<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p><br>
</p>
<br>
<div class="moz-cite-prefix">28.06.2016 13:39, --Ahmad-- пишет:<br>
</div>
<blockquote
cite="mid:EB9E6998-A8D4-48D0-86B6-D53BA1953D75@netstream.ps"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
Hi ,
<div class="">i have squid that is working on 3.5 .</div>
<div class="">
<p class="MsoNormal">traffic of t 80 and 443 traffic to Squid
via IPTables.</p>
<p class="MsoNormal">Squid then passes traffic to ClamAV via
C-ICAP. Squid is configured to intercept all SSL traffic and
PKI has been setup and distributed to all clients.<o:p
class=""></o:p></p>
<p class="MsoNormal">we have a problem in Skype of Business
(Office 365) and Slack (Chat app) seems its broken from squid
intercept.</p>
<div class=""><br class="">
</div>
<div class="">i tried to do exception for ssl for the domains
that shown on the ACCess.log file when i use the APPs , but no
luck </div>
<div class=""><br class="">
</div>
<div class="">i tried to execlide the websites below :</div>
<div class=""><br class="">
</div>
<div class=""><span
data-story-id="story_f00ed05775c276de6e56bdadabf111af"
data-timestamp="1467029157819" data-text="\.skype\.com$
\.lync\.com$
\.todyl\.com$
\.fastly\.net$
\.slack-msgs\.com$
\.amazonaws\.com$
\.slack\.com$" data-userid="639184147499655168"
data-orgid="639184148136816640" style="box-sizing:
border-box; color: rgb(73, 73, 73); font-family: 'Gotham
SSm', Helvetica, Arial, sans-serif; font-size: 13px;"
class=""><a moz-do-not-send="true" href="http://skype.com"
class="">skype.com</a><br style="box-sizing: border-box;"
class="">
lync.com<br style="box-sizing: border-box;" class="">
todyl.com<br style="box-sizing: border-box;" class="">
fastly\.net<br style="box-sizing: border-box;" class="">
.slack-msgs.com<br style="box-sizing: border-box;" class="">
.amazonaws.com<br style="box-sizing: border-box;" class="">
.<a moz-do-not-send="true" href="http://slack.com" class="">slack.com</a></span><img
moz-do-not-send="true" style="box-sizing: border-box;
border: 0px; vertical-align: middle; color: rgb(73, 73, 73);
font-family: 'Gotham SSm', Helvetica, Arial, sans-serif;
font-size: 13px;" class=""></div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">#########################################################</div>
<div class="">but it still not working and the APPS (( Skype of
Business (Office 365) and Slack (Chat app))) are not working .</div>
<div class=""><br class="">
</div>
<div class="">again , here is my nobump file :</div>
<div class=""><br class="">
</div>
<div class=""><span style="color: rgb(73, 73, 73); font-family:
'Gotham SSm', Helvetica, Arial, sans-serif; font-size:
13px;" class=""><br class="">
</span></div>
<div class=""><span style="color: rgb(73, 73, 73); font-family:
'Gotham SSm', Helvetica, Arial, sans-serif; font-size:
13px;" class=""> </span><span style="font-family: 'Gotham
SSm', Helvetica, Arial, sans-serif; font-size: 13px;"
class=""><font class="" color="#ff2600">cat
/opt/etc/squid.doms.nobump</font></span></div>
<div class=""><span style="color: rgb(73, 73, 73); font-family:
'Gotham SSm', Helvetica, Arial, sans-serif; font-size:
13px;" class=""><br class="">
</span></div>
<div class=""><span
data-story-id="story_f00ed05775c276de6e56bdadabf111af"
data-timestamp="1467029157819" data-text="[root@1e46dccd2
var]# cat /opt/etc/squid.doms.nobump
\.skype\.com$
\.lync\.com$
\.todyl\.com$
\.fastly\.net$
\.slack-msgs\.com$
\.amazonaws\.com$
\.slack\.com$" data-userid="639184147499655168"
data-orgid="639184148136816640" style="box-sizing:
border-box; color: rgb(73, 73, 73); font-family: 'Gotham
SSm', Helvetica, Arial, sans-serif; font-size: 13px;"
class="">\.skype\.com$<br style="box-sizing: border-box;"
class="">
\.lync\.com$<br style="box-sizing: border-box;" class="">
\.todyl\.com$<br style="box-sizing: border-box;" class="">
\.fastly\.net$<br style="box-sizing: border-box;" class="">
\.slack-msgs\.com$<br style="box-sizing: border-box;"
class="">
\.amazonaws\.com$<br style="box-sizing: border-box;"
class="">
\.slack\.com$</span><img moz-do-not-send="true"
style="box-sizing: border-box; border: 0px; vertical-align:
middle; color: rgb(73, 73, 73); font-family: 'Gotham SSm',
Helvetica, Arial, sans-serif; font-size: 13px;" class=""></div>
<div class=""><br class="">
</div>
<div class="">##############################################################</div>
<div class=""><br class="">
</div>
<div class="">current versions we have :</div>
<div class="">
