Search squid archive

Re: Problems with Splicing and DNS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/07/18 00:49, Laurent Verheirstraeten wrote:
> Hi,
> 
> We have to deal with to a problem when using the function ‘Peak and
> Splice’ on the version 3.5.27 of Squid.
> 

Please upgrade to Squid-4.1. It resolves quite a number of annoying
SSL-Bump issues and has far better TLS support than Squid-3.


> We tried and set up a transparent proxy, but the rules we declared are
> not taken into account because both (squid) server and client are not
> using allways the same DNS.
> (we’re using a pool off 2 different DNS servers, not using the same cache ).
> 
> We’ve noticed that the IP addresses taken into account by the server
> Squid and the client are not the same while solving the hostname.
> 
> In that special case, Squid sends an error during the ‘Splice’. When the
> IP addresses are the same, then the function ‘Splice’ works perfectly.
> 
> Is there a way into Squid to specify the same IP address on both sides?

Having Squid use the same DNS resolver as the client makes most
occurrences of this problem go away.

<https://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery>


> 
> Have you already seen that kind of problem ?
> 

Yes. It is a well-known issue with interception proxies.


Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux