On 6/8/21 11:55 AM, Alex Irmel Oviedo Solis wrote: > I have been trying to do it by placing the rules from line 86 > to line 91 in squid.conf
acl DiscoverSNIHost at_step SslBump1 acl NoSSLIntercept ssl::server_name_regex "/etc/squid/acl.url.nobump" ssl_bump peek DiscoverSNIHost ssl_bump splice NoSSLIntercept ssl_bump bump all I wonder if your acl.url.nobump regexes do not match step2 CONNECT URIs. The current cache.log snippet does not show that detail. Consider posting more detailed logs that show ACL matching attempts (e.g., "ALL,3 28,7"?). Alex. > El mar, 8 de jun. de 2021 a la(s) 10:45, Alex Rousskov > (rouss...@measurement-factory.com > <mailto:rouss...@measurement-factory.com>) escribió: > > On 6/8/21 11:36 AM, Alex Irmel Oviedo Solis wrote: > > Hello all, I'm having problems with squid 4.11 on RHEL 8.4. I was > trying > > to access to whatsapp with no luck, but I'm currently to test with > > https://www.websocket.org/echo.html > <https://www.websocket.org/echo.html>, the errors in both cases are > > > http.cc(723) processReplyHeader: HTTP Server RESPONSE: > > HTTP/1.1 400 WebSocket Upgrade Failure > > Squid v4 does not fully support HTTP Upgrade (it drops it). You should > splice connections to websocket services or use > http_upgrade_request_protocols available in Squid v5. > > HTH, > > Alex. > P.S. Thank you for providing detailed triage information! > > > > My squid.conf is in https://paste.centos.org/view/b98e8510 > <https://paste.centos.org/view/b98e8510> > > My cache.log is in https://paste.centos.org/view/a2b6ac81 > <https://paste.centos.org/view/a2b6ac81> > > My access.lorg is in https://paste.centos.org/view/eef2180a > <https://paste.centos.org/view/eef2180a> > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > <mailto:squid-users@lists.squid-cache.org> > http://lists.squid-cache.org/listinfo/squid-users > <http://lists.squid-cache.org/listinfo/squid-users> > > > > -- > //"Una alegría compartida se transforma en doble alegría; una pena > compartida, en media pena."// > --> http://www.alexove.me <http://www.alexove.me/> > --> Celular (Movistar): +51-959-625-001 > --> Sigueme en Twitter: http://twitter.com/alexove_pe > <http://twitter.com/alexove_pe> > --> Perfil: http://fedoraproject.org/wiki/user:alexove > <http://fedoraproject.org/wiki/user:alexove> _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