<p class="MsoListParagraphCxSpFirst" style="text-indent:
-0.25in;"><span class="" style="font-family: Symbol;">·<span
class="" style="font-size: 7pt; line-height: normal;
font-family: 'Times New Roman';"> </span></span>Squid
3.5.19<o:p class=""></o:p></p>
<p class="MsoListParagraphCxSpMiddle" style="text-indent:
-0.25in;"><span class="" style="font-family: Symbol;">·<span
class="" style="font-size: 7pt; line-height: normal;
font-family: 'Times New Roman';"> </span></span>C-ICAP
0.4.2<o:p class=""></o:p></p>
<p class="MsoListParagraphCxSpMiddle" style="text-indent:
-0.25in;"><span class="" style="font-family: Symbol;">·<span
class="" style="font-size: 7pt; line-height: normal;
font-family: 'Times New Roman';"> </span></span>SquidclamAV
6.15<o:p class=""></o:p></p>
<p class="MsoListParagraphCxSpLast" style="text-indent:
-0.25in;"><span class="" style="font-family: Symbol;">·<span
class="" style="font-size: 7pt; line-height: normal;
font-family: 'Times New Roman';"> </span></span>ClamAV
0.99.2<o:p class=""></o:p></p>
<p class="MsoListParagraphCxSpLast" style="text-indent:
-0.25in;">######################################################################</p>
<p class="MsoListParagraphCxSpLast" style="text-indent:
-0.25in;"><font class="" color="#001e57"> </font><font
class="" color="#ff2600"> here is squid.conf :</font></p>
<div class="">
<div class="">
<div class=""><font class="" color="#001e57"># Example
rule allowing access from your local networks.</font></div>
<div class=""><font class="" color="#001e57"># Adapt to
list your (internal) IP networks from where browsing</font></div>
<div class=""><font class="" color="#001e57"># should be
allowed</font></div>
<div class=""><font class="" color="#001e57">acl localnet
src 10.0.0.0/8<span class="Apple-tab-span" style="white-space:pre"> </span>#
RFC1918 possible internal network</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"># Example
rule allowing access from your local networks.</font></div>
<div class=""><font class="" color="#001e57"># Adapt
localnet in the ACL section to list your (internal) IP
networks</font></div>
<div class=""><font class="" color="#001e57"># from where
browsing should be allowed</font></div>
<div class=""><font class="" color="#001e57">http_access
allow localnet</font></div>
<div class=""><font class="" color="#001e57">http_access
allow localhost</font></div>
<div class=""><font class="" color="#001e57">http_access
allow localhost manager</font></div>
<div class=""><font class="" color="#001e57">http_access
deny manager</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"># Squid
normally listens to port 3128</font></div>
<div class=""><font class="" color="#001e57">http_port
3127</font></div>
<div class=""><font class="" color="#001e57">http_port
3128 intercept</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"># Leave
coredumps in the first cache dir</font></div>
<div class=""><font class="" color="#001e57">coredump_dir
/var/cache/squid</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">visible_hostname
shield.TodylInc.shield</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">cache_log
/opt/var/log/squid/cache_log</font></div>
<div class=""><font class="" color="#001e57">cache_access_log
/opt/var/log/squid/access_log</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">#user and
group</font></div>
<div class=""><font class="" color="#001e57">cache_effective_user
squid</font></div>
<div class=""><font class="" color="#001e57">cache_effective_group
squid</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">acl todyl
dstdomain<span class="Apple-tab-span" style="white-space:pre"> </span><a
moz-do-not-send="true" href="http://todyl.com"
class="">todyl.com</a></font></div>
<div class=""><font class="" color="#001e57">request_header_add
X-TODYL-GUID 1e46dccd2 todyl</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">#Custom Error
Pages</font></div>
<div class=""><font class="" color="#001e57">error_directory
/opt/www/squid</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"># Squid
listen Port</font></div>
<div class=""><font class="" color="#001e57">https_port
3129 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
key=/opt/etc/pki/squid/ca-key.pem
cert=/opt/etc/pki/squid/ca.pem
options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE</font></div>
</div>
</div>
</div>
</div>
</blockquote>
<font color="#001e57"><br>
Search list "Skype issue" thread, some day ago.<br>
<br>
</font>
<blockquote
