[squid-users] Transparent Squid Proxy Server

Klavs Klavsen kl at vsen.dk
Tue Jun 2 14:44:07 UTC 2015


Amos Jeffries wrote on 06/02/2015 04:34 PM:
> On 3/06/2015 1:20 a.m., Klavs Klavsen wrote:
>> I have this in my squid server for it to work:
>
> The key words there are ... *in my Squid server*
>
indeed :)

>
> NOTE to Klavs:
>    loading the "multiport" kernel module seems overkill for a single-port
> match.
>
it's puppets firewall module.. haven't had enough time to fix that module :)

>
> FYI: DONT_VERIFY_PEER, "always_direct allow all", and
> "slproxy_cert_error allow all" have not been good ideas since 3.2.
> dont-verify actually inhibits the Mimic functions which give
> server-first bumping most of its usefulness.
>
Thank you for those tips.

-- 
Regards,
Klavs Klavsen, GSEC - kl at vsen.dk - http://www.vsen.dk - Tlf. 61281200

"Those who do not understand Unix are condemned to reinvent it, poorly."
   --Henry Spencer



More information about the squid-users mailing list