Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-28 Thread Alex Rousskov
On 03/28/2016 12:01 PM, Yuri Voinov wrote: > 28.03.16 20:59, Alex Rousskov пишет: >> On 03/27/2016 11:59 PM, Alexandr Yatskin wrote: >>> Directive "deny_info" didn't work when we blocked https site with option >>> "ssl_bump". >> "deny_info" is not compatible with the ssl_bump "terminate" action.

Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-28 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 28.03.16 20:59, Alex Rousskov пишет: > On 03/27/2016 11:59 PM, Alexandr Yatskin wrote: >> Directive "deny_info" didn't work when we blocked https site with option >> "ssl_bump". > > "deny_info" is not compatible with the ssl_bump "terminate" acti

Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-28 Thread Alex Rousskov
On 03/27/2016 11:59 PM, Alexandr Yatskin wrote: > Directive "deny_info" didn't work when we blocked https site with option > "ssl_bump". "deny_info" is not compatible with the ssl_bump "terminate" action. The "terminate" action means "Close client and server connections". It is impossible to serve

Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-28 Thread Alexandr Yatskin
I've already checked it. Order of this options doesn't matter. 28.03.2016 15:30, Yuri Voinov пишет: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I suggests the order is important and must be: ssl_bump terminate blocked_https deny_info http://www.example.com blocked_https 28.03.16 11:59,

Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-28 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I suggests the order is important and must be: ssl_bump terminate blocked_https deny_info http://www.example.com blocked_https 28.03.16 11:59, Alexandr Yatskin пишет: > Directive "deny_info" didn't work when we blocked https site with option > "

Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-27 Thread Alexandr Yatskin
Directive "deny_info" didn't work when we blocked https site with option "ssl_bump". Maybe, is there another method? acl blocked_https ssl::server_name "/etc/squid/blocked_https.txt" acl step1 at_step SslBump1 ssl_bump peek st

Re: [squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-25 Thread Yuri Voinov
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 # TAG: deny_info #Usage: deny_info err_page_name acl #or deny_info http://... acl #or deny_info TCP_RESET acl # #This can be used to return a ERR_ page for requests which #do not pass the 'http_access' rules. Squ

[squid-users] "ACCESS DENIED" page by ssl_bump terminate

2016-03-25 Thread Alexandr Yatskin
Hello everyone! How redirect users to "Access Denied" page when they go to blocked https sites? Now users only can see such error: "ERR_CONNECTION_CLOSED". There are several lines from our config: -- acl blocked_https ssl::server_name "/etc/squid/blocke