Newest squid Questions

Q&A for system and network administrators

Configure Squid proxy server or pfsense to achieve WLAN URL logging

Using Squid proxy server and pfsense are out of my comfort zone, I have managed to install Squid on an Ubuntu server and give it a static IP and connect to it via LAN after setting HTTP_access to ...

Squid - Whitelist a perticular Git Repo

This is how my proxy_whitelist.config file looks like; .ubuntu.com .redhat.com It is working fine. I need to allow my users access to a perticular Git Repo. I tried the following .github.com/...

squid with iptables bypass https

I just want make internet anonymous transparent proxy that bypass traffic just want hide client ip but its not work for https .. I dont want to use sslbump or etc just want to bypass traffic I ...

How to relay videos blocked by firewall on client side? [closed]

We have embedded Vimeo videos on a site accesible only to logged in users. Because of different firewalls, using different types of blocks, the videos sometimes do not work for the client. We cannot: ...

My Squid proxy shuts down my internet and doesn't log my internet

I just installed pfsense 2.3 and added squid to it, made this configuration, and when I enable it then configure my browser (Chrome) to use the proxy, every site becomes unreachable, no more internet ...

OpenVPN TLS Handshake failed

it is a long time I try to solve this problem but, also trying all the suggestions found in this site, I didn't solve mi problem. I installed OpenVPN on a CentOS server. This server works also with a ...

Single NIC Squid Box in DMZ - Requsted URL could not be retrieved

I have a Windows 2012 machine that is used as an internet gateway for users. It has two network interfaces: external one with white IP and internal in 192.168.4.0/24 subnet. This machine has a billing ...

Squid form based authentication

I use Squid as a reverse proxy to publish web resources with limited access. I've configured it to check user credentials using standard web browser form (Basic authentication). Is it possible to ...

Using squid as a transparent proxy with two VMs

I want to block certain sites in a VM (say, Ubuntu Linux) while editing the .conf file of squid (/etc/squid/squid.conf) located in another VM (say, RedHat). How should I edit the .conf file? Thank you....

Connect request method squid

I have a squid3 with ubuntu that runs with an android app. But he presents me with the following message: GET/POST/DELETE/CONNECT/HEAD... Make sure your remote HTTP proxy allow the request method ...

Squid log https without SSL Bumping

I have implemented a transparent squid3 proxy for logging purposes. I won't be doing SSL bumping / HTTPS decryption, as this is too much to install a cert on every client. However, I would like to ...

force squid to recheck the peer

i need the squid cache as a reverse proxy for my webservers, i had installed squid 3.5 and used attached config but there is an issue. i need to force the squid to retry for 5 times by 2 seconds when ...

Squid connection refused after super simple one row in config

I've just started digging in squid, installed it and run. I suppose it works (from localhost), telnet localhost:3128 works as well as curl https://google.com -x localhost:3182. I want squid to be ...

how-to force internet traffic go via a proxy

Could you please advise me on the following: infra-server has no internet connectivity. proxy-server has internet connectivity When I do from the infra-server infra-server#export http_proxy=http://...

squid tprxoy mode connection timeout

i had config my server according to http://wiki.squid-cache.org/Features/Tproxy4 but now the issue is that when i add below lines to squid server, it(squid) return error 110 connection time out as the ...

Configure squid to handle relative urls

I built squid 3.5.23 as follows: ./configure --prefix=/usr/local/squid make all make install Here is the default squid.conf used by the version. I made minimal modifications to to the file to make ...

How to proxy HTTPS and strip SSL (probably with Squid)

I'm trying to set up a transparent HTTPS proxy that intercepts requests, and passes them to a upstream HTTP proxy server. client (trusting HTTPS proxy's CA) -> HTTPS proxy -> HTTP proxy -> .....

Squid reverse-proxy to Wordpress vhost

I have an AWS VM running Ubuntu with Apache2. I have two vhosts, both pointing to different Wordpress installs. I want to set up a Squid reverse proxy for only one of the vhosts. My squid.conf reads:...

squid: how-to proxy traffic from incoming interface to outgoing interface

Could you please advise on the following: infra-server with IP x.x.x.x (with no internet connectivity) does the following request: $ wget http://google.com --2016-11-04 09:32:55-- http://google.com/...

How to forward HTTPS trafic from a GW server to VPS squid CONNECT server?

Here is what am seeking after: i have 2 hosts x.x.x.1, x.x.x.2 and gateway y.y.y.y and external VPS squid server z.z.z.z host x.x.x.1 for example send request to https://website.example i have website....

How to enable SOCKS5 for Squid proxy?

Squid'd default is to operate as an HTTP proxy; however, this FAQ https://docstore.mik.ua/squid/FAQ-4.html#ss4.10 says "No changes are necessary to use Squid with socks5. Simply add the usual -Dbind=...

Squid Proxy error for ftps

I'm running Squid v3.5.15 (installed on Windows Server 2012R2) as a simple relay to other external servers. Using Total Commander to connect, everything works for ftp, but fails for ftps. What have I ...

Do Response Headers affect how Chrome processes pages?

I have a Squid Proxy in Reverse proxy mode forwarding requests to NGINX, I would like to remove all headers which are giving out information about the web server, proxy etc. Currently I have Via ...

Error when reload the squid configuration in smp mode

I have squid 3.5.12 in Ubuntu 16.04 in smp mode running ok, but when execute squid -k reconfigure squid crash and no accept incoming request. The error is: Ipc::Mem::Segment::open failed to ...

Squid proxy server configuration for incoming requests

We have a squid (squid-3.3.8-26.el7_2.4.x86_64) process running on Linux (Redhat 7.2) host. /etc/squid/squid.conf has following source entries to allow incoming requests: acl compinternal src 10.54....

