<div class="chatflow-status" style="overflow:hidden;height:0px;opacity:0.001;float:right"><img src="https://bolt.im/t/?VGIjYnnDgd8WPRbPGxTPeHbtAbxBKO6WCmkQe7o_zYg7rrmuuvnhu-iy9O4l0Pstr3bCQ_MgsqWIaTEfytORwCXhgHSBT2ZYY67OkSHy170" width="0" height="0" style="width:0px;height:0px;opacity:0.001"></div><div dir="LTR">Thanks. What means drop byte hit? I just wanna bump a few sites, and pass the rest. Why isnt that a good solution? Is it bad form<br> performance?</div><chatflow-embed type="signature"><div><br><table cellspacing="0" cellpedding="0" border="0" style="margin-bottom:4px"><tr><td><a href="http://GetHop.com/?_hmid=1493630170" style="text-decoration:none">marco<span style="color:#999"> - Contact Using Hop</span></a></td></tr></table></div></chatflow-embed><div class="hop_extra"><br>On May 1, 2017 at 9:13 GMT, Yuri <<a href="mailto:yvoinov@gmail.com">yvoinov@gmail.com</a>> wrote:<br><blockquote class="hop_quote" style="margin:0 0 0 .2ex;border-left:1px #ccc solid;padding-left:1ex"><div><br></div><html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Sorry, this is not solution. All https spliced means for me
catastrophyc drop byte hit. I knew about this wrkarnd from the
beginning. But this is unacceptable.<br>
</p>
<p>At maximum this is temporary workaround.<br>
</p>
<br>
<div class="moz-cite-prefix">01.05.2017 15:10, marco пишет:<br>
</div>
<blockquote
cite="mid:c-6120-j25wmijf-fi5evnsf00v1cphklm2c7511xxdkpr8+18p8r8x@2.bolt.im"
type="cite">
<div class="chatflow-status"
style="overflow:hidden;height:0px;opacity:0.001;float:right"><img
moz-do-not-send="true"
src="https://bolt.im/t/?O1DO3p0DX-gO2Eho-xIA__BODHNmO3uaZuAp50JqvzDR9xU_6ZZy2Ez7PekRVZpzYADDv_v9nH2bcPXhBMobZTfBONQf1EjyG3wYFOmzpTo"
style="width:0px;height:0px;opacity:0.001" height="0"
width="0"></div>
<div dir="LTR">solution:<br>
all monitoredsites, m1 m2 are bumped correctly<br>
all others are spliced<br>
squid4<br>
<br>
this works great. just contact me for questions.<br>
<br>
<br>
acl monitoredSites ssl::server_name_regex -i
(phncdn|ypncdn|heise|rncdn|youporn) <br>
<br>
acl m1 ssl::server_name_regex -i \.youporn\.com <br>
<br>
acl m2 ssl::server_name_regex -i \.rncdn7\.com <br>
<br>
ssl_bump stare m1 <br>
ssl_bump stare m2 <br>
ssl_bump stare monitoredSites <br>
ssl_bump peek !m1 !m2 !monitoredSites <br>
#ssl_bump splice step3 !m1 !m2 <br>
ssl_bump bump m1 <br>
ssl_bump bump m2 <br>
ssl_bump bump monitoredSites <br>
ssl_bump splice !m1 !m2 !monitoredSites</div>
<chatflow-embed type="signature">
<div><br>
<table cellpedding="0" style="margin-bottom:4px" border="0"
cellspacing="0">
<tbody>
<tr>
<td><a moz-do-not-send="true"
href="http://GetHop.com/?_hmid=1493629813"
style="text-decoration:none">marco<span
style="color:#999"> - Contact Using Hop</span></a></td>
</tr>
</tbody>
</table>
</div>
</chatflow-embed>
<div class="hop_extra"><br>
On April 30, 2017 at 13:35 GMT, Yuri Voinov <<a
moz-do-not-send="true" href="mailto:yvoinov@gmail.com">yvoinov@gmail.com</a>>
wrote:<br>
<blockquote class="hop_quote" style="margin:0 0 0
.2ex;border-left:1px #ccc solid;padding-left:1ex">
<div><br>
</div>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8">
<p>Check this. It seems this is the issue:<br>
</p>
<p><a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://bugs.squid-cache.org/show_bug.cgi?id=4711">http://bugs.squid-cache.org/show_bug.cgi?id=4711</a><br>
</p>
<br>
<div class="moz-cite-prefix">30.04.2017 12:02, snable snable
пишет:<br>
</div>
<blockquote type="cite"
cite="mid:CADYcWGR1ntWdqG9vvuDHCO30Pu02MW+TY2rRU=Xu5VpvM2aQ1w@mail.gmail.com">
<div dir="auto">
<div style="font-family:sans-serif;font-size:13.696px"
dir="auto">
<div style="margin:16px 0px">
<div>
<div dir="auto">hello
<div dir="auto"><br>
</div>
<div dir="auto">i am using squid on a external
box.</div>
<div dir="auto">i forward all traffic from my
openwrt router to it</div>
<div dir="auto">htto works fine</div>
<div dir="auto">https with youtube app doesnt work</div>
<div dir="auto">i get:</div>
<div dir="auto"><br>
</div>
<div dir="auto">
<div dir="auto"> Error negotiating SSL
connection on FD 73: error:14094416</div>
<div dir="auto">:SSL
routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown (1/0)</div>
<div dir="auto"><br>
</div>
<div dir="auto">errors</div>
<div dir="auto"><br>
</div>
<div dir="auto">other sites work well so far</div>
<div dir="auto"><br>
</div>
<div dir="auto">i heard that squid4 auto
downloads intermediate certificates.. maybe
thats the issue?</div>
<div dir="auto"><br>
</div>
<div dir="auto">i workarounded this with a white
list of sites that work. but i wanna rollout
this for all sites. (also see my other
question)</div>
<div dir="auto"><br>
</div>
<div dir="auto">thanks!</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
squid-users mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a>
</pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
Bugs to the Future</div>
<div><br>
</div>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>
<div><br></div></blockquote></div>