cite="mid:EB9E6998-A8D4-48D0-86B6-D53BA1953D75@netstream.ps"
type="cite">
<div class="">
<div class="">
<div class="">
<div class="">
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"># SSL Bump
Config</font></div>
<div class=""><font class="" color="#001e57">always_direct
allow all</font></div>
<div class=""><font class="" color="#001e57">ssl_bump
server-first all </font></div>
<div class=""><font class="" color="#001e57">sslcrtd_program
/opt/libexec/ssl_crtd -s /opt/lib/ssl_db -M 4MB</font></div>
<div class=""><font class="" color="#001e57">sslcrtd_children
32 startup=5 idle=1</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">##############################################</font></div>
<div class=""><font class="" color="#001e57">acl
DiscoverSNIHost at_step SslBump1</font></div>
<div class=""><font class="" color="#0433ff">acl
NoSSLIntercept ssl::server_name_regex -i
"/opt/etc/squid.doms.nobump"</font></div>
<div class=""><font class="" color="#001e57"> </font></div>
<div class=""><font class="" color="#001e57">ssl_bump
splice NoSSLIntercept</font></div>
<div class=""><font class="" color="#001e57">ssl_bump peek
DiscoverSNIHost</font></div>
<div class=""><font class="" color="#001e57">ssl_bump bump
all</font></div>
<div class=""><font class="" color="#001e57"> </font></div>
<div class=""><font class="" color="#001e57">##################</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">#Hardening</font></div>
<div class=""><font class="" color="#001e57">sslproxy_options
NO_SSLv2,NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE</font></div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
<font color="#001e57"># SINGLE_ECDH_USE<br>
# Enable ephemeral ECDH key exchange.<br>
# The adopted curve should be specified<br>
# using the tls-dh option.<br>
<br>
<br>
# tls-dh=[curve:]file<br>
# File containing DH parameters for temporary/ephemeral
DH key<br>
# exchanges, optionally prefixed by a curve for
ephemeral ECDH<br>
# key exchanges.<br>
# See OpenSSL documentation for details on how to
create the<br>
# DH parameter file. Supported curves for ECDH can be
listed<br>
# using the "openssl ecparam -list_curves" command.<br>
# WARNING: EDH and EECDH ciphers will be silently
disabled if<br>
# this option is not set.<br>
<br>
</font>
<blockquote
cite="mid:EB9E6998-A8D4-48D0-86B6-D53BA1953D75@netstream.ps"
type="cite">
<div class="">
<div class="">
<div class="">
<div class="">
<div class=""><font class="" color="#001e57">sslproxy_cipher
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS</font></div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
<font color="#001e57"># tls-dh=[curve:]file<br>
# File containing DH parameters for temporary/ephemeral
DH key<br>
# exchanges, optionally prefixed by a curve for
ephemeral ECDH<br>
# key exchanges.<br>
# See OpenSSL documentation for details on how to
create the<br>
# DH parameter file. Supported curves for ECDH can be
listed<br>
# using the "openssl ecparam -list_curves" command.<br>
# WARNING: EDH and EECDH ciphers will be silently
disabled if<br>
# this option is not set.<br>
</font><br>
<blockquote
cite="mid:EB9E6998-A8D4-48D0-86B6-D53BA1953D75@netstream.ps"
type="cite">
<div class="">
<div class="">
<div class="">
<div class="">
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"># TUNING</font></div>
<div class=""><font class="" color="#001e57">cache_dir
aufs /var/cache/squid 40000 16 256</font></div>
<div class=""><font class="" color="#001e57">store_dir_select_algorithm
round-robin</font></div>
<div class=""><font class="" color="#001e57">minimum_object_size
0 KB</font></div>
<div class=""><font class="" color="#001e57">maximum_object_size
96 MB</font></div>
<div class=""><font class="" color="#001e57">memory_pools
off</font></div>
<div class=""><font class="" color="#001e57">quick_abort_min
0 KB</font></div>
<div class=""><font class="" color="#001e57">quick_abort_max
0 KB</font></div>
<div class=""><font class="" color="#001e57">log_icp_queries
off</font></div>
<div class=""><font class="" color="#001e57">client_db off</font></div>
<div class=""><font class="" color="#001e57">cache_mem
1500 MB</font></div>
<div class=""><font class="" color="#001e57">buffered_logs
on</font></div>
<div class=""><font class="" color="#001e57">half_closed_clients
off</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">dns_nameservers
10.192.0.1</font></div>
