Enviada: 10 de dezembro de 2021 16:42
Para: André Bolinhas ;
squid-users@lists.squid-cache.org
Assunto: Re: [squid-users] deny squid to bump deny_info
On 12/10/21 11:01 AM, André Bolinhas wrote:
> I put this code at the beginning of squid.conf, just after listen_ports:
>
> http_por
users] deny squid to bump deny_info
On 12/8/21 10:40 AM, André Bolinhas wrote:
> where I need to add the ssl_bump terminate rule? Inside ssl.conf or
> http_access.conf?
> I have tried in both both but continues to bump the error page.
Unfortunately, I cannot edit your configuration
t
>
> # Rules (spliced) added by admins
>
> # 1 BUMP rules...
> #ssl_bump stare all
> ssl_bump bump ssl_step2 SNIGroup16
> ssl_bump splice all
>
> tls_outgoing_options options=NO_SSLv3,NO_TICKET
> cipher=ALL:!SSLv2:!SSLv3:!ADH:!DSS:!MD5:!EXP:!DES:!PSK:!SRP:!RC4:!I
!PSK:!SRP:!RC4:!IDEA:!SEED:!aNULL:!eNULL
flags=DONT_VERIFY_PEER
sslproxy_cert_error allow all
on_unsupported_protocol tunnel all
-Mensagem original-
De: Alex Rousskov
Enviada: 8 de dezembro de 2021 15:13
Para: André Bolinhas ;
squid-users@lists.squid-cache.org
Assunto: Re: [squid-users
On 12/7/21 8:39 PM, André Bolinhas wrote:
> We use Squid v5 with ssl_bump to decrypt only google domains. With a
> special configuration we also need to deny important websites. Squid
> tries to bump returned error pages
Yes, when SslBump encounters an error, it tries to bump the client
connectio
Hi
We use Squid v5 with ssl_bump to decrypt only google domains.
With a special configuration we also need to deny important websites.
So far so good, but for performance reasons we don't want Squid to return
the error pages.
Since we have a lot of denied sites, it seems that Squid tries to bump
r
