I do not recommend (ab)using ssl_bump rules for access control. When
things go wrong, and they will, Squid may not reach your "ssl_bump
terminate all" rule. Unlike http_access which is evaluated for
virtually all incoming traffic, Squid evaluates ssl_bump rules only in
some specific circumsta
On 6/29/22 11:22, Bruno de Paula Larini wrote:
The above rules allow abuse of sites matching allowed_sites (by
proxying CONNECT traffic to any port on those sites).
Ok, maybe I'm lost. Any material on the internet I've read about writing
ACLs to allow access on Squid, including the Squid websi
The above rules allow abuse of sites matching allowed_sites (by
proxying CONNECT traffic to any port on those sites).
Ok, maybe I'm lost. Any material on the internet I've read about writing
ACLs to allow access on Squid, including the Squid website, follows the
basic structure:
acl rul
On 6/28/22 14:32, Bruno de Paula Larini wrote:
http_access allow allowed_sites
http_access allow SSL_ports
The above rules allow abuse of sites matching allowed_sites (by proxying
CONNECT traffic to any port on those sites). They also allow any traffic
to SSL_ports of any site. In summary, t
Spam detection software, running on the system "master.squid-cache.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for detail
On 6/28/22 08:08, Bruno de Paula Larini wrote:
I have a pretty simple configuration for website filtering (intercepted)
and ssl_bump, which follows below.
However, for some reason, it seems Squid resolves the website domain
address, then uses the IP to compare with the ACLs.
Most likely, what
Hi list.
I have a pretty simple configuration for website filtering (intercepted)
and ssl_bump, which follows below.
However, for some reason, it seems Squid resolves the website domain
address, then uses the IP to compare with the ACLs.
As the IP is not included in the ACL, the access to the
