<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:12.0pt;
font-family:"Aptos",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt">To add and maybe clarify what my confusion is, the log entries below (hidden internal/external IP’s, domain and username) don’t seem to show what I expected, a line marked “referrer”. Am I misunderstanding
how that should show up in the log? Thanks<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.294 0 ***.***.***.*** TCP_DENIED/407 4048 CONNECT cc-api-data.adobe.io:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.297 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT cc-api-data.adobe.io:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.310 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT cc-api-data.adobe.io:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.313 0 ***.***.***.***TCP_DENIED/407 4112 CONNECT ib.adnxs.com:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.316 0 ***.***.***.***TCP_DENIED/407 4144 CONNECT htlb.casalemedia.com:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.316 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT cc-api-data.adobe.io:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.318 0 ***.***.***.***TCP_DENIED/407 4172 CONNECT fastlane.rubiconproject.com:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.320 0 ***.***.***.***TCP_DENIED/407 4152 CONNECT hbopenbid.pubmatic.com:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.322 20103 ***.***.***.***TCP_TUNNEL/200 3363 CONNECT th.bing.com:443 ***\\Username HIER_DIRECT/***.***.***.***-<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.324 0 ***.***.***.***TCP_DENIED/407 4132 CONNECT bidder.criteo.com:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.328 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT cc-api-data.adobe.io:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">1716316179.331 0 ***.***.***.***TCP_DENIED/407 4048 CONNECT cc-api-data.adobe.io:443 - HIER_NONE/- text/html<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> squid-users <squid-users-bounces@lists.squid-cache.org>
<b>On Behalf Of </b>squid-users-request@lists.squid-cache.org<br>
<b>Sent:</b> Tuesday, May 21, 2024 11:51 AM<br>
<b>To:</b> squid-users@lists.squid-cache.org<br>
<b>Subject:</b> [External] squid-users Digest, Vol 117, Issue 23<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Send squid-users mailing list submissions to<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="https://lists.squid-cache.org/listinfo/squid-users">https://lists.squid-cache.org/listinfo/squid-users</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:squid-users-request@lists.squid-cache.org">squid-users-request@lists.squid-cache.org</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:squid-users-owner@lists.squid-cache.org">squid-users-owner@lists.squid-cache.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of squid-users digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. log_referrer question (Bobby Matznick)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Tue, 21 May 2024 17:50:49 +0000<br>
From: Bobby Matznick <<a href="mailto:bmatznick@pbandt.bank">bmatznick@pbandt.bank</a>><br>
To: "<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>"<br>
<<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>><br>
Subject: [squid-users] log_referrer question<br>
Message-ID:<br>
<<a href="mailto:MW5PR14MB52897188C2ED83596B406151B0EA2@MW5PR14MB5289.namprd14.prod.outlook.com">MW5PR14MB52897188C2ED83596B406151B0EA2@MW5PR14MB5289.namprd14.prod.outlook.com</a>><br>
<br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
I have been trying to use a combined log format for squid. The below line in the squid config is my current attempt.<br>
<br>
logformat combined %>a %[ui %[un [%tl "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh<br>
<br>
It is working, as far as logging the normal stuff I would see before having tried to implement referrer. I noticed somewhere that you need to build squid with -enable-referrer-log, it was an older version, looked like 3.1 and lower, I am using 4.13. So, checked
with squid -v and do not see "-enable-referrer_log" as one of the configure options used during install. Would I need to reinstall, or is that no longer necessary in version 4.13? Thanks!!<br>
<br>
Bobby<br>
<br>
From: squid-users <<a href="mailto:squid-users-bounces@lists.squid-cache.org">squid-users-bounces@lists.squid-cache.org</a>> On Behalf Of
<a href="mailto:squid-users-request@lists.squid-cache.org">squid-users-request@lists.squid-cache.org</a><br>
Sent: Tuesday, April 23, 2024 6:00 AM<br>
To: <a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
Subject: [External] squid-users Digest, Vol 116, Issue 31<br>
<br>
Caution: This is an external email and has a suspicious subject or content. Please take care when clicking links or opening attachments. When in doubt, contact your IT Department<br>
Send squid-users mailing list submissions to<br>
