[squid-users] Squid and Epic Games HCapctca

Fri Aug 5 09:10:42 UTC 2022

Hi

Thanks for the config, but maybe i am doing something wrong, here is my
config

```
workers 2

# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid

http_port 3128 ssl-bump dynamic_cert_mem_cache_size=16MB
 generate-host-certificates=on cert=/etc/squid/certs/squid-ca-cert-key.pem
sslcrtd_program /usr/lib64/squid/security_file_certgen -s
/var/spool/squid/ssl -M 16MB
tls_outgoing_options options=NO_SSLv3,SINGLE_DH_USE
dns_nameservers 10.5.1.2 8.8.8.8
visible_hostname can-proxy-1
forwarded_for delete
via off
host_verify_strict off
dns_v4_first on
client_dst_passthru on
read_ahead_gap 64 MB
shutdown_lifetime 10 seconds

# Send to file
access_log daemon:/var/log/squid/access.log

acl CONNECT method CONNECT

acl CONNECT method CONNECT
acl local src 10.0.0.0/8
always_direct allow all
request_header_add X-GoogApps-Allowed-Domains "belofx.com" all

memory_replacement_policy heap GDSF
maximum_object_size 100 KB
maximum_object_size 1 MB

cache allow all
cache_mem 256 MB
cache_dir rock /var/spool/squid 1024
memory_pools off
cache_swap_low 90
client_persistent_connections off

http_access allow localhost manager
http_access deny manager

# SquidGaurd
url_rewrite_program /usr/bin/squidGuard

acl fetched_certificate transaction_initiator certificate-fetching

acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3

acl tls_s1_connect at_step SslBump1
acl tls_s2_client_hello at_step SslBump2
acl tls_s3_server_hello at_step SslBump3

http_access allow fetched_certificate
acl bump_note note bump 1
acl splice_note note splice 1

acl dst_quixel url_regex epicgames.com
http_access allow local dst_quixel

ssl_bump splice dst_shotgrid dst_misc_urls_pac dst_keybase dst_quixel
dst_adobe_cc dst_maxon dst_msupdates maxon_ip
ssl_bump bump dst_quixel
ssl_bump peek dst_quixel
ssl_bump stare dst_quixel
strip_query_terms off

always_direct allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER

# Block everythng else
http_access deny all
```
Thanks

On Thu, 4 Aug 2022 at 22:58, <ngtech1ltd at gmail.com> wrote:

