The above rules allow abuse of sites matching allowed_sites (by
proxying CONNECT traffic to any port on those sites).
Ok, maybe I'm lost. Any material on the internet I've read about writing
ACLs to allow access on Squid, including the Squid website, follows the
basic structure:
acl rul
On 6/29/22 11:22, Bruno de Paula Larini wrote:
The above rules allow abuse of sites matching allowed_sites (by
proxying CONNECT traffic to any port on those sites).
Ok, maybe I'm lost. Any material on the internet I've read about writing
ACLs to allow access on Squid, including the Squid websi
I do not recommend (ab)using ssl_bump rules for access control. When
things go wrong, and they will, Squid may not reach your "ssl_bump
terminate all" rule. Unlike http_access which is evaluated for
virtually all incoming traffic, Squid evaluates ssl_bump rules only in
some specific circumsta