<a href="mailto:squid-users@lists.squid-cache.org%3cmailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org</a>><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="https://lists.squid-cache.org/listinfo/squid-users">https://lists.squid-cache.org/listinfo/squid-users</a><<a href="https://lists.squid-cache.org/listinfo/squid-users">https://lists.squid-cache.org/listinfo/squid-users</a>><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:squid-users-request@lists.squid-cache.org%3cmailto:squid-users-request@lists.squid-cache.org">squid-users-request@lists.squid-cache.org<mailto:squid-users-request@lists.squid-cache.org</a>><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:squid-users-owner@lists.squid-cache.org%3cmailto:squid-users-owner@lists.squid-cache.org">squid-users-owner@lists.squid-cache.org<mailto:squid-users-owner@lists.squid-cache.org</a>><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of squid-users digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: Warm cold times (Amos Jeffries)<br>
2. Re: Container Based Issues Lock Down Password and Terminate<br>
SSL (Amos Jeffries)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Tue, 23 Apr 2024 19:41:37 +1200<br>
From: Amos Jeffries <<a href="mailto:squid3@treenet.co.nz%3cmailto:squid3@treenet.co.nz">squid3@treenet.co.nz<mailto:squid3@treenet.co.nz</a>>><br>
To: <a href="mailto:squid-users@lists.squid-cache.org%3cmailto:squid-users@lists.squid-cache.org">
squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org</a>><br>
Subject: Re: [squid-users] Warm cold times<br>
Message-ID: <<a href="mailto:9d8f4de6-c797-4e70-aaf5-c073f45c3390@treenet.co.nz%3cmailto:9d8f4de6-c797-4e70-aaf5-c073f45c3390@treenet.co.nz">9d8f4de6-c797-4e70-aaf5-c073f45c3390@treenet.co.nz<mailto:9d8f4de6-c797-4e70-aaf5-c073f45c3390@treenet.co.nz</a>>><br>
Content-Type: text/plain; charset=UTF-8; format=flowed<br>
<br>
On 22/04/24 17:42, Jonathan Lee wrote:<br>
> Has anyone else taken up the fun challenge of doing windows update caching. It is amazing when it works right. It is a complex configuration, but it is worth it to see a warm download come down that originally took 30 mins instantly to a second client. I
didn?t know how much of the updates are the same across different vendor laptops.<br>
><br>
<br>
There have been several people over the years.<br>
The collected information is being gathered at<br>
<<a href="https://wiki.squid-cache.org/ConfigExamples/Caching/WindowsUpdates">https://wiki.squid-cache.org/ConfigExamples/Caching/WindowsUpdates</a><<a href="https://wiki.squid-cache.org/ConfigExamples/Caching/WindowsUpdates">https://wiki.squid-cache.org/ConfigExamples/Caching/WindowsUpdates</a>>><br>
<br>
If you would like to check and update the information for the current<br>
Windows 11 and Squid 6, etc. that would be useful.<br>
<br>
Wiki updates are now made using github PRs against the repository at<br>
<<a href="https://github.com/squid-cache/squid-cache.github.io">https://github.com/squid-cache/squid-cache.github.io</a><<a href="https://github.com/squid-cache/squid-cache.github.io">https://github.com/squid-cache/squid-cache.github.io</a>>>.<br>
<br>
<br>
<br>
<br>
> Amazing stuff Squid team.<br>
> I wish I could get some of the Roblox Xbox stuff to cache but it?s a night to get running with squid in the first place, I had to splice a bunch of stuff and also wpad the Xbox system.<br>
<br>
FWIW, what I have seen from routing perspective is that Roblox likes to<br>
use custom ports and P2P connections for a lot of things. So no high<br>
expectations there, but anything cacheable is great news.<br>
<br>
<br>
<br>
>> On Apr 18, 2024, at 23:55, Jonathan Lee wrote:<br>
>><br>
>> ?Does anyone know the current warm cold download times for dynamic cache of windows updates?<br>
>><br>
>> I can say my experience was a massive increase in the warm download it was delivered in under a couple mins versus 30 or so to download it cold. The warm download was almost instant on the second device. Very green energy efficient.<br>
>><br>
>><br>
>> Does squid 5.8 or 6 work better on warm delivery?<br>
<br>
There is no significant differences AFAIK. They both come down to what<br>
you have configured. That said, the ongoing improvements may make v6<br>
some amount of "better" - even if only trivial.<br>
<br>
<br>
<br>
>> Is there a way to make 100 percent sure a docker container can?t get inside the cache?<br>
<br>
For Windows I would expect the only "100% sure" way is to completely<br>
forbid access to the disk where the cache is stored.<br>
<br>
<br>
The rest of your questions are about container management and Windows<br>
configuration. Which are kind of off-topic.<br>
<br>
<br>
Cheers<br>
Amos<br>
<br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Tue, 23 Apr 2024 20:03:42 +1200<br>
From: Amos Jeffries <<a href="mailto:squid3@treenet.co.nz%3cmailto:squid3@treenet.co.nz">squid3@treenet.co.nz<mailto:squid3@treenet.co.nz</a>>><br>