Squid TPROXY on Ubuntu Router/Gateway

Okay, so I have an Ubuntu box acting as Router/Gateway for my LAN; with 3 network cards, 2 for WAN and 1 for the local network. It is setup to load balance between the WAN and failover when needed. ...

Transparent HTTPs proxy with Squid 3.5

For couple of days I'm trying to figure out how to get a transparent HTTPs proxy to work with Squid. What I'm trying to achieve is a proxy that accepts internet traffic from ports 80 & 443, routes ...

Getting “Response is stale” from Squid proxy [closed]

I'm looking at the logs in Chrome dev tools. I can also see it using curl. Here is the output of curl Content-Type: application/javascript Date: Sat, 24 Sep 2016 01:16:37 GMT ETag: "...

Set IP address for virtual network interface

I have virtual interface tun0 connected to my vpn provider. I used the following commands to set it up with openvpn (route_up.sh): #!/bin/sh ip route add default via $route_vpn_gateway dev $dev table ...

Having Issue with Squid 3.3.8 on Ubuntu 14.04

Squid 3.3.8 on ubuntu 14.04. After configured Squid I am able to access the squid access log as tcp_miss 200 but it is not getting cached so please let me know whether Squid 3.3.8 is compatible with ...

Where is the response size in Squid's access.log?

I need to make a program that logs bandwidth usage per-user of a squid proxy. In my access.log I see output such as... 1481377143.042 0 104.123.25.183 TCP_DENIED/407 3829 CONNECT scontent.xx....

Not able block or filter https sites in pfsense using squid

I am not able block or filter https sites in pfsense using squid.. If i am enabling "SSL Man In the Middle Filtering" than every https sites showing "Your connection is not Private" in my network ...

Can't connect to HTTPS websites via squid proxy

I've just tried to create a proxy server on a OpenVZ VPS in CentOS7. All good, but I can't access https websites like google, instagram, facebook, etc..it says timeout, took too long to respond. I've ...

Skype for business connected to Ubuntu gateway

I have a Ubuntu 16.04 server with Squid 3.5.22 installed. It is configured to intercept HTTP and HTTPS traffic (Transparent). So iptables redirects were used for ports 80 and 443. When I connect a ...

Squid Proxy and Microsoft AD Certificate Services

I've got a Squid proxy server using the sslbump feature that works fine with self-signed certs, but the browsers complain about it. Now I'm trying to setup the Squid server as a subordinate CA of our ...

Squid 3.3.8 not caching on Ubuntu 14.04

3.8 on ubuntu 14.04. After configuring Squid, the access log of squid is updating as TCP_MISS 200 but it is not getting cached. ###################SQUID CONF entries ##################### acl ...

Squid3 3.4.8 not caching

I'm using Squid3 on debian. Process is started. Client is directed to server via internet options. cat /var/log/squid3/access.log gives empty response and cat /var/log/squid3/cache.log gives ...

Put a server or two behind a proxy

A little background on why I'm asking this question. We've been recently getting DDoS and other attacks on our Direct Access servers, and when these attacks come in, it dramatically slows down the ...

Kerberos authentication issues behind RODC

We have a branch office in Costa Rica where, back then, we had implemented a Squid proxy with SSO using AD and it was working perfectly. Just recently we implemented an RODC at the site. Once that ...

How is LDAP supposed to be used with sarg (Squid Analysis Report Generator)?

The sarg.conf documentation implies that LDAP can be used to lookup a username from an ip address or hostname by setting the line 'usertab ldap'. But it is my understanding that LDAP can't be used for ...

browser, proxy.pac, fallback to direct access

We have a linux 3.16 with squid 3.4.8 listening on port 3128 ( not transparent proxy ). And about 1200 windows clients, spread on 50 different sites. They use the proxy to navigate on internet. Our ...

squidclient Monitoring without CONNECT method

I have some squid servers, which I monitor with the squidclient mgr:5min command. I would like to monitor http service time with; squidclient mgr:5min | grep "client_http.all_median_svc_time" ...

Random Squid error while browsing

I have squid 3.5.19 running on a Ubuntu Server 16.04.1. It is seemingly working fine, however, every now and then i get the following error: The following error was encountered while trying to ...

Squid - customize retry_on_error even without “real” error

My team uses Squid to proxy and cache certain external content in my application. In particular, we are looking to use it to cache images that come from the Google Static Maps API. Sometimes, however, ...

CA certificate trouble with Squid on CentOS7

I'm administrating a corporate web proxy running Squid 3.5.10 on CentOS 7 (a Diladele appliance), doing SSL bumping, and I'm having some trouble with adding new CA certificates to the system trust ...

Can Squid calculate all bytes when communicate with client for a connection

I want to calculate all bytes when a request is sent to squid, including: the header length that client will send to squid the post content length that send to squid the response length squid will ...

Vagrant dev env forwarding requests to staging and filtering & replacing certain files with local versions

I want to create a Vagrant dev environment where a dev would be able to hit dev.example.com and the vagrant machine would make the same request to staging.example.com except filter out some files, say ...

Squid ACL - IP ranges not working

In my Squid FW I have a list of domains where I want to bypass NTLM. I have achieved that with the following: #URLS to bypass the trip acl BYPASS_DOMAIN dstdomain "C:/bypass_domain.txt" #TAG: Bypass ...

Squid Not Blocking SSL HTTPS Properly

So my goal here it to block only certain youtube channels. If I do: acl block_youtube dstdomain .youtube.com http_access deny block_youtube it blocks any access to youtube. if I do: acl ...

Squid Enable SSL not working

So I've compiled Squid myself with the following options: Squid Cache: Version 3.3.8 configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${...
Translating... 0%