Sorry to bombard, but the plot thickens. it all works find on linux chrome ( centos 7) but windows 10/2022 server chrome you get the error
i did not think anything in squid is os specific On Thu, 11 Aug 2022 at 21:41, Adam Barnett <abarn...@belofx.com> wrote: > I have finally managed to get hold of someone from Epic Games and they > took a look over their secret logs and said that it looks like squid is > dropping/closing the connection too soon > > Any suggestions on what i can change to keep the connection open or from > dropping > > Thanks > > On Fri, 5 Aug 2022 at 15:57, Alex Rousskov < > rouss...@measurement-factory.com> wrote: > >> On 8/5/22 05:10, Adam Barnett wrote: >> > maybe i am doing something wrong, here is my config >> >> > ssl_bump splice ... >> > ssl_bump bump dst_quixel >> > ssl_bump peek dst_quixel >> > ssl_bump stare dst_quixel >> >> >> The combination of the last three ssl_bump rules does not make sense >> because Squid will never reach those peek and stare rules. The bump rule >> can be applied during any SslBump step, so Squid will not see any >> same-ACL ssl_bump directives below it -- the first matching rule (that >> can be applied during the current step) wins. >> >> I do not know what logic you are trying to express with those rules, but >> the above configuration does not express that (or any) logic well. I >> hope Eliezer can guide you towards a reasonable solution here. >> >> >> HTH, >> >> Alex. >> >> >> >> > >> > On Thu, 4 Aug 2022 at 22:58, <ngtech1...@gmail.com >> > <mailto:ngtech1...@gmail.com>> wrote: >> > >> > Please don’t bang your head… everybody is here for you.____ >> > >> > Sometimes it takes time to respond but you will get your >> answers.____ >> > >> > __ __ >> > >> > >> https://www.ngtech.co.il/squid/support-save/support-save-2022-08-05_00-51-47.tar.gz >> > < >> https://www.ngtech.co.il/squid/support-save/support-save-2022-08-05_00-51-47.tar.gz >> >____ >> > >> > __ __ >> > >> > Is not the fastest connection and it has a blacklist in the DB dump >> > so for now it’s a production system but works good enough for >> me.____ >> > >> > I hope it’s not too much information in the support save file.____ >> > >> > __ __ >> > >> > Let me know if it makes more sense for you.____ >> > >> > AlsoI am happy that you have asked this question since now others >> > can enjoy from the answer 😊____ >> > >> > __ __ >> > >> > Eliezer____ >> > >> > __ __ >> > >> > ----____ >> > >> > Eliezer Croitoru____ >> > >> > NgTech, Tech Support____ >> > >> > Mobile: +972-5-28704261____ >> > >> > Email: ngtech1...@gmail.com <mailto:ngtech1...@gmail.com>____ >> > >> > Web: https://ngtech.co.il/ <https://ngtech.co.il/>____ >> > >> > My-Tube: https://tube.ngtech.co.il/ <https://tube.ngtech.co.il/ >> >____ >> > >> > __ __ >> > >> > *From:*Adam Barnett <abarn...@belofx.com <mailto: >> abarn...@belofx.com>> >> > *Sent:* Friday, 5 August 2022 0:44 >> > *To:* ngtech1...@gmail.com <mailto:ngtech1...@gmail.com> >> > *Cc:* squid-users@lists.squid-cache.org >> > <mailto:squid-users@lists.squid-cache.org> >> > *Subject:* Re: [squid-users] Squid and Epic Games HCapctca____ >> > >> > __ __ >> > >> > Sure, the more the beter, ive been banging my head against the wall >> > for a while on this____ >> > >> > __ __ >> > >> > Adam ____ >> > >> > __ __ >> > >> > On Thu, 4 Aug 2022 at 22:41, <ngtech1...