<div class=""><font class="" color="#001e57">##################################################################</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class=""><font class="" color="#001e57">here is squid
-k parse :</font></div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class="">
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">[root@1e46dccd2
var]# squid -k parse</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Startup: Initializing Authentication
Schemes ...</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Startup: Initialized Authentication Scheme
'basic'</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Startup: Initialized Authentication Scheme
'digest'</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Startup: Initialized Authentication Scheme
'negotiate'</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Startup: Initialized Authentication Scheme
'ntlm'</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Startup: Initialized Authentication.</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing Configuration File:
/opt/etc/squid.conf (depth 0)</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: acl localnet src 10.0.0.0/8 #
RFC1918 possible internal network</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: http_access allow localnet</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: http_access allow localhost</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: http_access allow localhost
manager</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: http_access deny manager</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: http_port 3127</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: http_port 3128 intercept</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Starting Authentication on port [::]:3128</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Disabling Authentication on port [::]:3128
(interception enabled)</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: coredump_dir /var/cache/squid</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: visible_hostname
shield.TodylInc.shield</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: cache_log
/opt/var/log/squid/cache_log</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: cache_access_log
/opt/var/log/squid/access_log</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: cache_effective_user squid</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: cache_effective_group squid</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: acl todyl dstdomain <a
moz-do-not-send="true" href="http://todyl.com"
class="">todyl.com</a></span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: request_header_add
X-TODYL-GUID 1e46dccd2 todyl</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: error_directory /opt/www/squid</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: https_port 3129 intercept
ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
key=/opt/etc/pki/squid/ca-key.pem
cert=/opt/etc/pki/squid/ca.pem
options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Starting Authentication on port [::]:3129</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Disabling Authentication on port [::]:3129
(interception enabled)</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: always_direct allow all</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: ssl_bump server-first all</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: sslcrtd_program
/opt/libexec/ssl_crtd -s /opt/lib/ssl_db -M 4MB</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: sslcrtd_children 32 startup=5
idle=1</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: acl DiscoverSNIHost at_step
SslBump1</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: acl NoSSLIntercept
ssl::server_name_regex -i
"/opt/etc/squid.doms.nobump"</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: ssl_bump splice NoSSLIntercept</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: ssl_bump peek DiscoverSNIHost</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: ssl_bump bump all</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: sslproxy_options
NO_SSLv2,NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: sslproxy_cipher
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: cache_dir aufs
/var/cache/squid 40000 16 256</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: store_dir_select_algorithm
