I will try to test it when users are not on the proxy later.
I have another issue with the "server_cert_fingerprint" directive.
I have a working setup which I am unable to make it work with
"server_cert_fingerprint".
I'm not sure how and in what step or place in the config it should be used.
My
On 1/25/21 6:03 AM, Eliezer Croitoru wrote:
> I'm trying to use:
> acl aclname server_cert_fingerprint [-sha1] fingerprint
>
>
> I have cerated the next file:
> /etc/squid/no-ssl-bump-server-fingerprint.list
>
> And trying to use the next line:
> acl NoBump_certificate_fingerprint
Thanks Amos much appreciated
On Mon, 25 Jan 2021, 13:12 Amos Jeffries, wrote:
> On 26/01/21 1:47 am, robert k Wild wrote:
> > sorry Amos, i will explain why i use the "rep_mime_type"
> >
> > so when users go to a website and click on a link to download and if
> > that download is an .exe/.zip
On 26/01/21 1:47 am, robert k Wild wrote:
sorry Amos, i will explain why i use the "rep_mime_type"
so when users go to a website and click on a link to download and if
that download is an .exe/.zip etc etc (on my mimedeny.txt ), squid will
stop/block the download and instead they will get an
On Sunday, January 24, 2021, 11:08:49 PM GMT+1, Alex Rousskov
wrote:
> Filing a bug report with Squid Bugzilla may increase chances of this problem
> getting fixed.
Done here:
https://bugs.squid-cache.org/show_bug.cgi?id=5100
Thanks,
Vieri
___
sorry Amos, i will explain why i use the "rep_mime_type"
so when users go to a website and click on a link to download and if that
download is an .exe/.zip etc etc (on my mimedeny.txt ), squid will
stop/block the download and instead they will get an access denied error
displayed on the web page
On 26/01/21 1:24 am, robert k Wild wrote:
hi all,
just want your thoughts on what the best acl is to deny mime types
Please explain what you mean by "deny mime types" ...
Deliver the servers response but without telling the client what data
format it is using ?
Prevent the servers
On Sunday, January 24, 2021, 11:03:19 PM GMT+1, Amos Jeffries
wrote:
>> The external script "bllookup" is probably responsible for bad output,
>
> That is a certainty.
>
>> but maybe Squid could handle it without crashing.
>
> As you noticed, Squid halts service only after the helper fails
hi all,
just want your thoughts on what the best acl is to deny mime types
atm i have this and it works really well
#deny MIME types
acl mimetype rep_mime_type "/usr/local/squid/etc/mimedeny.txt"
http_reply_access deny mimetype
and in my mime file i have this
cat
I'm trying to use:
acl aclname server_cert_fingerprint [-sha1] fingerprint
I have cerated the next file:
/etc/squid/no-ssl-bump-server-fingerprint.list
And trying to use the next line:
acl NoBump_certificate_fingerprint server_cert_fingerprint -sha1
10 matches
Mail list logo