To: <a href="mailto:squid-users@lists.squid-cache.org%3cmailto:squid-users@lists.squid-cache.org">
squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org</a>><br>
Subject: Re: [squid-users] Container Based Issues Lock Down Password<br>
and Terminate SSL<br>
Message-ID: <<a href="mailto:58c41ee7-b88c-4d5a-bd12-220d44465067@treenet.co.nz%3cmailto:58c41ee7-b88c-4d5a-bd12-220d44465067@treenet.co.nz">58c41ee7-b88c-4d5a-bd12-220d44465067@treenet.co.nz<mailto:58c41ee7-b88c-4d5a-bd12-220d44465067@treenet.co.nz</a>>><br>
Content-Type: text/plain; charset=UTF-8; format=flowed<br>
<br>
On 23/04/24 11:52, Jonathan Lee wrote:<br>
> Hello fellow Squid Accelerator/Dynamic Cache/Web Cache Users/PfSense users<br>
><br>
> I think this might resolve any container based issues/fears if they<br>
> happened to get into the cache. Ie a Docker Proxy got installed and<br>
> tried to data marshal the network card inside of a freeBSD jail or<br>
> something like that. Biggest fear with my cache it is a big cache now<br>
><br>
> Please yet me know what you think or if it is wrong.<br>
><br>
> Here is my configuration. I wanted to share it as it might help to<br>
> secure some of this.<br>
<br>
FTR, this config was auto-generated by pfsense. A number of things which<br>
that tool forces into the config could be done much better in the latest<br>
Squid, but the tool does not do due to needing to support older Squid<br>
version.<br>
<br>
<br>
><br>
> Keep in mine I use cachemgr.cgi within Squidlight so I had to set the<br>
> password and I have to also adapt the php status file to include the<br>
> password and also the sqlight php file.<br>
><br>
> After that the status and gui pages work still with the new password.<br>
> Only issues area that it shows up in clear text when it goes over the<br>
> proxy I can see my password clear as day again that was an issue listed<br>
> inside the Squid O?REILLY book also.<br>
<br>
<br>
Please ensure you are using the latest Squid v6 release. That release<br>
has both a number of security fixes, and working https:// URL access to<br>
the manager reports.<br>
<br>
The cachemgr.cgi tool is deprecated fro a number of issues including<br>
that style of embedding passwords in the URLs.<br>
<br>
Francesco and I have created a tool that can be found at<br>
<<a href="https://github.com/yadij/cachemgr.js/blob/master/README.md">https://github.com/yadij/cachemgr.js/blob/master/README.md</a><<a href="https://github.com/yadij/cachemgr.js/blob/master/README.md">https://github.com/yadij/cachemgr.js/blob/master/README.md</a>>>
for basic<br>
access to the reports directly from Browser.<br>
That tool uses HTTP authentication configured via the well-documented<br>
proxy_auth ACLs and http_access for more secure access than the old URL<br>
based mechanism (which still exists, just deprecated).<br>
<br>
<br>
<br>
Cheers<br>
Amos<br>
<br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org%3cmailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org</a>><br>
<a href="https://lists.squid-cache.org/listinfo/squid-users">https://lists.squid-cache.org/listinfo/squid-users</a><<a href="https://lists.squid-cache.org/listinfo/squid-users">https://lists.squid-cache.org/listinfo/squid-users</a>><br>
<br>
<br>
------------------------------<br>
<br>
End of squid-users Digest, Vol 116, Issue 31<br>
********************************************<br>
CONFIDENTIALITY NOTICE: The information contained in and attached to this email is intended only for the confidential use of the person or entity to which the email is addressed. This email and any attachments may contain privileged and confidential information.
If you are not the intended recipient, you are notified that you received this email in error and that any reading, retention, use or distribution of this email and attachments is strictly prohibited. If you received this email in error, you are requested
to immediately notify us by calling 888-728-3550 or by return email and immediately and permanently delete the email and any attachments. Thank you.<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.squid-cache.org/pipermail/squid-users/attachments/20240521/c5379930/attachment.htm">http://lists.squid-cache.org/pipermail/squid-users/attachments/20240521/c5379930/attachment.htm</a>><br>
-------------- next part --------------<br>
A non-text attachment was scrubbed...<br>
Name: 0.jpg<br>
Type: image/jpeg<br>
Size: 6398 bytes<br>
Desc: not available<br>
URL: <<a href="http://lists.squid-cache.org/pipermail/squid-users/attachments/20240521/c5379930/attachment.jpg">http://lists.squid-cache.org/pipermail/squid-users/attachments/20240521/c5379930/attachment.jpg</a>><br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
<a href="https://lists.squid-cache.org/listinfo/squid-users">https://lists.squid-cache.org/listinfo/squid-users</a><br>
<br>
<br>
------------------------------<br>
<br>
End of squid-users Digest, Vol 117, Issue 23<br>
********************************************<o:p></o:p></p>
</div>
</body>
</html>