hi all,

i have no idea why but my acl for url whitelist doesnt work anymore

this is the output of my parse

/usr/local/squid/sbin/squid -k parse
2023/01/12 15:10:56| Startup: Initializing Authentication Schemes ...
2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'basic'
2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'digest'
2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'negotiate'
2023/01/12 15:10:56| Startup: Initialized Authentication Scheme 'ntlm'
2023/01/12 15:10:56| Startup: Initialized Authentication.
2023/01/12 15:10:56| Processing Configuration File:
/usr/local/squid/etc/squid.conf (depth 0)
2023/01/12 15:10:56| Processing: acl localnet src #
RFC 1122 "this" network (LAN)
2023/01/12 15:10:56| Processing: acl localnet src            #
RFC 1918 local private network (LAN)
2023/01/12 15:10:56| Processing: acl localnet src         #
RFC 6598 shared address space (CGN)
2023/01/12 15:10:56| Processing: acl localnet src        #
RFC 3927 link-local (directly plugged) machines
2023/01/12 15:10:56| Processing: acl localnet src         #
RFC 1918 local private network (LAN)
2023/01/12 15:10:56| Processing: acl localnet src
     # RFC 1918 local private network (LAN)
2023/01/12 15:10:56| Processing: acl localnet src fc00::/7              #
RFC 4193 local private network range
2023/01/12 15:10:56| Processing: acl localnet src fe80::/10             #
RFC 4291 link-local (directly plugged) machines
2023/01/12 15:10:56| Processing: acl SSL_ports port 443
2023/01/12 15:10:56| Processing: acl Safe_ports port 80         # http
2023/01/12 15:10:56| Processing: acl Safe_ports port 21         # ftp
2023/01/12 15:10:56| Processing: acl Safe_ports port 443                #
2023/01/12 15:10:56| Processing: acl Safe_ports port 70         # gopher
2023/01/12 15:10:56| Processing: acl Safe_ports port 210                #
2023/01/12 15:10:56| Processing: acl Safe_ports port 1025-65535 #
unregistered ports
2023/01/12 15:10:56| Processing: acl Safe_ports port 280                #
2023/01/12 15:10:56| Processing: acl Safe_ports port 488                #
2023/01/12 15:10:56| Processing: acl Safe_ports port 591                #
2023/01/12 15:10:56| Processing: acl Safe_ports port 777                #
multiling http
2023/01/12 15:10:56| Processing: acl CONNECT method CONNECT
2023/01/12 15:10:56| Processing: http_access allow localhost manager
2023/01/12 15:10:56| Processing: http_access deny manager
2023/01/12 15:10:56| Processing: include
2023/01/12 15:10:56| Processing Configuration File:
/usr/local/squid/etc/squidrules.conf (depth 1)
2023/01/12 15:10:56| Processing: acl DiscoverSNIHost at_step SslBump1
2023/01/12 15:10:56| Processing: acl NoSSLIntercept ssl::server_name_regex
2023/01/12 15:10:56| Processing: ssl_bump peek DiscoverSNIHost
2023/01/12 15:10:56| Processing: ssl_bump splice NoSSLIntercept
2023/01/12 15:10:56| Processing: ssl_bump bump all
2023/01/12 15:10:56| Processing: http_port 3128 ssl-bump
cert=/usr/local/squid/etc/ssl_cert/myCA.pem generate-host-certificates=on
2023/01/12 15:10:56| Processing: sslcrtd_program
/usr/local/squid/libexec/security_file_certgen -s /var/lib/ssl_db -M 4MB
2023/01/12 15:10:56| Processing: acl upmime req_mime_type
2023/01/12 15:10:56| Processing: acl url_links url_regex
2023/01/12 15:10:56| Processing: acl special_url url_regex
2023/01/12 15:10:56| Processing: acl downmime rep_mime_type
2023/01/12 15:10:56| Processing: http_reply_access allow special_url
2023/01/12 15:10:56| Processing: http_reply_access deny downmime
2023/01/12 15:10:56| Processing: acl whitelist ssl::server_name_regex
2023/01/12 15:10:56| Processing: acl activation port 80 443
2023/01/12 15:10:56| Processing: http_access allow activation whitelist
2023/01/12 15:10:56| Processing: http_access deny all
2023/01/12 15:10:56| Processing: http_access allow localnet
2023/01/12 15:10:56| Processing: http_access allow localhost
2023/01/12 15:10:56| Processing: http_access deny all
2023/01/12 15:10:56| Processing: coredump_dir
2023/01/12 15:10:56| Processing: refresh_pattern ^ftp:          1440    20%
2023/01/12 15:10:56| Processing: refresh_pattern ^gopher:       1440    0%
2023/01/12 15:10:56| Processing: refresh_pattern -i (/cgi-bin/|\?) 0    0%
2023/01/12 15:10:56| Processing: refresh_pattern .              0       20%
2023/01/12 15:10:56| Processing: icap_enable on
2023/01/12 15:10:56| Processing: adaptation_uses_indirect_client on
2023/01/12 15:10:56| Processing: icap_send_client_ip on
2023/01/12 15:10:56| Processing: icap_send_client_username on
2023/01/12 15:10:56| Processing: icap_client_username_header
2023/01/12 15:10:56| Processing: icap_service service_req reqmod_precache
bypass=0 icap://
2023/01/12 15:10:56| Processing: adaptation_access service_req allow all
2023/01/12 15:10:56| Processing: icap_service service_resp respmod_precache
bypass=0 icap://
2023/01/12 15:10:56| Processing: adaptation_access service_resp allow all
2023/01/12 15:10:56| Initializing https:// proxy context
2023/01/12 15:10:56| Initializing http_port [::]:3128 TLS contexts
2023/01/12 15:10:56| Using certificate in
2023/01/12 15:10:56| Using certificate chain in
2023/01/12 15:10:56| Adding issuer CA: /C=XX/L=Default City/O=Default
Company Ltd
2023/01/12 15:10:56| Using key in /usr/local/squid/etc/ssl_cert/myCA.pem

acl whitelist ssl::server_name_regex /usr/local/squid/etc/urlwhite.txt

and in the url whitelist file is adobe.com


but when i try to access on my browser "adobe.com" i get the proxy access
denied page

can anyone shed some light as im struggling to sort this out



Robert K Wild.
squid-users mailing list

Reply via email to