Thank you for the reply. Thank you for confirming that the connections that are 
started are not effected by the last ACL, thus clients not on acls prior would 
be blocked and not allowed to access the cache. However ones that are would be 
able to use the cache. 


Jonathan Lee
Adult Student
Sent from my iPhone

> On Apr 27, 2024, at 03:07, Amos Jeffries <squ...@treenet.co.nz> wrote:
> 
> On 24/04/24 17:27, Jonathan Lee wrote:
>> Hello fellow Squid users I wanted to ask a quick question for use with 
>> termination would http access for cache still work with this type of setup 
>> and custom refresh patterns?
>> I think it would terminate all but the clients and if they use the cache it 
>> would be ok.
> 
> These things are sequential, but otherwise not directly related.
> 
> SSL-Bump is about TLS handshake opening a connection from a client.
> 
> The "ssl_bump splice" action allows the client connection to go through Squid 
> in the form of a blind tunnel. Caching (and thus refresh of cached objects) 
> is not applicable to tunneled traffic.
> 
> 
> The "ssl_bump terminate" action closes the client connection immediately. It 
> should be obvious that nothing can be done in that connection once it is 
> closed. HTTP(S) and/or caching are irrelevant - they can never happen on a 
> terminated connection.
> 
> 
> 
>> But I think an invasive container would be blocked my goal here.
>> acl markBumped annotate_client bumped=true
>> acl active_use annotate_client active=true
>> acl bump_only src 192.168.1.3 #webtv
>> acl bump_only src 192.168.1.4 #toshiba
>> acl bump_only src 192.168.1.5 #imac
>> acl bump_only src 192.168.1.9 #macbook
>> acl bump_only src 192.168.1.13 #dell
>> acl bump_only_mac arp macaddresshere
>> acl bump_only_mac arp macaddresshere
>> acl bump_only_mac arp macaddresshere
>> acl bump_only_mac arp macaddresshere
>> acl bump_only_mac arp macaddresshere
>> ssl_bump peek step1
>> miss_access deny no_miss active_use
>> ssl_bump splice https_login active_use
>> ssl_bump splice splice_only_mac splice_only active_use
>> ssl_bump splice NoBumpDNS active_use
>> ssl_bump splice NoSSLIntercept active_use
>> ssl_bump bump bump_only_mac bump_only active_use
>> acl activated note active_use true
>> ssl_bump terminate !activated
> _______________________________________________
> squid-users mailing list
> squid-users@lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
https://lists.squid-cache.org/listinfo/squid-users

Reply via email to