round-robin</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: minimum_object_size 0 KB</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: maximum_object_size 96 MB</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: memory_pools off</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: quick_abort_min 0 KB</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: quick_abort_max 0 KB</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: log_icp_queries off</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: client_db off</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: cache_mem 1500 MB</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: buffered_logs on</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: half_closed_clients off</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Processing: dns_nameservers 10.192.0.1</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Initializing https proxy context</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Initializing https_port [::]:3129 SSL
context</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">2016/06/27
08:06:08| Using certificate in
/opt/etc/pki/squid/ca.pem</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class="">—————————————————————————————————</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class=""><br class="">
</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class=""><br class="">
</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal; color: rgb(73, 73, 73);" class=""><span
style="font-kerning: none" class=""><br class="">
</span></div>
<div style="margin: 0px; font-size: 13px; line-height:
normal;" class=""><span style="-webkit-font-kerning:
none;" class=""><font class="" color="#ff2600">here
is access.log</font></span></div>
</div>
<div class=""><font class="" color="#001e57"><br class="">
</font></div>
<div class="">
<div class="" style="color: rgb(0, 30, 87);"><br
class="">
</div>
<div class="" style="color: rgb(0, 30, 87);">1467029265.989
50 10.192.0.12 TAG_NONE/200 0 CONNECT
52.84.29.139:443 - ORIGINAL_DST/52.84.29.139 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029265.999
59 10.192.0.12 TAG_NONE/200 0 CONNECT
52.84.29.139:443 - ORIGINAL_DST/52.84.29.139 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.070
59 10.192.0.12 TCP_MISS/200 13171 GET <a
moz-do-not-send="true"
href="https://slack.com/help/test" class=""><a class="moz-txt-link-freetext" href="https://slack.com/help/test">https://slack.com/help/test</a></a>
- ORIGINAL_DST/52.84.29.139 text/html</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.222
53 10.192.0.12 TAG_NONE/200 0 CONNECT
172.217.5.14:443 - ORIGINAL_DST/172.217.5.14 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.234
66 10.192.0.12 TCP_MISS/200 598 GET <a
moz-do-not-send="true"
href="https://slack.com/beacon/track/?" class=""><a class="moz-txt-link-freetext" href="https://slack.com/beacon/track/">https://slack.com/beacon/track/</a>?</a>
- ORIGINAL_DST/52.84.29.139 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.274
26 10.192.0.12 TCP_MISS/200 557 GET <a
moz-do-not-send="true"
href="https://www.google-analytics.com/r/collect?"
class=""><a class="moz-txt-link-freetext" href="https://www.google-analytics.com/r/collect">https://www.google-analytics.com/r/collect</a>?</a>
- ORIGINAL_DST/172.217.5.14 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.314
66 10.192.0.12 TAG_NONE/200 0 CONNECT
169.54.33.172:443 - ORIGINAL_DST/169.54.33.172 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.368
21 10.192.0.12 TCP_MISS/200 547 GET <a
moz-do-not-send="true"
href="https://api.mixpanel.com/track/?" class=""><a class="moz-txt-link-freetext" href="https://api.mixpanel.com/track/">https://api.mixpanel.com/track/</a>?</a>
- ORIGINAL_DST/169.54.33.172 application/json</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.469
42 10.192.0.12 TAG_NONE/200 0 CONNECT
199.27.76.249:443 - ORIGINAL_DST/199.27.76.249 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029266.722
231 10.192.0.12 TCP_MISS/200 11968 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-0.png?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-0.png">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-0.png</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/png</div>
<div class="" style="color: rgb(0, 30, 87);">1467029267.044
303 10.192.0.12 TAG_NONE/200 0 CONNECT
54.231.161.8:443 - ORIGINAL_DST/54.231.161.8 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029267.231
170 10.192.0.12 TCP_MISS/200 11994 GET <a
moz-do-not-send="true"
href="https://s3-us-west-2.amazonaws.com/slack-files2/beacons/boomerang1/image-0.png?"
