Bablosoft

Using local Squid (caching) proxy with BAS?

Support
  • M

    Hi,

    I set up a local Squid caching proxy on my Windows Server 2016 Standard where BAS is running. This setup works very well for browsers, also for HTTPS-connections, (tested Chrome and FF) but I can't connect through HTTPS-sites using BAS. No matter if I set an additional proxy in BAS (for anonymity) or without proxy.

    As soon as I tunnel the connections of BAS (e.g. worker.exe) through Squid using Proxifier I can't open any HTTPS-website, non-HTTPS working fine. Also if I set the local caching Squid directly in BAS (Browser-Proxy-http type at localhost with Port 3128, same settings that work well in Chrome and FF).

    Is there any special set up needed in/for BAS to get it working also? And how is "proxying" generally implemented in BAS?

    Thank you guys.

    0
  • X

    related question:
    if we use Squid the cache proxy server, does the fingerprint still working? or We should do something special setting?

    1
  • M

    Any ideas regarding this topic? Can save a lot of bandwith and therefore mony.

    sergerdnS 1 Reply
    0
  • sergerdnS

    @morpheus93 said in Using local Squid (caching) proxy with BAS?:

    Any ideas regarding this topic? Can save a lot of bandwith and therefore mony.

    There aren't any problems with squid.

    An example of squid infrastructure:

    What we have:

    1. Linux server with squid5
    2. Windows Server with BAS
    3. Proxies from proxy provider

    What we need to make:

    1. rebuild squid with custom DMAXTCPLISTENPORTS because squid has limited http_port to 128. In my case it is very small count. Also you might be change "kid registration timeout value", it is hardcoded in source code. Have a look squid-5.2/src/ipc/Strand.cc to function void Ipc::Strand::registerSelf(). I also highly recommend to enable SMP support in squid.conf.

    2. properly setup your server to high load, ask your admin how it can be made (you have to change /etc/security/limits.conf, improve tcp settings, etc.)

    3. properly setup squid to parent proxy of proxy provider with acl's

    4. optionally configuring SSL Bumping. It can save a lot of traffic for you, but it can be detected by any website in a very easy way. Do not recommend these settings.

    5. setup up BAS with squid proxies.

    But make sure you have a huge experience with:

    1. linux
    2. networking
    3. programming. Because we need to make squid.conf by scripts.

    Also you need a lot of time for debugging. It is NOT easy task.

    🚀 Available for hire 40 hrs/week. 🚀

    2
  • M

    @sergerdn Thank you for sharing your experience and pointing to the important steps. Sounds like sophisticated task that needs a lot of knowledge and effort.

    0