Re: [squid-users] Setting up proxy with private to public

[Antony Stone]

Sorry, replying to the list this time - for some reason my previous reply went 
to your private address.


On Wednesday 15 April 2020 at 15:08:36, Chris Bidwell - NOAA Federal wrote:

> So after looking further.  It looks like when I'm trying to wget from my
> squid server, which has the two nics (internal and public), it's trying to
> send it through the internal connection.  It doesn't seem to want to route
> through the external nic.

Okay, so not currently a Squid problem, then.

What does "route -n" tell you, and what do you think your default gateway 
address to the Internet should be (ie: what's the address of the router which 
you think Squid should be using from its external interface to get to the 
Internet)?


Antony.

-- 
Python is executable pseudocode.
Perl is executable line noise.

   Please reply to the list;
 please don't CC me.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] dynamic ACLs

[Vieri]

Hi,

In sslbump tproxy "mode" one cannot authenticate user to limit/allow their 
access to web content.

I was thinking however of making a web form with auth within a custom Squid 
error page. This way a user would "automatically" whitelist a web site and have 
access to it while the IT dep. would know which user accessed where despite the 
site being blacklisted.

From the error page I can tell which ACL is blocking that site so I could 
create an "exception" ACL for that ACL.
My question is: can this whitelist or graylist ACL be dynamic without needing 
to reload Squid, a bit like ipsets with iptables/nftables without the need to 
reload rules?

Vieri
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users