Исходное сообщение
"parent proxy не пускает https соединения" Отправлено qunix, 04-Июн-14 18:54
> никаким. https через прозрачный прокси не работал и не будет. при старте пишет: # /opt/squid/sbin/squid -d 9 -f /opt/squid/etc/squid.conf 2014/06/04 16:54:00| SECURITY NOTICE: auto-converting deprecated "ssl_bump allow <acl>" to "ssl_bump client-first <acl>" which is usually inferior to the newer server-first bumping mode. Update your ssl_bump rules. 2014/06/04 16:54:00| WARNING: auto-converting deprecated implicit "ssl_bump deny all" to "ssl_bump none all". New ssl_bump configurations must not use implicit rules. Update your ssl_bump rules. 2014/06/04 16:54:00| WARNING: auto-converting deprecated "ssl_bump deny <acl>" to "ssl_bump none <acl>". Update your ssl_bump rules. root@ubuntu:/opt/squid/ssl_cert# 2014/06/04 16:54:00 kid1| SECURITY NOTICE: auto-converting deprecated "ssl_bump allow <acl>" to "ssl_bump client-first <acl>" which is usually inferior to the newer server-first bumping mode. Update your ssl_bump rules. 2014/06/04 16:54:00 kid1| WARNING: auto-converting deprecated implicit "ssl_bump deny all" to "ssl_bump none all". New ssl_bump configurations must not use implicit rules. Update your ssl_bump rules. 2014/06/04 16:54:00 kid1| WARNING: auto-converting deprecated "ssl_bump deny <acl>" to "ssl_bump none <acl>". Update your ssl_bump rules. 2014/06/04 16:54:00 kid1| Set Current Directory to /opt/squid/var/cache/squid 2014/06/04 16:54:00 kid1| Starting Squid Cache version 3.4.4-20140414-r13119 for x86_64-unknown-linux-gnu... 2014/06/04 16:54:00 kid1| Process ID 8590 2014/06/04 16:54:00 kid1| Process Roles: worker 2014/06/04 16:54:00 kid1| With 1024 file descriptors available 2014/06/04 16:54:00 kid1| Initializing IP Cache... 2014/06/04 16:54:00 kid1| DNS Socket created at [::], FD 7 2014/06/04 16:54:00 kid1| DNS Socket created at 0.0.0.0, FD 8 2014/06/04 16:54:00 kid1| Adding nameserver 172.20.1.23 from squid.conf 2014/06/04 16:54:00 kid1| Adding nameserver 172.20.1.24 from squid.conf 2014/06/04 16:54:00 kid1| helperOpenServers: Starting 5/5 'ssl_crtd' processes 2014/06/04 16:54:01 kid1| Logfile: opening log daemon:/opt/squid/var/logs/access.log 2014/06/04 16:54:01 kid1| Logfile Daemon: opening log /opt/squid/var/logs/access.log 2014/06/04 16:54:01 kid1| Unlinkd pipe opened on FD 24 2014/06/04 16:54:01 kid1| Store logging disabled 2014/06/04 16:54:01 kid1| Swap maxSize 102400 + 262144 KB, estimated 28041 objects 2014/06/04 16:54:01 kid1| Target number of buckets: 1402 2014/06/04 16:54:01 kid1| Using 8192 Store buckets 2014/06/04 16:54:01 kid1| Max Mem  size: 262144 KB 2014/06/04 16:54:01 kid1| Max Swap size: 102400 KB 2014/06/04 16:54:01 kid1| Rebuilding storage in /opt/squid/var/cache/squid (no log) 2014/06/04 16:54:01 kid1| Using Least Load store dir selection 2014/06/04 16:54:01 kid1| Set Current Directory to /opt/squid/var/cache/squid 2014/06/04 16:54:01 kid1| Finished loading MIME types and icons. 2014/06/04 16:54:01 kid1| HTCP Disabled. 