On 2024-10-28 11:47, Erik Schulz wrote:
I realized later that I was applying 'localnet' rules before the
dstdomain rules, which was the cause of the unauthorized dns lookup.
By rearranging the rules, such that `dstdomain -n` rules are tested
first, there is no dns lookup.
Glad you are making p
Hi Alex,
Thank you for your detailed response!
I realized later that I was applying 'localnet' rules before the
dstdomain rules, which was the cause of the unauthorized dns lookup.
By rearranging the rules, such that `dstdomain -n` rules are tested
first, there is no dns lookup. Well, I do see a
On 2024-10-25 18:18, Erik Schulz wrote:
I would like to use squid as an egress proxy, to prevent unauthorized egress.
Let's say that the only allowed egress is 'example.com'.
I can define acl along the lines of:
```
acl allowed_domains ssl::server_name .example.com
http_access allow allowed_dom
