Newest squid Questions

Q&A for system and network administrators

Do Response Headers affect how Chrome processes pages?

I have a Squid Proxy in Reverse proxy mode forwarding requests to NGINX, I would like to remove all headers which are giving out information about the web server, proxy etc. Currently I have Via ...

Configure squid to handle relative urls

I built squid 3.5.23 as follows: ./configure --prefix=/usr/local/squid make all make install Here is the default squid.conf used by the version. I made minimal modifications to to the file to make ...

Squid service starts and stops forever

so i have a server with Ubuntu 16.04. There runs a Squid ( Squid Cache: Version 3.5.12 ). It should function as forward proxy, authenticating the user then leading him/her forward to a peer. But ...

Which software could I use to setup reverse proxy that sends files while caching?

I need to set up a HTTP reverse proxy that will be able to cache requests to the upstream server. The upstream server serves only static files. The issue I am facing is that I need a proxy that is ...

Custom Error Page (deny_info) for HTTPS

I have the following ACLs here at my squid.conf with a custom "error page" file called ERR_TJS, located at "/usr/share/squid/errors/English": acl tjs_sites url_regex "/etc/squid/sites_regex.acl" acl ...

Squid Proxy error for ftps

I'm running Squid v3.5.15 (installed on Windows Server 2012R2) as a simple relay to other external servers. Using Total Commander to connect, everything works for ftp, but fails for ftps. What have I ...

Squid 502 errors

I am using Squid 3.3.13 with no cache enabled and all my clients in LAN are using it to access to HTTP and HTTPS websites. I am not using it as transparent proxy but clients have it configured in OS ...

Squid Proxy and Microsoft AD Certificate Services

I've got a Squid proxy server using the sslbump feature that works fine with self-signed certs, but the browsers complain about it. Now I'm trying to setup the Squid server as a subordinate CA of our ...

How to proxy HTTPS and strip SSL (probably with Squid)

I'm trying to set up a transparent HTTPS proxy that intercepts requests, and passes them to a upstream HTTP proxy server. client (trusting HTTPS proxy's CA) -> HTTPS proxy -> HTTP proxy -> .....

Squid connection refused after super simple one row in config

I've just started digging in squid, installed it and run. I suppose it works (from localhost), telnet localhost:3128 works as well as curl https://google.com -x localhost:3182. I want squid to be ...

How to enable SOCKS5 for Squid proxy?

Squid'd default is to operate as an HTTP proxy; however, this FAQ https://docstore.mik.ua/squid/FAQ-4.html#ss4.10 says "No changes are necessary to use Squid with socks5. Simply add the usual -Dbind=...

Transparent HTTPs proxy with Squid 3.5

For couple of days I'm trying to figure out how to get a transparent HTTPs proxy to work with Squid. What I'm trying to achieve is a proxy that accepts internet traffic from ports 80 & 443, routes ...

Can Squid calculate all bytes when communicate with client for a connection

I want to calculate all bytes when a request is sent to squid, including: the header length that client will send to squid the post content length that send to squid the response length squid will ...

Not able block or filter https sites in pfsense using squid

I am not able block or filter https sites in pfsense using squid.. If i am enabling "SSL Man In the Middle Filtering" than every https sites showing "Your connection is not Private" in my network ...

Where is the response size in Squid's access.log?

I need to make a program that logs bandwidth usage per-user of a squid proxy. In my access.log I see output such as... 1481377143.042 0 104.123.25.183 TCP_DENIED/407 3829 CONNECT scontent.xx....

Squid form based authentication

I use Squid as a reverse proxy to publish web resources with limited access. I've configured it to check user credentials using standard web browser form (Basic authentication). Is it possible to ...

How to forward HTTPS trafic from a GW server to VPS squid CONNECT server?

Here is what am seeking after: i have 2 hosts x.x.x.1, x.x.x.2 and gateway y.y.y.y and external VPS squid server z.z.z.z host x.x.x.1 for example send request to https://website.example i have website....

Connect request method squid

I have a squid3 with ubuntu that runs with an android app. But he presents me with the following message: GET/POST/DELETE/CONNECT/HEAD... Make sure your remote HTTP proxy allow the request method ...

Using squid as a transparent proxy with two VMs

I want to block certain sites in a VM (say, Ubuntu Linux) while editing the .conf file of squid (/etc/squid/squid.conf) located in another VM (say, RedHat). How should I edit the .conf file? Thank you....

Getting error “Connection Failed” for HTTPS sites when using squid as man in the middle with self signed certificates and ssl_bump server-first

Squid 3.5 installed on fedora Created self signed certificate using openssl with hash- sha-256 and key value- 2048 Following is the squid configuration: https_port x.x.x.x:3129 generate-host-...

squid tprxoy mode connection timeout

i had config my server according to http://wiki.squid-cache.org/Features/Tproxy4 but now the issue is that when i add below lines to squid server, it(squid) return error 110 connection time out as the ...

Vagrant dev env forwarding requests to staging and filtering & replacing certain files with local versions

I want to create a Vagrant dev environment where a dev would be able to hit dev.example.com and the vagrant machine would make the same request to staging.example.com except filter out some files, say ...

squidclient Monitoring without CONNECT method

I have some squid servers, which I monitor with the squidclient mgr:5min command. I would like to monitor http service time with; squidclient mgr:5min | grep "client_http.all_median_svc_time" ...

Skype for business connected to Ubuntu gateway

I have a Ubuntu 16.04 server with Squid 3.5.22 installed. It is configured to intercept HTTP and HTTPS traffic (Transparent). So iptables redirects were used for ports 80 and 443. When I connect a ...

