Re-wind. back to the original question and problem...
On 16/04/11 03:48, Mohammad Fattahian wrote:
<snip>
Is the any way to block HTTPS for some web sites?
I have to block access to Gmail accounts.
It's done for http but I did not find any solution for https.
This is part of my configuration:
acl gmail1 dstdomain google.com
acl gmail2 dstdomain google.ca
http_access deny CONNECT gmail1 gmail2
That is the right approach. Almost.
Please read this FAQ section on what is going wrong:
http://wiki.squid-cache.org/SquidFaq/SquidAcl#Common_Mistakes
After correcting your ACLs you will also want to prefix the domain names
with "." to catch their HTTPS sub-domains.
Oh, and be sure to make this a *new* CONNECT line. If you do any of this
to the existing/default CONNECT line you will be opening huge holes in
your security system.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.12
Beta testers wanted for 3.2.0.6