@gmail.com >> > <mailto:ngtech1...@gmail.com>> wrote:____ >> > >> > You are welcome.____ >> > >> > ____ >> > >> > I wrote an app that does everything for me so I just need to >> > dump the database into a:____ >> > >> > ssl::server_namedirective____ >> > >> > ____ >> > >> > it’s basically:____ >> > >> > ## START____ >> > >> > aclNoBump_server_name ssl::server_name >> > "/etc/squid/no-ssl-bump-server-name.list"____ >> > >> > ____ >> > >> > acltls_to_splice any-of inspect_only NoBump_src >> > NoBump_server_name NoBump_server_regex_by_urls_domain >> > NoBump_server_regex____ >> > >> > ____ >> > >> > ssl_bumppeek app_matcher_helper____ >> > >> > ssl_bumppeek tls_s1_connect____ >> > >> > ____ >> > >> > ssl_bumpbump app_matcher_helper____ >> > >> > ssl_bumpbump app_reader_helper____ >> > >> > ssl_bumpbump deny_note____ >> > >> > ____ >> > >> > ssl_bumpsplice app_matcher_helper____ >> > >> > ssl_bumpsplice tls_to_splice____ >> > >> > ____ >> > >> > ssl_bumpstare app_matcher_helper____ >> > >> > ssl_bumpstare tls_s2_client_hello____ >> > >> > ____ >> > >> > ssl_bumpbump app_matcher_helper____ >> > >> > ssl_bumpbump tls_to_bump____ >> > >> > ## END____ >> > >> > ____ >> > >> > If you want I can upload a snippet of the whole setup dump with >> > hope you could make use of it.____ >> > >> > ____ >> > >> > Eliezer____ >> > >> > ____ >> > >> > ----____ >> > >> > Eliezer Croitoru____ >> > >> > NgTech, Tech Support____ >> > >> > Mobile: +972-5-28704261____ >> > >> > Email: ngtech1...@gmail.com <mailto:ngtech1...@gmail.com>____ >> > >> > Web: https://ngtech.co.il/ <https://ngtech.co.il/>____ >> > >> > My-Tube: https://tube.ngtech.co.il/ <https://tube.ngtech.co.il/ >> >____ >> > >> > ____ >> > >> > *From:*Adam Barnett <abarn...@belofx.com >> > <mailto:abarn...@belofx.com>> >> > *Sent:* Friday, 5 August 2022 0:26 >> > *To:* ngtech1...@gmail.com <mailto:ngtech1...@gmail.com> >> > *Cc:* squid-users@lists.squid-cache.org >> > <mailto:squid-users@lists.squid-cache.org> >> > *Subject:* Re: [squid-users] Squid and Epic Games HCapctca____ >> > >> > ____ >> > >> > תודה רבה >> > It looks like you are using a database and then building the >> > config from that? any cahnce you can send me the snippet of the >> > config instead of the DB bits? ? ____ >> > >> > ____ >> > >> > Thanks again ____ >> > >> > ____ >> > >> > Adam ____ >> > >> > ____ >> > >> > On Thu, 4 Aug 2022 at 22:18, <ngtech1...@gmail.com >> > <mailto:ngtech1...@gmail.com>> wrote:____ >> > >> > Hey Adam,____ >> > >> > ____ >> > >> > I recorded a video for you on how I do it at:____ >> > >> > >> https://cloud1.ngtech.co.il/static/squid-data/splice-epic-games.mp4 >> > < >> https://cloud1.ngtech.co.il/static/squid-data/splice-epic-games.mp4>____ >> > >> > ____ >> > >> > So basically the relevant domains are:____ >> > >> > ____ >> > >> > epicgames-download1.akamaized.net >> > <http://epicgames-download1.akamaized.net>____ >> > >> > .epicgames.com <http://epicgames.com>____ >> > >> > .unrealengine.com <http://unrealengine.com>____ >> > >> > ____ >> > >> > And you can peek at robert k Wild mail: “regex for normal >> > websites”____ >> > >> > ____ >> > >> > And it contains the relevant technical details.____ >> > >> > If for any reason you need a more detailed answer let me >> > know.