Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [squid]

Squid is a FOSS package licensed under the GNU GPL and is primarily used as a web proxy server and cache.

Squid is a FOSS package licensed under the GNU GPL primarily used as a web proxy server and cache.

In addition to its primary usages for web proyying and caching, it supports FTP and has limited support for several other protocols, including TLS, SSL, HTTPS and Gopher.

It has a wide variety of uses, from speeding up a web server by caching repeated requests (reverse proxy); to caching web, DNS and other computer network lookups for a group of people sharing network resources (regular proxy); to improving security by filtering traffic (layer 7 firewall).

Squid's homepage is here, and its Wikipedia entry is here.

1363 questions
6
votes
1 answer

Encrypt client connection with squid forward proxy using SSL

I'm setting up a Squid forward proxy and I'm wondering if I could configure Squid in such a way that the connection from my web browser to squid is https regardless of whether the connection from squid to the destination website is http or https. In…
Twisted Whisper
  • 193
  • 1
  • 6
6
votes
1 answer

Squid 3 reloading makes it stop serving requests

So, we use Squid 3 here (3.0.STABLE8-3+lenny4), pretty standard configuration (no dansguardian or similar) + NTLM authentication with LDAP background, circa 1000 users on a busy day, and our acls reference some external files (allowed/blocked…
coredump
  • 12,573
  • 2
  • 34
  • 53
6
votes
1 answer

refresh squid rules after every change

I have squid proxy server running on ubuntu. I wrote set of rules for acl including something like: acl exceeded_users proxy_auth "/etc/squid/users/exceeded" http_access deny exceeded_users all_dst if any user exceed the bandwidth limit then his…
Unknown
  • 81
  • 1
  • 1
  • 6
6
votes
2 answers

Apache2: Limit simultaneous requests & throttle bandwidth per IP/client?

I want to limit simultaneous requests & throttle bandwidth per IP/Client on a single apache vhost. In other words, I want to ensure that this site, which hosts large media files, doesn't get hammered by someone trying to download everything all at…
xentek
  • 351
  • 1
  • 2
  • 7
5
votes
1 answer

How to health check Squid server with ELB?

I wanted to have an HA forward proxy solution using Squid, and I am trying to use the Squid servers behind ELB solution on page 41. However, my forward proxy service is a service meant to forwarding traffic to an internal network (back to my corp…
chen
  • 319
  • 1
  • 5
  • 13
5
votes
3 answers

Local transparent proxy

I have an application that does not support proxy but I need to send it's traffic to a local proxy. I want to set IPTABLES to transparently redirect traffic to a given IP and PORT (80) to be intercepted and redirected to the local…
Jofre
  • 529
  • 1
  • 4
  • 11
5
votes
3 answers

How to get Squid to not cache files with certain extensions?

I've found information on how to keep squid from caching domains/IP addresses, however, that's not quite what I want. I'd like to prevent it from caching .jnlp and .jar files. The core problem being that when I push updates out to our server, our…
Brian Knoblauch
  • 2,188
  • 2
  • 32
  • 45
5
votes
2 answers

Squid Not Blocking SSL HTTPS Properly

So my goal here it to block only certain youtube channels. If I do: acl block_youtube dstdomain .youtube.com http_access deny block_youtube it blocks any access to youtube. if I do: acl block_youtube url_regex -i…
John
  • 157
  • 2
  • 10
5
votes
1 answer

Squid log https without SSL Bumping

I have implemented a transparent squid3 proxy for logging purposes. I won't be doing SSL bumping / HTTPS decryption, as this is too much to install a cert on every client. However, I would like to log the CONNECT URL data passed to squid. For some…
dthree
  • 347
  • 1
  • 8
  • 24
5
votes
1 answer

Whitelisting outgoing traffic from docker containers

I have a server running multiple docker containers in the following configuration: One of the containers is a reverse proxy binding to the exposed ports of the other containers. This is the only container accepting connections from the outside…
ajaali
  • 161
  • 1
  • 6
5
votes
1 answer

Squid running out of filedescriptors on CentOS 7

I'm running Squid 3.3 (EPEL) on CentOS 7 and recently I have been getting the following error message in my cache.log WARNING! Your cache is running out of filedescriptors I am slightly confused by this because I seem to have ample descriptors…
James White
  • 654
  • 3
  • 17
  • 32
5
votes
2 answers

iptables block client ip internet access and keep LAN access

With the increase of appliances having network access and the potential for hacking, I want to block specific ip address from accessing the internet, but allow LAN access. For instance, I use a Logitech Harmony remote to control my stereo,…
Bert Stevens
  • 51
  • 1
  • 1
  • 2
5
votes
5 answers

Squid to cache youtube and windows update content

I Have a squid server (transparent) and I want to cahce youtube videos and windows updates. I know that someone has posted a similar question and I have looked at this post but I am configuring this with webmin and would like to know how to set it…
JohnyV
  • 938
  • 4
  • 26
  • 45
5
votes
1 answer

Squid 3.2 - Proper configuration for random outbound IP with a single user authentication?

I'm attempting to use AclRandom for Squid 3.2 and I think I'm a bit confused on the proper method for this. Here is my configuration: http_port 3128 auth_param basic program /usr/local/squid32/libexec/basic_ncsa_auth…
Geesu
  • 235
  • 4
  • 9
5
votes
1 answer

Squid SSL transparent proxy - SSL_connect:error in SSLv2/v3 read server hello A

I am trying to setup a SSL proxy for one of my internal servers to visit https://www.googleapis.com using Squid, to make my Rails application on that server to reach googleapis.com via the proxy. I am new to this, so my approach is to setup a SSL…
larryzhao
  • 205
  • 4
  • 8
1 2 3
90 91