Search squid archive

Re: Squid 4: Cloudflare SSL connection problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
UPDATE:

Every failed connect produce the next sequence in access.log:

1460474791.631  15444 192.168.100.103 NONE_ABORTED/200 0 CONNECT 198.41.215.162:443 - ORIGINAL_DST/198.41.215.162 -
1460474791.658      0 192.168.100.103 NONE/503 3951 GET https://www.cloudflare.com/* - HIER_NONE/- text/html

Note: 198.41.215.162 is current cloudflare.com IP.

Also: NONE_ABORTED/200 is often occurs in access.log with another accessible sites.

12.04.16 20:03, Yuri Voinov пишет:
>
> UPDATE:
>
> https://i1.someimage.com/b8w5dFz.png
>
> This is answer from Cloudflare support.
>
> But: 3.5.16 can deal with ECDSA TLS 1.2 but 4.0.8 not?
>
> 12.04.16 17:55, Yuri Voinov пишет:
> > Does anybody faces this problem with 4.0.8:
>
> > https://i1.someimage.com/3lD2cvV.png
>
> > ?
>
> > It accomplished this error in cache.log:
>
> > 2016/04/12 17:39:38 kid1| Error negotiating SSL on FD 54:
> error:00000000:lib(0):func(0):reason(0) (5/0/0)
>
> > and "NONE/503" in access.log.
>
> > Without proxy works like sharm. 3.5.16 with the similar squid.conf
> works like sharm.
>
> > NB: Cloudflare support said, that they key feature for SSL is SNI and
> ECDSA now. AFAIK, 4.0.8 is fully supports this features.
>
> > Any advice will be helpful.
>
> > Yes, I know this looks like DDoS protection on Cloudflare. But WTF?
> Any workaround required. Half-Internet is hosted on Cloudflare.
>
> > WBR, Yuri
>
>


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJXDRRPAAoJENNXIZxhPexGmZcIAI1gcVCHUjCrDk0vI/f7omMP
ALa5XYk0VrsoOioc5cIh0DuIRN8THqkdXxtRXdKnxC8hgRfvOxN6h7NFilZhVAiT
tvgQkmKxAXXkCXik03AYU5DBoElMDcCgznksAxcckvXGCyWxN7pFwSY2p87WPHa/
5G/K5BTG1rf30OjVYIMPRtsfkHyA5xWIPNHKcbu6bCsV7H+oXh8x8oCNHdF06Q1i
s3U1kiFEudOKC1bMGVY4RJlzqDgGdANsHMSh0/v3rS4it5KBFxPsuz/DDcU1DlkO
MIEMF7FgvxORtgBZPUnxa+sF5gunZqDuv2R2aJuxJpYK2OriOC7+e40dZiw7xpQ=
=/LGq
-----END PGP SIGNATURE-----

Attachment: 0x613DEC46.asc
Description: application/pgp-keys

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux