On 22/10/2015 7:31 a.m., luizcasey wrote:
>
>
> Hello, So what I am trying to accomplish here is to basically have a
> whitelist of domains that is allowed via http/https.
What you have actually configured is a whitelist with MUCH narrower
criteria than that.
> If the UID is
> squid,apache,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
BTW - you omit many important settings from squid.conf.default. You
configuration is so dangerous.
22.10.15 20:01, luizca...@gmail.com пишет:
> Here is the config I am currently using based on your suggestion earlier.
> However it does not
On 23/10/2015 3:01 a.m., luizca...@gmail.com wrote:
> Here is the config I am currently using based on your suggestion earlier.
> However it does not start. I have also added some questions to each for
> verification purposes to make sure I am understanding what is actually going
> on.
>
>
Here is the config I am currently using based on your suggestion earlier.
However it does not start. I have also added some questions to each for
verification purposes to make sure I am understanding what is actually going on.
https_port 4827 intercept ssl-bump generate-host-certificates=on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
First, you should put in order configurations.
22.10.15 0:31, luizca...@gmail.com пишет:
> Hello,
> So what I am trying to accomplish here is to basically have a
whitelist of domains that is allowed via http/https. If the UID is
squid,apache, or
id-cache.org
>> Subject: Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains
>> issue
>> Message-ID: <5627e098.1000...@gmail.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>>
> First, you should put in order configurations.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Show piece of
allowed_domains
file.
22.10.15 2:29, luizca...@gmail.com пишет:
> Could you suggest a configuration that you think should be working ? I would
> like both
HTTP/HTTPS domains whitelisted via file all other domains blocked. What
am
squid-cache.org
> Subject: Re: [squid-users] Squid 3.5.10 SSL Bump whitelist domains
> issue
> Message-ID: <5627e098.1000...@gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Firs
Could you suggest a configuration that you think should be working ? I would
like both HTTP/HTTPS domains whitelisted via file all other domains blocked.
What am I missing ? My assumption here is the acl nobumpSites ssl::server_name
"/etc/squid/git_allowed_domains/allowed_domains” part is not
There really isn’t anything in there right now since I am testing.
/etc/squid/git_allowed_domains/allowed_domains"
.facebook.com
.cnn.com
___
squid-users mailing list
squid-users@lists.squid-cache.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Working config snippet for 3.5.x looks like this:
acl get_sni_at_step1 at_step SslBump1
ssl_bump peek get_sni_at_step1
acl spliced_hosts ssl::server_name_regex -i
"/usr/local/squid/etc/url.nobump"
ssl_bump splice spliced_hosts
ssl_bump bump
On 10/21/2015 02:49 PM, Yuri Voinov wrote:
> Working config snippet for 3.5.x looks like this:
>
> ssl_bump peek get_sni_at_step1
> ssl_bump splice spliced_hosts
> ssl_bump bump net_bump
The above config leaves the following question unanswered:
Q: What happens if neither spliced_hosts nor
Hello,
So what I am trying to accomplish here is to basically have a whitelist of
domains that is allowed via http/https. If the UID is squid,apache, or root
then basically you will bypass squid and anything is allowed. This was working
well on 3.4.2 however once I moved to 3.5.10 it no longer
Alex,
So what do you recommend to do here ? I just need a simple whitelist file for
both http/https. I have a config that works on 3.4 but would like to upgrade to
3.5 and the current config we have won't cut it. Just need a simple if you are
in this list allow if not deny. No need for any ssl
14 matches
Mail list logo