etc/apache2/conf-custom/log-remote-ip.conf
<IfModule mod_remoteip.c>
## apache 2.4: mod_remoteip is by default available
## enable a2enmod remoteip && service apache2 restart
# for remote proxy setup
RemoteIPHeader X-Forwarded-For
# for cluster setup
#RemoteIPHeader X-Real-IP
RemoteIPInternalProxy IP_PROXY_SERVER1
RemoteIPInternalProxy IP_PROXY_SERVER2
RemoteIPInternalProxy realhostname1.internal.domain.tld
RemoteIPInternalProxy realhostname2.internal.domain.tld
LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\""
combined_remoteip
## ( optional with added vhostname at the end )
#LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"
%v" combined_remoteip
</IfModule>
You dont need to change things in squid.
I did set in the vhosts.
CustomLog ${APACHE_LOG_DIR}/test-access.log combined_remoteip
So in any vhost only thing i change now is : combined to combined_remoteip
Greetz,
Louis
Van: Prasad Desai [mailto:prasad.de...@shreshtait.com]
Verzonden: vrijdag 4 maart 2016 14:00
Aan: L.P.H. van Belle
Onderwerp: Re: [squid-users] Facing issue in Internet explorer
Hi,
After so long i have emailed you, now i am facing one issue with access logs.
Some of my websites are not recording in access logs. Do you have any
suggestions.
On Tue, Feb 16, 2016 at 1:56 PM, L.P.H. van Belle <be...@bazuin.nl> wrote:
Hai,
Have you tried also with only the TLS options enabled. Enableing ssl2 and ssl3
is really a security leak.
But at least you got it working.
If you run a webserver with ssl also, just i hint, maybe you know already,
maybe not.
Goto www.ssllabs.com test you ssl of the webserver, and try to adjust you
setting to a compatible settting.
If you run an apache 2.4, you can mail me, i have a explained setup, with the
things working and not.
I did about 30 tests on ssl labs to get al these settings. ;-)
When this is done go test again with the proxy and try to exclude sslv2 and
sslv3 in the clients.
Maybe this is also a squid adjustment, but that i dont know.
Greetz,
Louis
Van: Prasad Desai [mailto:prasad.de...@shreshtait.com]
Verzonden: dinsdag 16 februari 2016 8:36
Aan: L.P.H. van Belle
Onderwerp: Re: [squid-users] Facing issue in Internet explorer
Hi,
Thanks. It worked after making the changes in IE ( Default setting was only
SSL3 and TLS 1.0 enabled ) as given in the URL.
http://i66.tinypic.com/141hy07.jpg
On Fri, Feb 12, 2016 at 8:15 PM, Prasad Desai <prasad.de...@shreshtait.com>
wrote:
Hi,
Even after in IE version 8 disabling SSL3 in advanced options and enable TLS1.0
we are getting same error.
On Fri, Feb 12, 2016 at 3:47 PM, L.P.H. van Belle <be...@bazuin.nl> wrote:
> For example, in IE version 8, getting an error given below,
You can try to disable SSL3 in advanced options and enable TLS1.0 and/or better
SSLV3 is absolete now.
Van: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] Namens
Prasad Desai
Verzonden: vrijdag 12 februari 2016 9:08
Aan: squid-users@lists.squid-cache.org
Onderwerp: [squid-users] Facing issue in Internet explorer
Hi,
I have successfully configured SSLBump Peek and Splice in my transparent proxy
and it is working as expected except in Internet explorer.
For example, in IE version 8, getting an error given below,
(71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Handshake with SSL server failed: error:1409F07F:SSL
routines:SSL3_WRITE_PENDING:bad write retry
Below is squid.conf,
visible_hostname mysite.com
httpd_suppress_version_string on
via off
forwarded_for delete
deny_info MailScanner heeft een e-mail met mogelijk een poging tot fraude
gevonden van "192.168.3.33" MailScanner warning: numerical links are often
malicious: http://192.168.3.33/error.html blockfiles
acl lan src MailScanner heeft een e-mail met mogelijk een poging tot fraude
gevonden van "192.168.4.0" MailScanner warning: numerical links are often
malicious: 192.168.4.0/24 MailScanner heeft een e-mail met mogelijk een poging
tot fraude gevonden van "192.168.6.0" MailScanner warning: numerical links are
often malicious: 192.168.6.0/24 MailScanner heeft een e-mail met mogelijk een
poging tot fraude gevonden van "192.168.3.0" MailScanner warning: numerical
links are often malicious: 192.168.3.0/24
http_access allow lan
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
strip_query_terms off
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
sslproxy_flags DONT_VERIFY_PEER DONT_VERIFY_DOMAIN
acl disable-ssl-bump ssl::server_name "/etc/squid/no-ssl-bump.acl"
acl BadSite ssl_error SQUID_X509_V_ERR_DOMAIN_MISMATCH
sslproxy_cert_error allow BadSite
acl step1 at_step SSLBump1
acl step2 at_step SSLBump2
acl step3 at_step SSLBump3
ssl_bump peek step1 all
ssl_bump splice step2 disable-ssl-bump
ssl_bump stare step2 all
ssl_bump splice step3 disable-ssl-bump
ssl_bump bump step3 all
http_port 3130
http_port 3128 intercept
https_port 3129 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=8MB cert=/etc/squid/ssl_cert/myca.pem
key=/etc/squid/ssl_cert/myca.pem
sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/lib/ssl_db -M 8MB
sslcrtd_children 8 startup=1 idle=1
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
Any inputs to resolve this error will be much appreciated.
--
Best,
Prasad Desai
Systems Engineer
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
--
Best,
Prasad Desai
--
Best,
Prasad Desai
--
Best,
Prasad Desai
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
