ok i finally realised for myself why it wasnt working, thanks so much Matus!!!
http_access allow activation - as this is at the top, allows all internet on ports 80 443, so the below is totally ignored http_access allow whitelist http_access allow whitelistreg http_access deny all http_access allow activation whitelist - only allows ports above only AND to the certain websites on the whitelist http_access allow activation whitelistreg - only allows ports above only AND to the certain websites on the whitelistreg http_access deny all - denies all thanks Amos aswell for pointing out the ssl server name wouldnt do regex On Thu, 15 Jul 2021 at 15:13, robert k Wild <robertkw...@gmail.com> wrote: > this is all i have in my urlwhitereg file > > \.vsb\.tawk\.to > > so i will change it to the below? > > \.vsb\.tawk\.to$ > > also before i made all the changes it was working ie when these lines > > http_access allow activation whitelist > > it was only allowing those ports and anything in the urlwhite list ie the > non regex ssl one and everything else ie that wasnt in the whitelist it was > blocking > > On Thu, 15 Jul 2021 at 14:02, Matus UHLAR - fantomas <uh...@fantomas.sk> > wrote: > >> On 15.07.21 13:54, robert k Wild wrote: >> >ok this hasnt worked, its allowing all the internet now ie urls >> >> improper regular expressions probably. >> Are you aware that regular expressions can match in the middle of string? >> you will need to use $ at the end of line e.g. >> >> \.com$ >> >> to match .com domains (which is also reason to avoid regexps when >> posssible) >> >> >#HTTP_HTTPS whitelist websites >> >acl whitelist ssl::server_name "/usr/local/squid/etc/urlwhite.txt" >> > >> >#HTTP_HTTPS whitelist websites regex >> >acl whitelistreg ssl::server_name_regex >> >"/usr/local/squid/etc/urlwhitereg.txt" >> >> >http_access allow activation >> >> this one should allow whole internet too. >> >> the standard squid config contains ACLs Safe_ports and SSL_ports along >> with >> directives to disallow using other ports, perhaps you should use those. >> >> >http_access allow whitelist >> >http_access allow whitelistreg >> >http_access deny all >> > >> >On Thu, 15 Jul 2021 at 13:43, robert k Wild <robertkw...@gmail.com> >> wrote: >> > >> >> activation is an acl for ports, so >> >> >> >> acl activation port 80 443 8090 9251 # office adobe web >> >> >> >> On Thu, 15 Jul 2021 at 13:24, Matus UHLAR - fantomas < >> uh...@fantomas.sk> >> >> wrote: >> >> >> >>> On 15.07.21 13:08, robert k Wild wrote: >> >>> >#HTTP_HTTPS whitelist websites >> >>> >acl whitelist ssl::server_name "/usr/local/squid/etc/urlwhite.txt" >> >>> > >> >>> >#HTTP_HTTPS whitelist websites regex >> >>> >#acl whitelistreg ssl::server_name_regex >> >>> >"/usr/local/squid/etc/urlwhitereg.txt" >> >>> > >> >>> >> >>> you must split those to two lines, as all ACLs must match for >> http_access >> >>> line to match: >> >>> >> >>> http_access allow activation whitelist >> >>> http_access allow activation whitelistreg >> >>> http_access deny all >> >>> >> >>> I only can guess what "activation" means. >> -- >> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ >> Warning: I wish NOT to receive e-mail advertising to this address. >> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. >> "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist >> "So does syphillis. Good thing we have penicillin." - Matthew Alton >> _______________________________________________ >> squid-users mailing list >> squid-users@lists.squid-cache.org >> http://lists.squid-cache.org/listinfo/squid-users >> > > > -- > Regards, > > Robert K Wild. > -- Regards, Robert K Wild.
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
