On 4/16/20 5:09 AM, Vieri wrote: > In sslbump tproxy "mode" one cannot authenticate user to limit/allow their > access to web content. > > I was thinking however of making a web form with auth within a custom Squid > error page. This way a user would "automatically" whitelist a web site and > have access to it while the IT dep. would know which user accessed where > despite the site being blacklisted. > > From the error page I can tell which ACL is blocking that site so I could > create an "exception" ACL for that ACL. > My question is: can this whitelist or graylist ACL be dynamic without needing > to reload Squid, a bit like ipsets with iptables/nftables without the need to > reload rules?
Yes, there are several ways to change Squid decisions without reconfiguring Squid. The simplest one is the "external acl" mechanism: http://www.squid-cache.org/Doc/config/external_acl_type/ Alex. _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
