I've sorted it, I had to put quotes around my file path to the URL whitelist
On Thu, 12 Jan 2023, 15:22 robert k Wild, <robertkw...@gmail.com> wrote: > hi all, > > i have no idea why but my acl for url whitelist doesnt work anymore > > this is the output of my parse > > /usr/local/squid/sbin/squid -k parse > 2023/01/12 15:10:56| Startup: Initializing Authentication Schemes ... > 2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'basic' > 2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'digest' > 2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'negotiate' > 2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'ntlm' > 2023/01/12 15:10:56| Startup: Initialized Authentication. > 2023/01/12 15:10:56| Processing Configuration File: > /usr/local/squid/etc/squid.conf (depth 0) > 2023/01/12 15:10:56| Processing: acl localnet src 0.0.0.1-0.255.255.255 # > RFC 1122 "this" network (LAN) > 2023/01/12 15:10:56| Processing: acl localnet src 10.0.0.0/8 # > RFC 1918 local private network (LAN) > 2023/01/12 15:10:56| Processing: acl localnet src 100.64.0.0/10 # > RFC 6598 shared address space (CGN) > 2023/01/12 15:10:56| Processing: acl localnet src 169.254.0.0/16 # > RFC 3927 link-local (directly plugged) machines > 2023/01/12 15:10:56| Processing: acl localnet src 172.16.0.0/12 # > RFC 1918 local private network (LAN) > 2023/01/12 15:10:56| Processing: acl localnet src 192.168.0.0/16 > # RFC 1918 local private network (LAN) > 2023/01/12 15:10:56| Processing: acl localnet src fc00::/7 # > RFC 4193 local private network range > 2023/01/12 15:10:56| Processing: acl localnet src fe80::/10 # > RFC 4291 link-local (directly plugged) machines > 2023/01/12 15:10:56| Processing: acl SSL_ports port 443 > 2023/01/12 15:10:56| Processing: acl Safe_ports port 80 # http > 2023/01/12 15:10:56| Processing: acl Safe_ports port 21 # ftp > 2023/01/12 15:10:56| Processing: acl Safe_ports port 443 # > https > 2023/01/12 15:10:56| Processing: acl Safe_ports port 70 # gopher > 2023/01/12 15:10:56| Processing: acl Safe_ports port 210 # > wais > 2023/01/12 15:10:56| Processing: acl Safe_ports port 1025-65535 # > unregistered ports > 2023/01/12 15:10:56| Processing: acl Safe_ports port 280 # > http-mgmt > 2023/01/12 15:10:56| Processing: acl Safe_ports port 488 # > gss-http > 2023/01/12 15:10:56| Processing: acl Safe_ports port 591 # > filemaker > 2023/01/12 15:10:56| Processing: acl Safe_ports port 777 # > multiling http > 2023/01/12 15:10:56| Processing: acl CONNECT method CONNECT > 2023/01/12 15:10:56| Processing: http_access allow localhost manager > 2023/01/12 15:10:56| Processing: http_access deny manager > 2023/01/12 15:10:56| Processing: include > /usr/local/squid/etc/squidrules.conf > 2023/01/12 15:10:56| Processing Configuration File: > /usr/local/squid/etc/squidrules.conf (depth 1) > 2023/01/12 15:10:56| Processing: acl DiscoverSNIHost at_step SslBump1 > 2023/01/12 15:10:56| Processing: acl NoSSLIntercept ssl::server_name_regex > /usr/local/squid/etc/pubkey.txt > 2023/01/12 15:10:56| Processing: ssl_bump peek DiscoverSNIHost > 2023/01/12 15:10:56| Processing: ssl_bump splice NoSSLIntercept > 2023/01/12 15:10:56| Processing: ssl_bump bump all > 2023/01/12 15:10:56| Processing: http_port 3128 ssl-bump > cert=/usr/local/squid/etc/ssl_cert/myCA.pem generate-host-certificates=on > dynamic_cert_mem_cache_size=4MB > 2023/01/12 15:10:56| Processing: sslcrtd_program > /usr/local/squid/libexec/security_file_certgen -s /var/lib/ssl_db -M 4MB > 2023/01/12 15:10:56| Processing: acl upmime req_mime_type > /usr/local/squid/etc/mimedeny.txt > 2023/01/12 15:10:56| Processing: acl url_links url_regex > /usr/local/squid/etc/linksurl.txt > 2023/01/12 15:10:56| Processing: acl special_url url_regex > /usr/local/squid/etc/urlspecial.txt > 2023/01/12 15:10:56| Processing: acl downmime rep_mime_type > /usr/local/squid/etc/mimedeny.txt > 2023/01/12 15:10:56| Processing: http_reply_access allow special_url > 2023/01/12 15:10:56| Processing: http_reply_access deny downmime > 2023/01/12 15:10:56| Processing: acl whitelist ssl::server_name_regex > /usr/local/squid/etc/urlwhite.txt > 2023/01/12 15:10:56| Processing: acl activation port 80 443 > 2023/01/12 15:10:56| Processing: http_access allow activation whitelist > 2023/01/12 15:10:56| Processing: http_access deny all > 2023/01/12 15:10:56| Processing: http_access allow localnet > 2023/01/12 15:10:56| Processing: http_access allow localhost > 2023/01/12 15:10:56| Processing: http_access deny all > 2023/01/12 15:10:56| Processing: coredump_dir > /usr/local/squid/var/cache/squid > 2023/01/12 15:10:56| Processing: refresh_pattern ^ftp: 1440 > 20% 10080 > 2023/01/12 15:10:56| Processing: refresh_pattern ^gopher: 1440 0% > 1440 > 2023/01/12 15:10:56| Processing: refresh_pattern -i (/cgi-bin/|\?) 0 0% > 0 > 2023/01/12 15:10:56| Processing: refresh_pattern . 0 > 20% 4320 > 2023/01/12 15:10:56| Processing: icap_enable on > 2023/01/12 15:10:56| Processing: adaptation_uses_indirect_client on > 2023/01/12 15:10:56| Processing: icap_send_client_ip on > 2023/01/12 15:10:56| Processing: icap_send_client_username on > 2023/01/12 15:10:56| Processing: icap_client_username_header > X-Authenticated-User > 2023/01/12 15:10:56| Processing: icap_service service_req reqmod_precache > bypass=0 icap://127.0.0.1:1344/squidclamav > 2023/01/12 15:10:56| Processing: adaptation_access service_req allow all > 2023/01/12 15:10:56| Processing: icap_service service_resp > respmod_precache bypass=0 icap://127.0.0.1:1344/squidclamav > 2023/01/12 15:10:56| Processing: adaptation_access service_resp allow all > 2023/01/12 15:10:56| Initializing https:// proxy context > 2023/01/12 15:10:56| Initializing http_port [::]:3128 TLS contexts > 2023/01/12 15:10:56| Using certificate in > /usr/local/squid/etc/ssl_cert/myCA.pem > 2023/01/12 15:10:56| Using certificate chain in > /usr/local/squid/etc/ssl_cert/myCA.pem > 2023/01/12 15:10:56| Adding issuer CA: /C=XX/L=Default City/O=Default > Company Ltd > 2023/01/12 15:10:56| Using key in /usr/local/squid/etc/ssl_cert/myCA.pem > > acl whitelist ssl::server_name_regex /usr/local/squid/etc/urlwhite.txt > > and in the url whitelist file is adobe.com > > (^|\.)adobe.com$ > > but when i try to access on my browser "adobe.com" i get the proxy access > denied page > > can anyone shed some light as im struggling to sort this out > > thanks, > rob > > -- > Regards, > > Robert K Wild. >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
