[squid-users] cache peer only forward http , not https !!!
Ahmad Alzaeem
ahmed.zaeem at netstream.ps
Wed Nov 11 10:04:36 UTC 2015
Bro you were awsome !
Thank you it worked
I appreciate your help a lot
I wish there is feedback in mailing list to give you 5/5 stars
:)
cheers
From: Yuri Voinov [mailto:yvoinov at gmail.com]
Sent: Wednesday, November 11, 2015 1:04 PM
To: Ahmad Alzaeem
Cc: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] cache peer only forward http , not https !!!
You need to locate URLs which must be forward to parent.
If this is all URL's, config must looks like this:
never_direct allow all
cache_peer <peer_ip> parent <peer_port> 0 no-query no-digest default
cache_peer_access 127.0.0.1 allow all
And, finally, you must use Squid 3.5.x. Thit will not be work on 3.4.x.
11.11.15 14:39, Ahmad Alzaeem пишет:
Here is what I mean
[2.2.2-RELEASE][root at pfSense.mne <mailto:root at pfSense.mne> ]/root: tail -f /var/squid/logs/access.log
1447234509.328 9718 172.23.101.251 TCP_MISS/200 1448 CONNECT tiles-cloudfront.cdn.mozilla.net:443 - HIER_DIRECT/54.192.55.248 -
1447234514.482 9622 172.23.101.251 TCP_MISS/200 1448 CONNECT shavar.services.mozilla.com:443 - HIER_DIRECT/54.187.101.179 -
1447234519.858 59952 172.23.101.251 TCP_MISS/503 0 CONNECT www.youtube.com:443 <http://www.youtube.com:443> - HIER_NONE/- -
1447234560.135 71105 172.23.101.251 TCP_MISS/503 0 CONNECT incoming.telemetry.mozilla.org:443 - HIER_NONE/- -
1447234569.644 70033 172.23.101.251 TCP_MISS/503 0 CONNECT tiles-cloudfront.cdn.mozilla.net:443 - HIER_NONE/- -
1447234569.644 70033 172.23.101.251 TCP_MISS/503 0 CONNECT tiles-cloudfront.cdn.mozilla.net:443 - HIER_NONE/- -
1447234569.644 70033 172.23.101.251 TCP_MISS/503 0 CONNECT tiles-cloudfront.cdn.mozilla.net:443 - HIER_NONE/- -
1447234575.091 60607 172.23.101.251 TCP_MISS/503 0 CONNECT shavar.services.mozilla.com:443 - HIER_NONE/- -
1447234605.998 76379 172.23.101.251 TCP_MISS/503 0 CONNECT self-repair.mozilla.org:443 - HIER_NONE/- -
1447234651.018 75705 172.23.101.251 TCP_MISS/503 0 CONNECT safebrowsing.google.com:443 - HIER_NONE/- -
cheers
From: Yuri Voinov [mailto:yvoinov at gmail.com]
Sent: Wednesday, November 11, 2015 12:49 AM
To: Ahmad Alzaeem
Cc: squid-users at lists.squid-cache.org; 'Amos Jeffries'
Subject: Re: [squid-users] cache peer only forward http , not https !!!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Are you see in access.log ip:443 CONNECT records?
I.e., does your HTTPS traffic incoming to Squid?
11.11.15 1:45, Ahmad Alzaeem пишет:
> Hi I don’t have ssl pump
>
>
>
> All my users user ip:port to have internet
>
>
>
>
>
> I already have ISA windows server and it works with http and
https
>
>
>
> Im wondering why all complexity needed for peer https
>
> !!!
>
>
>
>
>
> Anyway hnere is squid.conf
>
>
>
> # This file is automatically generated by pfSense
>
> # Do not edit manually !
>
>
>
> http_port 172.23.101.253:3128
>
> icp_port 0
>
> dns_v4_first on
>
> pid_filename /var/run/squid/squid.pid
>
> cache_effective_user proxy
>
> cache_effective_group proxy
>
> error_default_language en
>
> icon_directory /usr/pbi/squid-amd64/local/etc/squid/icons
>
> visible_hostname mne
>
> cache_mgr azaeem at mne.ps <mailto:azaeem at mne.ps> <mailto:azaeem at mne.ps> <mailto:azaeem at mne.ps>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151111/1af04a5d/attachment.html>
More information about the squid-users
mailing list