You are welcome.
I wrote an app that does everything for me so I just need to dump the database into a:
ssl::server_name directive
it’s basically:
## START
acl NoBump_server_name ssl::server_name "/etc/squid/no-ssl-bump-server-name.list"
acl tls_to_splice any-of inspect_only NoBump_src NoBump_server_name NoBump_server_regex_by_urls_domain NoBump_server_regex
ssl_bump peek app_matcher_helper
ssl_bump peek tls_s1_connect
ssl_bump bump app_matcher_helper
ssl_bump bump app_reader_helper
ssl_bump bump deny_note
ssl_bump splice app_matcher_helper
ssl_bump splice tls_to_splice
ssl_bump stare app_matcher_helper
ssl_bump stare tls_s2_client_hello
ssl_bump bump app_matcher_helper
ssl_bump bump tls_to_bump
## END
If you want I can upload a snippet of the whole setup dump with hope you could make use of it.
Eliezer
----
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd@xxxxxxxxx
Web: https://ngtech.co.il/
My-Tube: https://tube.ngtech.co.il/
תודה רבה
It looks like you are using a database and then building the config from that? any cahnce you can send me the snippet of the config instead of the DB bits? ?
Hey Adam,
I recorded a video for you on how I do it at:
https://cloud1.ngtech.co.il/static/squid-data/splice-epic-games.mp4
So basically the relevant domains are:
epicgames-download1.akamaized.net
.epicgames.com
.unrealengine.com
And you can peek at robert k Wild mail: “regex for normal websites”
And it contains the relevant technical details.
If for any reason you need a more detailed answer let me know.
Yours,
Eliezer
----
Eliezer Croitoru
NgTech, Tech Support
Mobile: +972-5-28704261
Email: ngtech1ltd@xxxxxxxxx
Web: https://ngtech.co.il/
My-Tube: https://tube.ngtech.co.il/
Hi All,
I am trying to get squid to allow me to login to Epicgames.com with my epic login, i get to the login page and get the hcaptca images and everytime i get "invalid response"
i looked at the headers and the only error that i can see is "The cache information is missing from the entry"
My config looks like so
workers 2
```
# Leave coredumps in the first cache dir
coredump_dir /var/spool/squid
http_port 3128 ssl-bump dynamic_cert_mem_cache_size=16MB generate-host-certificates=on cert=/etc/squid/certs/squid-ca-cert-key.pem
sslcrtd_program /usr/lib64/squid/security_file_certgen -s /var/spool/squid/ssl -M 16MB
dns_nameservers 10.5.1.2 8.8.8.8
visible_hostname foo-proxy-1
forwarded_for truncate
via off
# Send to file
access_log daemon:/var/log/squid/access.log
acl CONNECT method CONNECT
acl local src 10.0.0.0/8
always_direct allow all
request_header_add X-GoogApps-Allowed-Domains "foo.com" all
memory_replacement_policy heap GDSF
maximum_object_size 100 KB
maximum_object_size 1 MB
cache allow all
cache_mem 256 MB
cache_dir rock /var/spool/squid 1024
memory_pools off
cache_swap_low 90
client_persistent_connections on
http_access allow localhost manager
http_access deny manager
# SquidGaurd
url_rewrite_program /usr/bin/squidGuard
```
Any suggestions?
|
Adam Barnett Senior SysAdmin beloFX | | |
|
|