<html><head></head><body><div class="yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div dir="ltr" data-setdir="false">HI</div><div dir="ltr" data-setdir="false">COULD YOU PLEASE HELP ME? <br></div><div dir="ltr" data-setdir="false">IN INTERCEPTED TOPOLOGY WITH TPROXY I HAVE PROBLEM.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">WHAT IS SQUID SOLUTION FOR SITES THAT HAVE MORE THAN ONE IP ADDRESSES? FOR EXAMPLE SITE LIKE GOOGLE.COM RETURN DIFFERENT IP ADDRESS IN EVERY REQUEST AND IF CLIENT GET IP ADDRESS FOR EXAMPLE 1.1.1.1 THAT IS POSSIBLE THAT SQUID GET 2.2.2.2 FOR GOOGLE AND SQUID CAN NOT WORK PROBABLE AND SHOW FORGERY DETECTED ERROR.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">IS THERE ANY WAY TO IGNORE THIS OR USE ONLY ONE DNS SERVER OR PREVENT SQUID OR CLIENT TO NOT RESOLVE URLS?</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false"><span><pre>I use same DNS-Server on my clients and my squid server.<br><span><pre>Is there any configuration directive in squid to does not resolve requested URLs from client or use their resolved IP addresses?</pre></span><br></pre></span></div><div dir="ltr" data-setdir="false">I use this configuration:</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false"><div dir="ltr" data-setdir="false"><div>acl acl1 clientside_mark *****</div><div>tcp_outgoing_mark ***** acl1</div>acl https1 ssl::server_name "/Files/blklist"<br><div>ssl_bump bump https1 acl1</div>acl url1 dstdomain "/Files/blklist"<br>acl Regex1 url_regex "/Files/Reglist"<br><div>http_access deny Regex1 acl1</div><div>http_access deny url1 acl1</div><br><br>#Http configurations<br>http_access allow all<br>http_port 0.0.0.0:3128<br>http_port 0.0.0.0:3129 tproxy disable-pmtu-discovery=transparent<br><br><br>#Https configurations<br>reply_header_access Strict-Transport-Security deny all<br>https_port 3130 tproxy ssl-bump \<br> tls-cert=/conf/cert.cer \<br> tls-key=/conf/cert.key \<br> generate-host-certificates=on dynamic_cert_mem_cache_size=20MB disable-pmtu-discovery=transparent<br>sslcrtd_program /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB<br>sslcrtd_children 10 startup=5 idle=1<br>acl step1 at_step SslBump1<br>ssl_bump peek step1<br>ssl_bump splice all<br><br></div><div dir="ltr" data-setdir="false">I got this error messeges:</div><div dir="ltr" data-setdir="false"><br></div></div><div dir="ltr" data-setdir="false"><div><pre>May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: Host header forgery detected on local=157.240.20.52:443 remote=172.30.28.38:52346 FD 524 flags=17 (local IP does not match any domain IP)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: on URL: web.whatsapp.com:443
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: Host header forgery detected on local=157.240.20.52:443 remote=172.30.28.38:52347 FD 508 flags=17 (local IP does not match any domain IP)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: on URL: web.whatsapp.com:443
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: Host header forgery detected on local=157.240.20.52:443 remote=172.30.31.31:51567 FD 508 flags=17 (local IP does not match any domain IP)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: on URL: web.whatsapp.com:443
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: Host header forgery detected on local=157.240.20.52:443 remote=172.30.31.31:51568 FD 508 flags=17 (local IP does not match any domain IP)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| SECURITY ALERT: on URL: web.whatsapp.com:443
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| ERROR: negotiating TLS on FD 523: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| Error negotiating SSL connection on FD 518: error:00000001:lib(0):func(0):reason(1) (1/0)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| ERROR: negotiating TLS on FD 502: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| Error negotiating SSL connection on FD 509: error:00000001:lib(0):func(0):reason(1) (1/0)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| ERROR: negotiating TLS on FD 527: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)
May 10 12:47:54 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:54| Error negotiating SSL connection on FD 526: error:00000001:lib(0):func(0):reason(1) (1/0)
May 10 12:47:55 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:55| SECURITY ALERT: Host header forgery detected on local=17.57.12.11:443 remote=172.30.14.50:11985 FD 510 flags=17 (local IP does not match any domain IP)
May 10 12:47:55 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:55| SECURITY ALERT: on URL: gsp64-ssl.ls.apple.com:443
May 10 12:47:55 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:55| SECURITY ALERT: Host header forgery detected on local=17.57.12.11:443 remote=172.30.14.50:11986 FD 510 flags=17 (local IP does not match any domain IP)
May 10 12:47:55 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:55| SECURITY ALERT: on URL: gsp64-ssl.ls.apple.com:443
May 10 12:47:55 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:55| SECURITY ALERT: Host header forgery detected on local=17.57.12.11:443 remote=172.30.14.50:12069 FD 510 flags=17 (local IP does not match any domain IP)
May 10 12:47:55 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:55| SECURITY ALERT: on URL: gsp64-ssl.ls.apple.com:443
May 10 12:47:56 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:56| SECURITY ALERT: Host header forgery detected on local=193.23.244.244:443 remote=217.11.23.195:59994 FD 534 flags=17 (local IP does not match any domain IP)
May 10 12:47:56 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:56| SECURITY ALERT: on URL: www.h7ftf4spvav27.com:443
May 10 12:47:57 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:57| ERROR: negotiating TLS on FD 523: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (1/-1/0)
May 10 12:47:57 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:57| Error negotiating SSL connection on FD 260: error:00000001:lib(0):func(0):reason(1) (1/0)
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Preparing for shutdown after 1786 requests
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Waiting 5 seconds for active connections to finish
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Closing HTTP(S) port 0.0.0.0:3128
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Closing HTTP(S) port 0.0.0.0:3129
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Closing HTTP(S) port 0.0.0.0:3130
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| WARNING: /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB #Hlpr3 exited
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Too few /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB processes are running (need 1/10)
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Starting new helpers
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| helperOpenServers: Starting 1/10 'security_file_certgen' processes
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| WARNING: /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB #Hlpr4 exited
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Too few /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB processes are running (need 1/10)
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| storeDirWriteCleanLogs: Starting...
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Finished. Wrote 0 entries.
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Took 0.00 seconds ( 0.00 entries/sec).
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| FATAL: The /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB helpers are crashing too rapidly, need help!
May 10 12:47:58 squid[] [user:alert:09]: FATAL: The /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB helpers are crashing too rapidly, need help!
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Squid Cache (Version 4.7): Terminated abnormally.
May 10 12:47:58 squid[23231] [daemon:info:1e]: 2020/05/10 12:47:58| Removing PID file (/var/run/squid.pid)</pre></div><div><br></div></div></div></body></html>