On 12/06/2014 8:24 a.m., MrErr wrote: > I got this working. The single change i made was adding the statement > > ssl_bump server-first all > > if i tried anything else other than "all" it did not work, https did > filtering did not happen. Does anyone know if there is some kind of bug? When server-first ACLs are tested for port 443 intercepted traffic Squid has only pieces of information available: 1) client IP:port (src, src_regex, srcport ACLs - all, localnet localhost work) 2) squid listening IP:port (myip, myport, and myportname ACL) 3) server IP:port the client tried connecting to (dst, dst_regex ACLs - to_localhost works) ssl_bump is a "fast" group ACL lookup so DNS resolution of those IP address to domain names is not reliably available. Your initial configuration relies on domain names being known, "all" depends on src IP being known. Amos