Re: [squid-users] SOLVED - SECURITY ALERT: Host header forgery detected

2018-05-13 Thread Martin Hanson
> So I finally got the whitelist working, but now every other box on the > "localnet", when trying to access the whitelist, gets a: > > 2018/05/14 07:40:18 kid1| SECURITY ALERT: on URL: www.ubuntu.com:443 > 2018/05/14 07:40:18 kid1| SECURITY ALERT: Host header forgery detected on > local=91.189.

[squid-users] SECURITY ALERT: Host header forgery detected

2018-05-13 Thread Martin Hanson
So I finally got the whitelist working, but now every other box on the "localnet", when trying to access the whitelist, gets a: 2018/05/14 07:40:18 kid1| SECURITY ALERT: on URL: www.ubuntu.com:443 2018/05/14 07:40:18 kid1| SECURITY ALERT: Host header forgery detected on local=91.189.89.118:443 r

Re: [squid-users] SOLVED - Whitelist ONLY exception isn't working correctly

2018-05-13 Thread Martin Hanson
>> It's like when the traffic is HTTP the whitelist is working, but when the >> traffic is HTTPS the whitelist isn't working. > > Yes, that is exactly what is happening. > > * When intercepting HTTP (port 80) traffic the protocol is HTTP. Squid > is receiving messages generated by the client *na

Re: [squid-users] Whitelist ONLY exception isn't working correctly

2018-05-13 Thread Martin Hanson
> On 05/13/2018 06:15 PM, Martin Hanson wrote: > >> # THIS ISN'T WORKING!!! >> # https://www.ubuntu.com is blocked with "Access Denied" from Squid. >> http_access allow windows_boxes whitelist > > I suspect the request is blocked during SslBump step1

Re: [squid-users] Whitelist ONLY exception isn't working correctly

2018-05-13 Thread Martin Hanson
I have enabled debugging and found something quite strange. In order to better debug I have limited the whitelist to two domains, one HTTP and one with HTTPS: acl whitelist ssl::server_name .ubuntu.com .sundkat.dk When I go to http://www.sundkat.dk, which is a HTTP domain, I get the following:

Re: [squid-users] Whitelist ONLY exception isn't working correctly

2018-05-13 Thread Martin Hanson
>> This is my current squid.conf. I know I am overlooking something, but I >> cannot figure out what I am doing wrong. > > The comments on this config tell a story of some misunderstandings ... Thank you for all the valuable feedback. I originally set this up years ago. I have updated the diffe

Re: [squid-users] Whitelist ONLY exception isn't working correctly

2018-05-13 Thread Martin Hanson
I also tried the above, but the result is the same. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Whitelist ONLY exception isn't working correctly

2018-05-12 Thread Martin Hanson
Hi, I have a setup with a PF firewall that intercepts HTTP and HTTPS traffic and forwards that to Squid. Squid is setup to log all traffic and it uses a SSL bump for the HTTPS traffic. In the setup I have a whitelist of domains that doesn't get logged, the rest of the traffic gets logged and r