Hi Thanks for the config, but maybe i am doing something wrong, here is my config
``` workers 2 # Leave coredumps in the first cache dir coredump_dir /var/spool/squid http_port 3128 ssl-bump dynamic_cert_mem_cache_size=16MB generate-host-certificates=on cert=/etc/squid/certs/squid-ca-cert-key.pem sslcrtd_program /usr/lib64/squid/security_file_certgen -s /var/spool/squid/ssl -M 16MB tls_outgoing_options options=NO_SSLv3,SINGLE_DH_USE dns_nameservers 10.5.1.2 8.8.8.8 visible_hostname can-proxy-1 forwarded_for delete via off host_verify_strict off dns_v4_first on client_dst_passthru on read_ahead_gap 64 MB shutdown_lifetime 10 seconds # Send to file access_log daemon:/var/log/squid/access.log acl CONNECT method CONNECT acl CONNECT method CONNECT acl local src 10.0.0.0/8 always_direct allow all request_header_add X-GoogApps-Allowed-Domains "belofx.com" all memory_replacement_policy heap GDSF maximum_object_size 100 KB maximum_object_size 1 MB cache allow all cache_mem 256 MB cache_dir rock /var/spool/squid 1024 memory_pools off cache_swap_low 90 client_persistent_connections off http_access allow localhost manager http_access deny manager # SquidGaurd url_rewrite_program /usr/bin/squidGuard acl fetched_certificate transaction_initiator certificate-fetching acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 acl tls_s1_connect at_step SslBump1 acl tls_s2_client_hello at_step SslBump2 acl tls_s3_server_hello at_step SslBump3 http_access allow fetched_certificate acl bump_note note bump 1 acl splice_note note splice 1 acl dst_quixel url_regex epicgames.com http_access allow local dst_quixel ssl_bump splice dst_shotgrid dst_misc_urls_pac dst_keybase dst_quixel dst_adobe_cc dst_maxon dst_msupdates maxon_ip ssl_bump bump dst_quixel ssl_bump peek dst_quixel ssl_bump stare dst_quixel strip_query_terms off always_direct allow all sslproxy_cert_error allow all sslproxy_flags DONT_VERIFY_PEER # Block everythng else http_access deny all ``` Thanks On Thu, 4 Aug 2022 at 22:58, <ngtech1...@gmail.com> wrote: > Please don’t bang your head… everybody is here for you. > > Sometimes it takes time to respond but you will get your answers. > > > > > https://www.ngtech.co.il/squid/support-save/support-save-2022-08-05_00-51-47.tar.gz > > > > Is not the fastest connection and it has a blacklist in the DB dump so for > now it’s a production system but works good enough for me. > > I hope it’s not too much information in the support save file. > > > > Let me know if it makes more sense for you. > > Also I am happy that you have asked this question since now others can > enjoy from the answer 😊 > > > > Eliezer > > > > ---- > > Eliezer Croitoru > > NgTech, Tech Support > > Mobile: +972-5-28704261 > > Email: ngtech1...@gmail.com > > Web: https://ngtech.co.il/ > > My-Tube: https://tube.ngtech.co.il/ > > > > *From:* Adam Barnett <abarn...@belofx.com> > *Sent:* Friday, 5 August 2022 0:44 > *To:* ngtech1...@gmail.com > *Cc:* squid-users@lists.squid-cache.org > *Subject:* Re: [squid-users] Squid and Epic Games HCapctca > > > > Sure, the more the beter, ive been banging my head against the wall for a > while on this > > > > Adam > > > > On Thu, 4 Aug 2022 at 22:41, <ngtech1...@gmail.com> wrote: > > You are welcome. > > > > I wrote an app that does everything for me so I just need to dump the > database into a: > > ssl::server_name directive > > > > it’s basically: > > ## START > > acl NoBump_server_name ssl::server_name "/etc/squid/no-ssl-bump-server- > name.list" > > > > acl tls_to_splice any-of inspect_only NoBump_src NoBump_server_name > NoBump_server_regex_by_urls_domain NoBump_server_regex > > > > ssl_bump peek app_matcher_helper > > ssl_bump peek tls_s1_connect > > > > ssl_bump bump app_matcher_helper > > ssl_bump bump app_reader_helper > > ssl_bump bump deny_note > > > > ssl_bump splice app_matcher_helper > > ssl_bump splice tls_to_splice > > > > ssl_bump stare app_matcher_helper > > ssl_bump stare tls_s2_client_hello > > > > ssl_bump bump app_matcher_helper > > ssl_bump bump tls_to_bump > > ## END > > > > If you want I can upload a snippet of the whole setup dump with hope you > could make use of it. > > > > Eliezer > > > > ---- > > Eliezer Croitoru > > NgTech, Tech Support > > Mobile: +972-5-28704261 > > Email: ngtech1...