2014/06/04 16:54:01 kid1| Configuring Parent 172.20.200.124/80/3130 2014/06/04 16:54:01 kid1| Squid plugin modules loaded: 0 2014/06/04 16:54:01 kid1| Accepting HTTP Socket connections at local=127.0.0.1:80 remote=[::] FD 26 flags=9 2014/06/04 16:54:01 kid1| Accepting TPROXY intercepted HTTP Socket connections at local=192.168.1.220:3128 remote=[::] FD 27 flags=25 2014/06/04 16:54:01 kid1| Accepting TPROXY intercepted SSL bumped HTTPS Socket connections at local=192.168.1.220:3129 remote=[::] FD 28 flags=25 2014/06/04 16:54:01 kid1| Done scanning /opt/squid/var/cache/squid dir (0 entries) 2014/06/04 16:54:01 kid1| Finished rebuilding storage from disk. 2014/06/04 16:54:01 kid1|         0 Entries scanned 2014/06/04 16:54:01 kid1|         0 Invalid entries. 2014/06/04 16:54:01 kid1|         0 With invalid flags. 2014/06/04 16:54:01 kid1|         0 Objects loaded. 2014/06/04 16:54:01 kid1|         0 Objects expired. 2014/06/04 16:54:01 kid1|         0 Objects cancelled. 2014/06/04 16:54:01 kid1|         0 Duplicate URLs purged. 2014/06/04 16:54:01 kid1|         0 Swapfile clashes avoided. 2014/06/04 16:54:01 kid1|   Took 0.40 seconds (  0.00 objects/sec). 2014/06/04 16:54:01 kid1| Beginning Validation Procedure 2014/06/04 16:54:01 kid1|   Completed Validation Procedure 2014/06/04 16:54:01 kid1|   Validated 0 Entries 2014/06/04 16:54:01 kid1|   store_swap_size = 0.00 KB 2014/06/04 16:54:02 kid1| storeLateRelease: released 0 objects при попытку подключиться: telnet 192.168.1.220 3128 Trying 192.168.1.220... Connected to 192.168.1.220. Escape character is '^]'. Connection closed by foreign host. # netstat -an|grep 3128 tcp        0      0 192.168.1.220:3128      0.0.0.0:*               LISTEN

Ваше сообщение
Имя*:
EMail:	Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	>> никаким. https через прозрачный прокси не работал и не будет. > при старте пишет: > # /opt/squid/sbin/squid -d 9 -f /opt/squid/etc/squid.conf > 2014/06/04 16:54:00| SECURITY NOTICE: auto-converting deprecated "ssl_bump allow > <acl>" to "ssl_bump client-first <acl>" which is usually inferior to the > newer server-first bumping mode. Update your ssl_bump rules. > 2014/06/04 16:54:00| WARNING: auto-converting deprecated implicit "ssl_bump deny > all" to "ssl_bump none all". New ssl_bump configurations must not use > implicit rules. Update your ssl_bump rules. > 2014/06/04 16:54:00| WARNING: auto-converting deprecated "ssl_bump deny <acl>" > to "ssl_bump none <acl>". Update your ssl_bump rules. > root@ubuntu:/opt/squid/ssl_cert# 2014/06/04 16:54:00 kid1| SECURITY NOTICE: auto-converting > deprecated "ssl_bump allow <acl>" to "ssl_bump client-first <acl>" which is usually > inferior to the newer server-first bumping mode. Update your ssl_bump rules. > 2014/06/04 16:54:00 kid1| WARNING: auto-converting deprecated implicit "ssl_bump > deny all" to "ssl_bump none all". New ssl_bump configurations must not > use implicit rules. Update your ssl_bump rules. > 2014/06/04 16:54:00 kid1| WARNING: auto-converting deprecated "ssl_bump deny <acl>" > to "ssl_bump none <acl>". Update your ssl_bump rules. > 2014/06/04 16:54:00 kid1| Set Current Directory to /opt/squid/var/cache/squid > 2014/06/04 16:54:00 kid1| Starting Squid Cache version 3.4.4-20140414-r13119 for > x86_64-unknown-linux-gnu... > 2014/06/04 16:54:00 kid1| Process ID 8590 > 