Ricardo,
You cannot do it with a transparent proxy.
If you want Squid to handle https traffic, you must
use Squid in a non-transparent setup.
-Marcus
Ricardo Augusto de Souza wrote:
I am still not able to block https sites.
I tested all you sugested here.
I am using transparent proxy. I am redirecting all outgoing traffic to
port 80 to squid port 3128. If i redirect 443 port to squid i wont be
able to access ANY https site.
I just wanna block *FEW* https sites like i AM ALREADY doing using
Acl bleh dstdomain "/some/file/"
http_access deny bleh
-----Mensagem original-----
De: Matus UHLAR - fantomas [mailto:uhlar@xxxxxxxxxxx]
Enviada em: quinta-feira, 23 de outubro de 2008 08:20
Para: squid-users@xxxxxxxxxxxxxxx
Assunto: Re: How can I block a https site?
Matus UHLAR - fantomas wrote:
On 21.10.08 16:23, Alejandro Bednarik wrote:
You can also use url_regex -i
acl bad_sites url_regex -i "/etc/squid/bad_sites.txt"
http_access deny bad_sites
using regexes is very ineffective and may lead to problems if you
don't
count with:
- dot matching ANY character
- regex matching the middle of string, not just the end of it (like
dstdomain does)
On 22.10.08 23:45, Amos Jeffries wrote:
- URL parts often included in regex not occuring in CONNECT requests.
- neither the http(s):// part.
no, but it can match different hosts it should not mach.
.imo.im
will block e.g. www.limolimo.com
