[squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?
Yuri Voinov
yvoinov at gmail.com
Mon Sep 21 19:00:12 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The torproject.org is just an example.
This is not so important like, for example, google docs, google mail,
google drive (all web interface at minimum), archive.org.
All of this uses HSTS now and, if banned by IP by ISP (note: dns is not
spoofed), it can't be reacheable via Squid+tunneled proxy. Completely.
First CONNECT got timeout - and viola! - destination unreacheable.
22.09.15 0:13, Amos Jeffries пишет:
> On 22/09/2015 6:00 a.m., Yuri Voinov wrote:
>>
>> Can't understand, why it is not work.
>>
>> Tor Browser works ok itself.
>>
>> The similar config via Squid 3.5.7+Privoxy - don't.
>>
>> CONNECT to torproject.org:443 goes directly, whenever config changes.
>
> I suspect some detail is being removed during the relay.
>
> Which makes me wonder why it is so important to send CONNECT via privoxy
> in the first place. The HTTP headers and such on the CONNECT which
> privoxy strips away are never sent externally anyway, they stop at the
> proxy gateway which receives and enacts the CONNECT. That may be your
> Squid or privoxy itself.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWAFO8AAoJENNXIZxhPexGZXIH/R151F6zrrIpeljNIxKDRyan
Nrg/g/sqj6JUbosv6uZeP+ewQVCCes4SAR3HkdFrKMntfnrgNio8f2blv8cydPX3
6yLoh+ULc0QKMDx1clY+cVb0PQxSHRz3Tt1t3bwUY5rMBXjswR/oW2wWDq1a2ISM
zU8VZ28pPti2aHA+TwpSVEeOXrwlppvGxYG8Zpc8rMHZlKlaveVgxh0tkyDKyGid
86HuaevXsDtutet5sGRBdK2yYi90Wad+J9ujbK42sa+q1iMqoBfWPpuJ9NVPWViy
t+z7Ul8jqtf1idzSSSMdTaQO8ssjZFhVD0j35wDBNfNJjShAAGjDcOz73nZK+wc=
=O4Pv
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list