KOn 15.10.18 01:04, RB wrote:
I'm trying to deny all urls except for only whitelisted regular
expressions. I have only this regular expression in my file
"squid_sites.txt"
^https://wiki.squid-cache.org/SquidFaq/SquidAcl.*
are you aware that you can only see CONNECT in https requests, unless using
ssl_bump?
acl bastion src 10.5.0.0/1
acl whitelist url_regex "/vagrant/squid_sites.txt"
[...]
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access allow localhost
http_access allow purge localhost
http_access deny purge
http_access deny CONNECT !SSL_ports
http_access allow bastion whitelist
http_access deny bastion all
I tried enabling debugging and tailing /var/log/squid3/cache.log but my
curl statement keeps matching "all".
of course it matches all, everything should match "all".
I more wonder why doesn't it match "http_access allow localhost"
$ curl -sSL --proxy localhost:3128 -D - "
https://wiki.squid-cache.org/SquidFaq/SquidAcl"; -o /dev/null 2>&1 | grep
Squid
X-Squid-Error: ERR_ACCESS_DENIED 0
Any ideas what I'm doing wrong?
have you reloaded squid config after changing it?
Did squid confirm it?
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
_______________________________________________
squid-users mailing list
[email protected]
http://lists.squid-cache.org/listinfo/squid-users
