On 05/13/2018 06:50 PM, Amos Jeffries wrote:
> should this work?
>
> acl step1 at_step SslBump1
> http_access allow CONNECT step1
Yes, step1 should work in http_access IMO, but I do not know whether it
does. According to the latest Amish email, it does work, which is good news!
Cheers,
Alex.
On 14/05/18 12:49, Martin Hanson wrote:
> I have enabled debugging and found something quite strange.
>
> In order to better debug I have limited the whitelist to two domains, one
> HTTP and one with HTTPS:
>
> acl whitelist ssl::server_name .ubuntu.com .sundkat.dk
>
> When I go to http://www.s
> On 05/13/2018 06:15 PM, Martin Hanson wrote:
>
>> # THIS ISN'T WORKING!!!
>> # https://www.ubuntu.com is blocked with "Access Denied" from Squid.
>> http_access allow windows_boxes whitelist
>
> I suspect the request is blocked during SslBump step1 because there is
> not enough information in t
On 14/05/18 12:35, Alex Rousskov wrote:
> On 05/13/2018 06:15 PM, Martin Hanson wrote:
>
>> # THIS ISN'T WORKING!!!
>> # https://www.ubuntu.com is blocked with "Access Denied" from Squid.
>> http_access allow windows_boxes whitelist
>
> I suspect the request is blocked during SslBump step1 becaus
I have enabled debugging and found something quite strange.
In order to better debug I have limited the whitelist to two domains, one HTTP
and one with HTTPS:
acl whitelist ssl::server_name .ubuntu.com .sundkat.dk
When I go to http://www.sundkat.dk, which is a HTTP domain, I get the following:
On 05/13/2018 06:15 PM, Martin Hanson wrote:
> # THIS ISN'T WORKING!!!
> # https://www.ubuntu.com is blocked with "Access Denied" from Squid.
> http_access allow windows_boxes whitelist
I suspect the request is blocked during SslBump step1 because there is
not enough information in the fake CONNE
>> This is my current squid.conf. I know I am overlooking something, but I
>> cannot figure out what I am doing wrong.
>
> The comments on this config tell a story of some misunderstandings ...
Thank you for all the valuable feedback. I originally set this up years ago. I
have updated the diffe
I also tried the above, but the result is the same.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 13/05/18 13:55, Martin Hanson wrote:
>
> This is my current squid.conf. I know I am overlooking something, but I
> cannot figure out what I am doing wrong.
>
The comments on this config tell a story of some misunderstandings ...
>
> acl step1 at_step SslBump1
> acl localnet src 192.168.1.0
On 13/05/18 14:17, Alex Rousskov wrote:
> On 05/12/2018 07:55 PM, Martin Hanson wrote:
>> # !!! THIS ISN'T WORKING !!! ubuntu.com, mojang.com still gets blocked on
>> these boxes.
>> http_access deny windows_boxes !whitelist
> ...
>> http_access deny all
>
> You have no rules that allow windows_b
On 05/12/2018 07:55 PM, Martin Hanson wrote:
> # !!! THIS ISN'T WORKING !!! ubuntu.com, mojang.com still gets blocked on
> these boxes.
> http_access deny windows_boxes !whitelist
...
> http_access deny all
You have no rules that allow windows_boxes to access whitelist servers,
and you have a "de
Hi,
I have a setup with a PF firewall that intercepts HTTP and HTTPS traffic and
forwards that to Squid. Squid is setup to log all traffic and it uses a SSL
bump for the HTTPS traffic.
In the setup I have a whitelist of domains that doesn't get logged, the rest of
the traffic gets logged and r
12 matches
Mail list logo
