On 19/05/2015 3:20 a.m., Walter H. wrote: > On 18.05.2015 13:25, Amos Jeffries wrote: >>> I would have done it this way: >>> >>> acl block_whole_network dst_as 4837 >>> deny_info errorpage block_whole_network >>> http_access deny block_whole_network >>> >>> but this crashes squid ... >>> >> Ouch. Is that the<http://bugs.squid-cache.org/show_bug.cgi?id=3579> >> crash? >> > yes, this crash; >> I would like to fix that, but need the backtrace. > how would a generate the backtrace? Several ways possible are listed in <http://wiki.squid-cache.org/SquidFaq/BugReporting>. >>> >>>>> does it seem to be problematic, when having an TLS-server with an IPv6 >>>>> address only without DNS, because of the comm name? >>>> That is a different issue entirely. >>> yes and hoping no browser ever will accept a common name of just '*' >>>> Going by that description it seems Firefox and Chrome are a bit broken. >>> IE, too; >> IE is doing the right thing in your description. That cert-with-IP >> warning is the correct / working behaviour. > not really, with IPv4 it doesn't bring this warning - the CA cert using Ah, right. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
