What is the content of: /etc/squid/exfiles.conf And did you tried using: ssl::server_name_regex -i "/etc/squid/doms.nobump"
/etc/squid/doms.nobump: ##START OF FILE update\.microsoft\.com$ update\.microsoft\.com\.akadns\.net$ v10\.vortex\-win\.data\.microsoft.com$ settings\-win\.data\.microsoft\.com$ ##END OF FILE etc… Eliezer ---- http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: [email protected] From: squid-users [mailto:[email protected]] On Behalf Of Test1964 Sent: Sunday, February 19, 2017 12:22 PM To: [email protected] Subject: [squid-users] Squid 3.5.24 - Exclude https sites from ssl_bump in Transparent Mode Hi, When I try to exclude some sites like Banks (or even gmail.com) for users using squid in TRANSPARENT Mode, I get in Squid log : "SECURITY ALERT: On URL......." (all servers and users using same dns, so this not an issue). My config file regard to this: acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 ssl_bump splice localhost acl exclude_sites ssl::server_name "/etc/squid/exfiles.conf" ssl_bump peek step1 all ssl_bump splice exclude_sites ssl_bump stare step2 all ssl_bump all * all users use fake ips (172.x.x.x) Any ideas how to fix ? Thanks Dan _______________________________________________ squid-users mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-users
