From: Alex Rousskov
>
> You need to figure out why. Two common reasons are SSL-level errors and
> http_access denials. Both should be reflected in access.log and
> debugging cache.log.
I finally found out it was an http_access deny on an ACL match with url_regex
On 05/28/2017 05:40 AM, Vieri wrote:
> Please keep in mind that I'm basically an end-user, a sys-admin. I
> wish I had the time to study Squid's source code.
Nobody (certainly not me) has suggested anything that requires studying
Squid source code. If you think that I have, you have misinterprete
Hi Alex et al.,
Thank you very much for your analysis and help. I really appreciate it.
Please keep in mind that I'm basically an end-user, a sys-admin. I wish I had
the time to study Squid's source code. All I can do for now is read the docs
that so many people have kindly published.
In 99% o
On 05/26/2017 05:22 PM, Vieri wrote:
> If I have this:
>
> ssl_bump peek all
> ssl_bump splice AllowTroublesome
> ssl_bump bump all
... then you have a configuration that does not make sense because one
cannot bump after peeking at step2. Your configuration is equivalent to
* if the current s
I forgot to put the emphasis on one thing. I did not change my squid.conf or my
ACLs. The only difference is in the ssl_bump configuration directives.
If I have this:
acl AllowTroublesome ssl::server_name .google.com .gmail.com
acl DenyTroublesome ssl::server_name mail.google.com
http_access den
On 27/05/17 03:44, Vieri wrote:
Hi,
I'd like to block access to Google Mail but allow it to Google Drive. I also
need to intercept Google Drive traffic (https) and scan its content via c-icap
modules for threats (with clamav and other tools which would block potentially
harmful files).
I've
On 05/26/2017 09:44 AM, Vieri wrote:
> I know that in TLS traffic there are only IP addresses
This is a gross exaggeration. The reality is much more nuanced.
> I added mail.google.com to a custom file named "denied.domains" and loaded as
> denied_domains ACL in Squid.
> [...]
> acl denied_do
Here is a list of google domains that may help you,
http://www.squidblacklist.org/downloads/whitelists/google.domains
On 5/26/2017 10:44 AM, Vieri wrote:
Hi,
I'd like to block access to Google Mail but allow it to Google Drive. I also
need to intercept Google Drive traffic (https) and scan i
Hi,
I'd like to block access to Google Mail but allow it to Google Drive. I also
need to intercept Google Drive traffic (https) and scan its content via c-icap
modules for threats (with clamav and other tools which would block potentially
harmful files).
I've failed so far.
I added mail.googl