class=""><a class="moz-txt-link-freetext" href="https://s3-us-west-2.amazonaws.com/slack-files2/beacons/boomerang1/image-0.png">https://s3-us-west-2.amazonaws.com/slack-files2/beacons/boomerang1/image-0.png</a>?</a>
- ORIGINAL_DST/54.231.161.8 image/png</div>
<div class="" style="color: rgb(0, 30, 87);">1467029267.482
145 10.192.0.12 TAG_NONE/200 0 CONNECT
54.172.232.15:443 - ORIGINAL_DST/54.172.232.15 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029267.563
63 10.192.0.12 TCP_MISS_ABORTED/000 0 GET <a
moz-do-not-send="true"
href="https://mpmulti-y6oq.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_"
class=""><a class="moz-txt-link-freetext" href="https://mpmulti-y6oq.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_">https://mpmulti-y6oq.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_</a></a>
- ORIGINAL_DST/54.172.232.15 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029267.771
167 10.192.0.12 TAG_NONE/200 0 CONNECT
52.91.147.164:443 - ORIGINAL_DST/52.91.147.164 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029267.891
110 10.192.0.12 TCP_MISS_ABORTED/000 0 GET <a
moz-do-not-send="true"
href="https://mpmulti-f4bz.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_"
class=""><a class="moz-txt-link-freetext" href="https://mpmulti-f4bz.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_">https://mpmulti-f4bz.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_</a></a>
- ORIGINAL_DST/52.91.147.164 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.106
153 10.192.0.12 TAG_NONE/200 0 CONNECT
52.23.253.30:443 - ORIGINAL_DST/52.23.253.30 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.194
79 10.192.0.12 TCP_MISS_ABORTED/000 0 GET <a
moz-do-not-send="true"
href="https://mpmulti-zdjz.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_"
class=""><a class="moz-txt-link-freetext" href="https://mpmulti-zdjz.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_">https://mpmulti-zdjz.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_</a></a>
- ORIGINAL_DST/52.23.253.30 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.449
160 10.192.0.12 TAG_NONE/200 0 CONNECT
52.201.253.102:443 - ORIGINAL_DST/52.201.253.102 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.567
110 10.192.0.12 TCP_MISS_ABORTED/000 0 GET <a
moz-do-not-send="true"
href="https://mpmulti-2pbf.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_"
class=""><a class="moz-txt-link-freetext" href="https://mpmulti-2pbf.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_">https://mpmulti-2pbf.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_</a></a>
- ORIGINAL_DST/52.201.253.102 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.764
149 10.192.0.12 TAG_NONE/200 0 CONNECT
52.91.121.224:443 - ORIGINAL_DST/52.91.121.224 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.845
74 10.192.0.12 TCP_MISS_ABORTED/000 0 GET <a
moz-do-not-send="true"
href="https://mpmulti-x1if.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_"
class=""><a class="moz-txt-link-freetext" href="https://mpmulti-x1if.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_">https://mpmulti-x1if.slack-msgs.com/websocket/_CONNECTION_TEST_TOKEN_</a></a>
- ORIGINAL_DST/52.91.121.224 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029268.967
108 10.192.0.12 TCP_MISS/200 516 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029269.169
187 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029269.285
101 10.192.0.12 TCP_MISS/200 516 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029269.467
167 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029269.643
160 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029269.824
165 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029270.004
164 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029270.186
165 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029270.295
94 10.192.0.12 TCP_MISS/200 516 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029270.489
173 10.192.0.12 TCP_MISS/200 517 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-l.gif</a>?</a>
- ORIGINAL_DST/199.27.76.249 image/gif</div>
<div class="" style="color: rgb(0, 30, 87);">1467029270.656
151 10.192.0.12 TCP_MISS_ABORTED/000 0 GET <a
moz-do-not-send="true"
href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-0.png?"