@gmail.com > > Web: https://ngtech.co.il/ > > My-Tube: https://tube.ngtech.co.il/ > > > > *From:* Adam Barnett <abarn...@belofx.com> > *Sent:* Friday, 5 August 2022 0:26 > *To:* ngtech1...@gmail.com > *Cc:* squid-users@lists.squid-cache.org > *Subject:* Re: [squid-users] Squid and Epic Games HCapctca > > > > תודה רבה > It looks like you are using a database and then building the config from > that? any cahnce you can send me the snippet of the config instead of the > DB bits? ? > > > > Thanks again > > > > Adam > > > > On Thu, 4 Aug 2022 at 22:18, <ngtech1...@gmail.com> wrote: > > Hey Adam, > > > > I recorded a video for you on how I do it at: > > https://cloud1.ngtech.co.il/static/squid-data/splice-epic-games.mp4 > > > > So basically the relevant domains are: > > > > epicgames-download1.akamaized.net > > .epicgames.com > > .unrealengine.com > > > > And you can peek at robert k Wild mail: “regex for normal websites” > > > > And it contains the relevant technical details. > > If for any reason you need a more detailed answer let me know. > > > > Yours, > > Eliezer > > > > ---- > > Eliezer Croitoru > > NgTech, Tech Support > > Mobile: +972-5-28704261 > > Email: ngtech1...@gmail.com > > Web: https://ngtech.co.il/ > > My-Tube: https://tube.ngtech.co.il/ > > > > *From:* squid-users <squid-users-boun...@lists.squid-cache.org> *On > Behalf Of *Adam Barnett > *Sent:* Thursday, 4 August 2022 14:28 > *To:* squid-users@lists.squid-cache.org > *Subject:* [squid-users] Squid and Epic Games HCapctca > > > > Hi All, > > > > I am trying to get squid to allow me to login to Epicgames.com with my > epic login, i get to the login page and get the hcaptca images and > everytime i get "invalid response" > > > > i looked at the headers and the only error that i can see is "The > cache information is missing from the entry" > > > > My config looks like so > > workers 2 > > ``` > # Leave coredumps in the first cache dir > coredump_dir /var/spool/squid > > http_port 3128 ssl-bump dynamic_cert_mem_cache_size=16MB > generate-host-certificates=on cert=/etc/squid/certs/squid-ca-cert-key.pem > > sslcrtd_program /usr/lib64/squid/security_file_certgen -s > /var/spool/squid/ssl -M 16MB > dns_nameservers 10.5.1.2 8.8.8.8 > visible_hostname foo-proxy-1 > forwarded_for truncate > via off > > # Send to file > access_log daemon:/var/log/squid/access.log > > > > acl CONNECT method CONNECT > acl local src 10.0.0.0/8 > always_direct allow all > request_header_add X-GoogApps-Allowed-Domains "foo.com" all > > memory_replacement_policy heap GDSF > maximum_object_size 100 KB > maximum_object_size 1 MB > > cache allow all > cache_mem 256 MB > cache_dir rock /var/spool/squid 1024 > memory_pools off > cache_swap_low 90 > client_persistent_connections on > > > http_access allow localhost manager > http_access deny manager > > # SquidGaurd > url_rewrite_program /usr/bin/squidGuard > ``` > > Any suggestions? > > > > Thanks > > Adam Barnett > Senior SysAdmin beloFX > > > > abarn...@belofx.com > <https://514584150-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__> > > > > www.belofx.com > > > > LinkedIn <http://www.linkedin.com/company/belofx> > > > >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
