[squid-users] filtering http(s) sites, transparently

Yuri Voinov yvoinov at gmail.com
Wed Oct 26 18:55:50 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 


27.10.2016 0:54, Jok Thuau пишет:
>
> On Wed, Oct 26, 2016 at 11:45 AM, Yuri Voinov <yvoinov at gmail.com
<mailto:yvoinov at gmail.com>> wrote:
>
>
>
>     Jok,
>
>     it can be DNS leak. Does you tested it? 8.8.8.8 can be poisoned
(probably) or intercepted by ISP.
>
>
> DNS is working fine and is not being poisoned/intercepted/messed with.
The records that come back from the google servers appear to not be
consistent (likely due to some anycast system, and not talking each time
to the same "host"). So when i request the same records back to back,
each results in one record, and that record changes really fast
(non-coherent set of data, so the results are correct, but random).
Setting up the client and the proxy to use a common infrastructure for
DNS (dnsmasq on the network) helped a lot.
Yes, this is common and best practice already. I think, time to write
article on Wiki ;)
>
> Thanks,
> Jok

- -- 
Cats - delicious. You just do not know how to cook them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJYEPw1AAoJENNXIZxhPexGIW0H/Rk82EjHy/UfQm44SvsHgBeq
Pw5b1yavLtFNXSpRsLyw8wekepJvLLk1XEtGWbLC33Z3O7REBYXL2nzXD9iNzFbp
RhdF4aaIgCfp+WqHtVxRgnqoHNAmDs2U7uhJqYmXIubvbFyddRwwh/vS2Ns89/t7
BK9GuqkkeG4PrGG3ogAX8YpRaE57LaTcDXrOlco5JU/wGkxbMJzUxOvmFyl+0SLI
4xbUBgEaFFAAmJ46PWm3c8e+zo5O6k2E86asfDJUCMtnKvRPnhce8MxTH8MwkLxl
GR5UNyVAIpYWlJAqjDRRwYlEcTGfxofyZD3SKKDUP4SduwicdZArBGGirtKUdJA=
=uXwb
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161027/b485bc05/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x613DEC46.asc
Type: application/pgp-keys
Size: 2437 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161027/b485bc05/attachment.key>


More information about the squid-users mailing list