[squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?

Yuri Voinov yvoinov at gmail.com
Mon Sep 21 18:25:30 UTC 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
This is dig result:

;; ANSWER SECTION:
torproject.org.         3600    IN      A       93.95.227.222
torproject.org.         3600    IN      A       154.35.132.70
torproject.org.         3600    IN      A       86.59.30.40
torproject.org.         3600    IN      A       82.195.75.101
torproject.org.         3600    IN      A       38.229.72.16

This IP is banned. Completely. Outgoing packets are dropped by ISP.

So this is critical to forward ALL session, starting with first packet,
into Privoxy, and, then to Tor tunnel.

Otherwise session can't be established.

The problem enforces with HSTS onto torproject.org URL. Completely
HTTPS. From first GET request.

This can be solved with Tor Browser itself, but I want to find common
solution.

This is very simple. Complete HTTPS session must be forward to parent
proxy at whole. Because of only HTTP's forwarding possibility is
meaningless in HSTS-enabled world.

This is feature request, Amos. Otherwise Squid lacks some critical
functionality.

22.09.15 0:13, Amos Jeffries пишет:
> On 22/09/2015 6:00 a.m., Yuri Voinov wrote:
>>
>> Can't understand, why it is not work.
>>
>> Tor Browser works ok itself.
>>
>> The similar config via Squid 3.5.7+Privoxy - don't.
>>
>> CONNECT to torproject.org:443 goes directly, whenever config changes.
>
> I suspect some detail is being removed during the relay.
>
> Which makes me wonder why it is so important to send CONNECT via privoxy
> in the first place. The HTTP headers and such on the CONNECT which
> privoxy strips away are never sent externally anyway, they stop at the
> proxy gateway which receives and enacts the CONNECT. That may be your
> Squid or privoxy itself.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJWAEuaAAoJENNXIZxhPexGOD8H/0rzH7Xf7OyIdk7GTW0uuKpg
bLzsuh5OnLMSzuAZgxormhky5VYi3X2zoEQq71jEhbDWH4xlTvcPK9y5/GPz0L3x
z38rI5cDSX49bkPFn4yxRXRMvq+FZakbSmT9LuwW8E3phjhem7RLKOIPgRiyslxG
rYw83/qoTkVFg5P9fVhIVu9gy5GEyIoxiPCdiH3U/PWSZrlLePyJPZSWlYSqIyhH
sIx62qYi6bLZbtIcYrflR0/naco/4d8fYlwvDYmIuHuPeNZE6kINxgdgJhkhymkO
mw2klVncjeXKcewq/68Nz8Yak+8l1xPGPrGXp5aEUylRTxMa3FOb0mYwtT6iEbk=
=yDTE
-----END PGP SIGNATURE-----

More information about the squid-users mailing list