class=""><a class="moz-txt-link-freetext" href="https://slack.global.ssl.fastly.net/beacons/boomerang1/image-0.png">https://slack.global.ssl.fastly.net/beacons/boomerang1/image-0.png</a>?</a>
- ORIGINAL_DST/199.27.76.249 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029273.699
57 10.192.0.12 TCP_MISS/200 951 GET <a
moz-do-not-send="true"
href="http://lyncdiscover.todyl.com/?" class=""><a class="moz-txt-link-freetext" href="http://lyncdiscover.todyl.com/">http://lyncdiscover.todyl.com/</a>?</a>
- ORIGINAL_DST/131.253.163.205
application/vnd.microsoft.rtc.autodiscover+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029273.713
72 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.163.205:443 - ORIGINAL_DST/131.253.163.205 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029273.797
73 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029273.874
70 10.192.0.12 TCP_MISS/200 1453 GET <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root?"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root">https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root</a>?</a>
- ORIGINAL_DST/131.253.161.142
application/vnd.microsoft.rtc.autodiscover+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029273.952
74 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029273.985
25 10.192.0.12 TCP_MISS/401 2206 GET <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user?"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user">https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user</a>?</a>
- ORIGINAL_DST/131.253.161.142 text/html</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.077
76 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.217
132 10.192.0.12 TCP_MISS/200 18842 POST <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/WebTicket/WebTicketService.svc/mex"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/WebTicket/WebTicketService.svc/mex">https://webdir2a.online.lync.com/WebTicket/WebTicketService.svc/mex</a></a>
- ORIGINAL_DST/131.253.161.142 application/soap+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.430
152 10.192.0.12 TAG_NONE/200 0 CONNECT
23.96.208.238:443 - ORIGINAL_DST/23.96.208.238 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.631
180 10.192.0.12 TCP_MISS/200 16835 POST <a
moz-do-not-send="true"
href="https://login.microsoftonline.com/RST2.srf"
class=""><a class="moz-txt-link-freetext" href="https://login.microsoftonline.com/RST2.srf">https://login.microsoftonline.com/RST2.srf</a></a>
- ORIGINAL_DST/23.96.208.238 application/soap+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.720
75 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.858
131 10.192.0.12 TCP_MISS/200 6107 POST <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/WebTicket/WebTicketAdvancedService.svc/WsFed_bearer"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/WebTicket/WebTicketAdvancedService.svc/WsFed_bearer">https://webdir2a.online.lync.com/WebTicket/WebTicketAdvancedService.svc/WsFed_bearer</a></a>
- ORIGINAL_DST/131.253.161.142 text/xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.936
73 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029274.998
55 10.192.0.12 TCP_MISS/200 2507 GET <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user?"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user">https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user</a>?</a>
- ORIGINAL_DST/131.253.161.142
application/vnd.microsoft.rtc.autodiscover+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029275.099
72 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.139:443 - ORIGINAL_DST/131.253.161.139 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029275.216
70 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.147:443 - ORIGINAL_DST/131.253.161.147 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029275.524
107 10.192.0.12 TAG_NONE/200 0 CONNECT
134.170.113.218:443 - ORIGINAL_DST/134.170.113.218 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029279.731
24 10.192.0.12 TCP_MISS/200 951 GET <a
moz-do-not-send="true"
href="http://lyncdiscover.todyl.com/?" class=""><a class="moz-txt-link-freetext" href="http://lyncdiscover.todyl.com/">http://lyncdiscover.todyl.com/</a>?</a>
- ORIGINAL_DST/131.253.163.205
application/vnd.microsoft.rtc.autodiscover+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029279.778
71 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.163.205:443 - ORIGINAL_DST/131.253.163.205 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029279.814
76 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029279.847
27 10.192.0.12 TCP_MISS/200 1453 GET <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root?"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root">https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root</a>?</a>
- ORIGINAL_DST/131.253.161.142
application/vnd.microsoft.rtc.autodiscover+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029279.922
70 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029279.952
24 10.192.0.12 TCP_MISS/401 2206 GET <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user?"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user">https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user</a>?</a>
- ORIGINAL_DST/131.253.161.142 text/html</div>
<div class="" style="color: rgb(0, 30, 87);">1467029280.032
73 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.142:443 - ORIGINAL_DST/131.253.161.142 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029280.092
54 10.192.0.12 TCP_MISS/200 2507 GET <a
moz-do-not-send="true"
href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user?"