Kerberos authentication issues behind RODC

We have a branch office in Costa Rica where, back then, we had implemented a Squid proxy with SSO using AD and it was working perfectly. Just recently we implemented an RODC at the site. Once that ...

Squid - customize retry_on_error even without “real” error

My team uses Squid to proxy and cache certain external content in my application. In particular, we are looking to use it to cache images that come from the Google Static Maps API. Sometimes, however, ...

Single NIC Squid Box in DMZ - Requsted URL could not be retrieved

I have a Windows 2012 machine that is used as an internet gateway for users. It has two network interfaces: external one with white IP and internal in 192.168.4.0/24 subnet. This machine has a billing ...

Unable to Access SSL-encrypted MAMP site over LAN using Squid proxy (Non-SSL sites working fine)

I've got a development site running on a host machine (mac os x) in MAMP that I want to view on a client machine (and also on mobile devices - all mac os). All are connected to the same LAN (wifi). I ...

Squid proxy server configuration for incoming requests

We have a squid (squid-3.3.8-26.el7_2.4.x86_64) process running on Linux (Redhat 7.2) host. /etc/squid/squid.conf has following source entries to allow incoming requests: acl compinternal src 10.54....

Squid 3.3.8 not caching on Ubuntu 14.04

3.8 on ubuntu 14.04. After configuring Squid, the access log of squid is updating as TCP_MISS 200 but it is not getting cached. ###################SQUID CONF entries ##################### acl ...

squid block domain transparent

How to block domain with transparent on Debian Squid? http_port 3128 transparent but I still have to set the manual proxy on the browser. NB: I'm using Debian Wheezy with squid 2.7

Error when reload the squid configuration in smp mode

I have squid 3.5.12 in Ubuntu 16.04 in smp mode running ok, but when execute squid -k reconfigure squid crash and no accept incoming request. The error is: Ipc::Mem::Segment::open failed to ...

squid: how-to proxy traffic from incoming interface to outgoing interface

Could you please advise on the following: infra-server with IP x.x.x.x (with no internet connectivity) does the following request: $ wget http://google.com --2016-11-04 09:32:55-- http://google.com/...

Configure Squid proxy server or pfsense to achieve WLAN URL logging

Using Squid proxy server and pfsense are out of my comfort zone, I have managed to install Squid on an Ubuntu server and give it a static IP and connect to it via LAN after setting HTTP_access to ...

How to relay videos blocked by firewall on client side? [closed]

We have embedded Vimeo videos on a site accesible only to logged in users. Because of different firewalls, using different types of blocks, the videos sometimes do not work for the client. We cannot: ...

Squid - Whitelist a perticular Git Repo

This is how my proxy_whitelist.config file looks like; .ubuntu.com .redhat.com It is working fine. I need to allow my users access to a perticular Git Repo. I tried the following .github.com/...

Set IP address for virtual network interface

I have virtual interface tun0 connected to my vpn provider. I used the following commands to set it up with openvpn (route_up.sh): #!/bin/sh ip route add default via $route_vpn_gateway dev $dev table ...

How is LDAP supposed to be used with sarg (Squid Analysis Report Generator)?

The sarg.conf documentation implies that LDAP can be used to lookup a username from an ip address or hostname by setting the line 'usertab ldap'. But it is my understanding that LDAP can't be used for ...

how-to force internet traffic go via a proxy

Could you please advise me on the following: infra-server has no internet connectivity. proxy-server has internet connectivity When I do from the infra-server infra-server#export http_proxy=http://...

My Squid proxy shuts down my internet and doesn't log my internet

I just installed pfsense 2.3 and added squid to it, made this configuration, and when I enable it then configure my browser (Chrome) to use the proxy, every site becomes unreachable, no more internet ...

Configure squid 3.5 to use different parent proxies for different listening ports

I have following configuration now: # Squid normally listens to port 3128 http_port 3128 cache_peer proxy1_address parent proxy1_port 0 proxy-only default login=name1:pass1 never_direct allow all ...

force squid to recheck the peer

i need the squid cache as a reverse proxy for my webservers, i had installed squid 3.5 and used attached config but there is an issue. i need to force the squid to retry for 5 times by 2 seconds when ...

Squid3 a lot of access.log

Well, i'm new in Squid3 and i configured only one machine to use this proxy, just for test. But the access.log don't stop to grown, like someone is using right now, but i know that only machine should ...

CA certificate trouble with Squid on CentOS7

I'm administrating a corporate web proxy running Squid 3.5.10 on CentOS 7 (a Diladele appliance), doing SSL bumping, and I'm having some trouble with adding new CA certificates to the system trust ...

Squid3 3.4.8 not caching

I'm using Squid3 on debian. Process is started. Client is directed to server via internet options. cat /var/log/squid3/access.log gives empty response and cat /var/log/squid3/cache.log gives ...

How orgineze two port for squid server

I have squid server installed on centos 6.x. Squid server authenticates users by LDAP server on port 3128. Can I open other one port for Squid server without any authenticating. How?

Put a server or two behind a proxy

A little background on why I'm asking this question. We've been recently getting DDoS and other attacks on our Direct Access servers, and when these attacks come in, it dramatically slows down the ...

OpenVPN TLS Handshake failed

it is a long time I try to solve this problem but, also trying all the suggestions found in this site, I didn't solve mi problem. I installed OpenVPN on a CentOS server. This server works also with a ...

Random Squid error while browsing

I have squid 3.5.19 running on a Ubuntu Server 16.04.1. It is seemingly working fine, however, every now and then i get the following error: The following error was encountered while trying to ...

Squid3 Restrict user to use a single ip

I would like to restrict users to single IP so that each will get their own dedicated IP. Currently, I set up squid with a single IP for multiple users. I follow this instruction to setup the squid ...
Translating... 0%