> Please don’t bang your head… everybody is here for you.
>
> Sometimes it takes time to respond but you will get your answers.
>
>
>
>
> https://www.ngtech.co.il/squid/support-save/support-save-2022-08-05_00-51-47.tar.gz
>
>
>
> Is not the fastest connection and it has a blacklist in the DB dump so for
> now it’s a production system but works good enough for me.
>
> I hope it’s not too much information in the support save file.
>
>
>
> Let me know if it makes more sense for you.
>
> Also I am happy that you have asked this question since now others can
> enjoy from the answer 😊
>
>
>
> Eliezer
>
>
>
> ----
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* Adam Barnett <abarnett at belofx.com>
> *Sent:* Friday, 5 August 2022 0:44
> *To:* ngtech1ltd at gmail.com
> *Cc:* squid-users at lists.squid-cache.org
> *Subject:* Re: [squid-users] Squid and Epic Games HCapctca
>
>
>
> Sure, the more the beter, ive been banging my head against the wall for a
> while on this
>
>
>
> Adam
>
>
>
> On Thu, 4 Aug 2022 at 22:41, <ngtech1ltd at gmail.com> wrote:
>
> You are welcome.
>
>
>
> I wrote an app that does everything for me so I just need to dump the
> database into a:
>
> ssl::server_name directive
>
>
>
> it’s basically:
>
> ## START
>
> acl NoBump_server_name ssl::server_name "/etc/squid/no-ssl-bump-server-
> name.list"
>
>
>
> acl tls_to_splice any-of inspect_only NoBump_src NoBump_server_name
> NoBump_server_regex_by_urls_domain NoBump_server_regex
>
>
>
> ssl_bump peek app_matcher_helper
>
> ssl_bump peek tls_s1_connect
>
>
>
> ssl_bump bump app_matcher_helper
>
> ssl_bump bump app_reader_helper
>
> ssl_bump bump deny_note
>
>
>
> ssl_bump splice app_matcher_helper
>
> ssl_bump splice tls_to_splice
>
>
>
> ssl_bump stare app_matcher_helper
>
> ssl_bump stare tls_s2_client_hello
>
>
>
> ssl_bump bump app_matcher_helper
>
> ssl_bump bump tls_to_bump
>
> ## END
>
>
>
> If you want I can upload a snippet of the whole setup dump with hope you
> could make use of it.
>
>
>
> Eliezer
>
>
>
> ----
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* Adam Barnett <abarnett at belofx.com>
> *Sent:* Friday, 5 August 2022 0:26
> *To:* ngtech1ltd at gmail.com
> *Cc:* squid-users at lists.squid-cache.org
> *Subject:* Re: [squid-users] Squid and Epic Games HCapctca
>
>
>
> תודה רבה
> It looks like you are using a database and then building the config from
> that? any cahnce you can send me the snippet of the config instead of the
> DB bits? ?
>
>
>
> Thanks again
>
>
>
> Adam
>
>
>
> On Thu, 4 Aug 2022 at 22:18, <ngtech1ltd at gmail.com> wrote:
>
> Hey Adam,
>
>
>
> I recorded a video for you on how I do it at:
>
> https://cloud1.ngtech.co.il/static/squid-data/splice-epic-games.mp4
>
>
>
> So basically the relevant domains are:
>
>
>
> epicgames-download1.akamaized.net
>
> .epicgames.com
>
> .unrealengine.com
>
>
>
> And you can peek at robert k Wild mail: “regex for normal websites”
>
>
>
> And it contains the relevant technical details.
>
> If for any reason you need a more detailed answer let me know.
>
>
>
> Yours,
>
> Eliezer
>
>
>
> ----
>
> Eliezer Croitoru
>
> NgTech, Tech Support
>
> Mobile: +972-5-28704261
>
> Email: ngtech1ltd at gmail.com
>
> Web: https://ngtech.co.il/
>
> My-Tube: https://tube.ngtech.co.il/
>
>
>
> *From:* squid-users <squid-users-bounces at lists.squid-cache.org> *On
> Behalf Of *Adam Barnett
> *Sent:* Thursday, 4 August 2022 14:28
> *To:* squid-users at lists.squid-cache.org
> *Subject:* [squid-users] Squid and Epic Games HCapctca
>
>
>
> Hi All,
>
>
>
> I am trying to get squid to allow me to login to Epicgames.com with my
> epic login, i get to the login page and get the hcaptca images and
> everytime i get "invalid response"
>
>
>
> i looked at the headers and the only error that i can see is "The
> cache information is missing from the entry"
>
>
>
> My config looks like so
>
> workers 2
>
> ```
> # Leave coredumps in the first cache dir
> coredump_dir /var/spool/squid
>
> http_port 3128 ssl-bump  dynamic_cert_mem_cache_size=16MB
>  generate-host-certificates=on cert=/etc/squid/certs/squid-ca-cert-key.pem
>
> sslcrtd_program /usr/lib64/squid/security_file_certgen -s
> /var/spool/squid/ssl -M 16MB
> dns_nameservers 10.5.1.2 8.8.8.8
> visible_hostname foo-proxy-1
> forwarded_for truncate
> via off
>
> # Send to file
> access_log daemon:/var/log/squid/access.log
>
>
>
> acl CONNECT method CONNECT
> acl local src 10.0.0.0/8
> always_direct allow all
> request_header_add X-GoogApps-Allowed-Domains "foo.com" all
>
> memory_replacement_policy heap GDSF
> maximum_object_size 100 KB
> maximum_object_size 1 MB
>
> cache allow all
> cache_mem 256 MB
> cache_dir rock /var/spool/squid 1024
> memory_pools off
> cache_swap_low 90
> client_persistent_connections on
>
>
> http_access allow localhost manager
> http_access deny manager
>
> # SquidGaurd
> url_rewrite_program /usr/bin/squidGuard
> ```
>
> Any suggestions?
>
>
>
> Thanks
>
> Adam Barnett
> Senior SysAdmin beloFX
>
>
>
> abarnett at belofx.com
> <https://514584150-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__>
>
>
>
> www.belofx.com
>
>
>
> LinkedIn <http://www.linkedin.com/company/belofx>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20220805/43be5591/attachment-0001.htm>