____ >> > >> > ____ >> > >> > Yours,____ >> > >> > Eliezer ____ >> > >> > ____ >> > >> > ----____ >> > >> > Eliezer Croitoru____ >> > >> > NgTech, Tech Support____ >> > >> > Mobile: +972-5-28704261____ >> > >> > Email: ngtech1...@gmail.com <mailto:ngtech1...@gmail.com >> >____ >> > >> > Web: https://ngtech.co.il/ <https://ngtech.co.il/>____ >> > >> > My-Tube: https://tube.ngtech.co.il/ >> > <https://tube.ngtech.co.il/>____ >> > >> > ____ >> > >> > *From:*squid-users >> > <squid-users-boun...@lists.squid-cache.org >> > <mailto:squid-users-boun...@lists.squid-cache.org>> *On >> > Behalf Of *Adam Barnett >> > *Sent:* Thursday, 4 August 2022 14:28 >> > *To:* squid-users@lists.squid-cache.org >> > <mailto:squid-users@lists.squid-cache.org> >> > *Subject:* [squid-users] Squid and Epic Games HCapctca____ >> > >> > ____ >> > >> > Hi All, ____ >> > >> > ____ >> > >> > I am trying to get squid to allow me to login to >> > Epicgames.com with my epic login, i get to the login page >> > and get the hcaptca images and everytime i get "invalid >> > response" ____ >> > >> > ____ >> > >> > i looked at the headers and the only error that i can see is >> > "The cache information is missing from the entry" ____ >> > >> > ____ >> > >> > My config looks like so >> > >> > workers 2 >> > >> > ``` >> > # Leave coredumps in the first cache dir >> > coredump_dir /var/spool/squid >> > >> > http_port 3128 ssl-bump dynamic_cert_mem_cache_size=16MB >> > generate-host-certificates=on >> > cert=/etc/squid/certs/squid-ca-cert-key.pem >> > >> > sslcrtd_program /usr/lib64/squid/security_file_certgen -s >> > /var/spool/squid/ssl -M 16MB >> > dns_nameservers 10.5.1.2 8.8.8.8 >> > visible_hostname foo-proxy-1 >> > forwarded_for truncate >> > via off >> > >> > # Send to file >> > access_log daemon:/var/log/squid/access.log >> > >> > >> > >> > acl CONNECT method CONNECT >> > acl local src 10.0.0.0/8 <http://10.0.0.0/8> >> > always_direct allow all >> > request_header_add X-GoogApps-Allowed-Domains "foo.com >> > <http://foo.com>" all >> > >> > memory_replacement_policy heap GDSF >> > maximum_object_size 100 KB >> > maximum_object_size 1 MB >> > >> > cache allow all >> > cache_mem 256 MB >> > cache_dir rock /var/spool/squid 1024 >> > memory_pools off >> > cache_swap_low 90 >> > client_persistent_connections on >> > >> > >> > http_access allow localhost manager >> > http_access deny manager >> > >> > # SquidGaurd >> > url_rewrite_program /usr/bin/squidGuard >> > ``` >> > >> > Any suggestions? ____ >> > >> > ____ >> > >> > Thanks____ >> > >> > Adam Barnett >> > Senior SysAdmin beloFX____ >> > >> > **____ >> > >> > >> > >> > ____ >> > >> > >> > >> > abarn...@belofx.com >> > < >> https://514584150-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__ >> >____ >> > >> > **____ >> > >> > >> > >> > ____ >> > >> > >> > >> > www.belofx.com <http://www.belofx.com/>____ >> > >> > **____ >> > >> > >> > >> > ____ >> > >> > >> > >> > LinkedIn <http://www.linkedin.com/company/belofx>____ >> > >> > ____ >> > >> > >> > _______________________________________________ >> > squid-users mailing list >> > squid-users@lists.squid-cache.org >> > http://lists.squid-cache.org/listinfo/squid-users >> >> _______________________________________________ >> squid-users mailing list >> squid-users@lists.squid-cache.org >> http://lists.squid-cache.org/listinfo/squid-users >> >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