class=""><a class="moz-txt-link-freetext" href="https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user">https://webdir2a.online.lync.com/Autodiscover/AutodiscoverService.svc/root/user</a>?</a>
- ORIGINAL_DST/131.253.161.142
application/vnd.microsoft.rtc.autodiscover+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029280.180
73 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.139:443 - ORIGINAL_DST/131.253.161.139 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029280.270
73 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.161.147:443 - ORIGINAL_DST/131.253.161.147 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029280.396
107 10.192.0.12 TAG_NONE/200 0 CONNECT
134.170.113.218:443 - ORIGINAL_DST/134.170.113.218 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.555
75 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.673
92 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.681
41 10.192.0.12 TCP_MISS/200 607 GET <a
moz-do-not-send="true"
href="http://login.live.com/ppcrlcheck.srf" class=""><a class="moz-txt-link-freetext" href="http://login.live.com/ppcrlcheck.srf">http://login.live.com/ppcrlcheck.srf</a></a>
- ORIGINAL_DST/131.253.61.68 text/html</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.729
41 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.784
46 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.801
92 10.192.0.12 TAG_NONE/200 0 CONNECT
131.253.61.68:443 - ORIGINAL_DST/131.253.61.68 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.859
61 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.926
52 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.964
134 10.192.0.12 TCP_MISS/200 10828 POST <a
moz-do-not-send="true"
href="https://login.live.com/RST2.srf" class=""><a class="moz-txt-link-freetext" href="https://login.live.com/RST2.srf">https://login.live.com/RST2.srf</a></a>
- ORIGINAL_DST/131.253.61.68 application/soap+xml</div>
<div class="" style="color: rgb(0, 30, 87);">1467029287.998
56 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029288.051
40 10.192.0.12 TAG_NONE/200 0 CONNECT
157.55.133.204:443 - ORIGINAL_DST/157.55.133.204 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029288.204
46 10.192.0.12 TCP_MISS/302 538 GET <a
moz-do-not-send="true"
href="http://go.microsoft.com/fwlink/?" class=""><a class="moz-txt-link-freetext" href="http://go.microsoft.com/fwlink/">http://go.microsoft.com/fwlink/</a>?</a>
- ORIGINAL_DST/23.66.120.244 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029288.389
147 10.192.0.12 TCP_MISS/302 1786 GET <a
moz-do-not-send="true"
href="http://www.microsoft.com/security/encyclopedia/adlpackages.aspx?"
class=""><a class="moz-txt-link-freetext" href="http://www.microsoft.com/security/encyclopedia/adlpackages.aspx">http://www.microsoft.com/security/encyclopedia/adlpackages.aspx</a>?</a>
- ORIGINAL_DST/23.203.90.59 text/html</div>
<div class="" style="color: rgb(0, 30, 87);">1467029288.422
48 10.192.0.12 TAG_NONE/200 0 CONNECT
13.90.208.215:443 - ORIGINAL_DST/13.90.208.215 -</div>
<div class="" style="color: rgb(0, 30, 87);">1467029288.882
311 10.192.0.12 TAG_NONE/200 0 CONNECT
104.41.32.78:443 - ORIGINAL_DST/104.41.32.78 -</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
<div class=""><font class="" color="#ff2600">Any Help
????</font></div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<font color="#ff2600"><font color="#000000">Finally. Where is you
specify following parameters in squid.conf:<br>
<br>
sslproxy_cafile /usr/local/squid/etc/ca-bundle.crt<br>
sslproxy_foreign_intermediate_certs
/usr/local/squid/etc/intermediate_ca.pem<br>
<br>
???</font><br>
<br>
</font>
<blockquote
cite="mid:EB9E6998-A8D4-48D0-86B6-D53BA1953D75@netstream.ps"
type="cite">
<div class="">
<div class="">
<div class="">
<div class="">
<div class="">
<div style="color: rgb(0, 30, 87);" class=""><br
class="">
</div>
</div>
</div>
</div>
<div class=""><font class="" style="font-size: 14px;"
face="Times"><b class=""><br class="">
</b></font></div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
squid-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a>
</pre>
</blockquote>
<br>
</body>
</html>