2014/06/04 16:54:00 kid1| Process Roles: worker > 2014/06/04 16:54:00 kid1| With 1024 file descriptors available > 2014/06/04 16:54:00 kid1| Initializing IP Cache... > 2014/06/04 16:54:00 kid1| DNS Socket created at [::], FD 7 > 2014/06/04 16:54:00 kid1| DNS Socket created at 0.0.0.0, FD 8 > 2014/06/04 16:54:00 kid1| Adding nameserver 172.20.1.23 from squid.conf > 2014/06/04 16:54:00 kid1| Adding nameserver 172.20.1.24 from squid.conf > 2014/06/04 16:54:00 kid1| helperOpenServers: Starting 5/5 'ssl_crtd' processes > 2014/06/04 16:54:01 kid1| Logfile: opening log daemon:/opt/squid/var/logs/access.log > 2014/06/04 16:54:01 kid1| Logfile Daemon: opening log /opt/squid/var/logs/access.log > 2014/06/04 16:54:01 kid1| Unlinkd pipe opened on FD 24 > 2014/06/04 16:54:01 kid1| Store logging disabled > 2014/06/04 16:54:01 kid1| Swap maxSize 102400 + 262144 KB, estimated 28041 objects > 2014/06/04 16:54:01 kid1| Target number of buckets: 1402 > 2014/06/04 16:54:01 kid1| Using 8192 Store buckets > 2014/06/04 16:54:01 kid1| Max Mem size: 262144 KB > 2014/06/04 16:54:01 kid1| Max Swap size: 102400 KB > 2014/06/04 16:54:01 kid1| Rebuilding storage in /opt/squid/var/cache/squid (no > log) > 2014/06/04 16:54:01 kid1| Using Least Load store dir selection > 2014/06/04 16:54:01 kid1| Set Current Directory to /opt/squid/var/cache/squid > 2014/06/04 16:54:01 kid1| Finished loading MIME types and icons. > 2014/06/04 16:54:01 kid1| HTCP Disabled. > 2014/06/04 16:54:01 kid1| Configuring Parent 172.20.200.124/80/3130 > 2014/06/04 16:54:01 kid1| Squid plugin modules loaded: 0 > 2014/06/04 16:54:01 kid1| Accepting HTTP Socket connections at local=127.0.0.1:80 > remote=[::] FD 26 flags=9 > 2014/06/04 16:54:01 kid1| Accepting TPROXY intercepted HTTP Socket connections at > local=192.168.1.220:3128 remote=[::] FD 27 flags=25 > 2014/06/04 16:54:01 kid1| Accepting TPROXY intercepted SSL bumped HTTPS Socket connections > at local=192.168.1.220:3129 remote=[::] FD 28 flags=25 > 2014/06/04 16:54:01 kid1| Done scanning /opt/squid/var/cache/squid dir (0 entries) > 2014/06/04 16:54:01 kid1| Finished rebuilding storage from disk. > 2014/06/04 16:54:01 kid1| 0 > Entries scanned > 2014/06/04 16:54:01 kid1| 0 > Invalid entries. > 2014/06/04 16:54:01 kid1| 0 > With invalid flags. > 2014/06/04 16:54:01 kid1| 0 > Objects loaded. > 2014/06/04 16:54:01 kid1| 0 > Objects expired. > 2014/06/04 16:54:01 kid1| 0 > Objects cancelled. > 2014/06/04 16:54:01 kid1| 0 > Duplicate URLs purged. > 2014/06/04 16:54:01 kid1| 0 > Swapfile clashes avoided. > 2014/06/04 16:54:01 kid1| Took 0.40 seconds ( 0.00 objects/sec). > 2014/06/04 16:54:01 kid1| Beginning Validation Procedure > 2014/06/04 16:54:01 kid1| Completed Validation Procedure > 2014/06/04 16:54:01 kid1| Validated 0 Entries > 2014/06/04 16:54:01 kid1| store_swap_size = 0.00 KB > 2014/06/04 16:54:02 kid1| storeLateRelease: released 0 objects > при попытку подключиться: > telnet 192.168.1.220 3128 > Trying 192.168.1.220... > Connected to 192.168.1.220. > Escape character is '^]'. > Connection closed by foreign host. > # netstat -an|grep 3128 > tcp 0 > 0 192.168.1.220:3128 0.0.0.0:* > > LISTEN
	Введите код, изображенный на картинке: