-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/10/2014 2:09 a.m., Tom Tom wrote: > I think, this behaviour was introduced with squid 3.4.4.1 > (http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13113.patch). > > I don't exactly understand this behaviour. Any hints for this? Aha. I am guessing it is a combination of: * the previous ssl-bumped traffic was brokenly finding "invalid" credentials * an "empty" regex actually contains .* (is matching anything valid). Meaning previously the "invalid" credentials would prevent the regex being even attempted. Now that the credentials validity is fixed the regex tests out and matches. Try putting a single entry of "-" in /etc/squid/DENY_USERS_LOCAL. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUNUh6AAoJELJo5wb/XPRjiB8H/25Xb0JN+C2cSUCr09giKZxq TdjprcHDeTYbJ9/MyRXsN1ZOmGyBP5XF3629+9fblhoqvCgutO2jb0kHbsrV1v9m CDfs6MhsSF2AEN5tR/4H6ZIKeajBfHZMMsCOhM7BJmajXyhF89T5K2ir4GDuKI2U 9B+6lhuvFxqae8GyGGS2X5//LHpOmej4+Ny8GpY+6F1lLaen/X3prH6qP+2aipNx jIOiN3kRrGbOACU+KJXyRJpzoCvz0xt9KtBsbQNA5z6W6fs6MhunuLhYve0r1f7n UxTBTu0OcbI8RrdA9R8fCHgKxRkBwHyT6G/domxIZrGwe8b5r2Xl8F0zzdsSN1I= =ojpT -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users