On 19/05/2015 5:49 a.m., Andres Granados wrote:
> hello!I need help on how to block pornographic images of google, I
> was trying different options and still do not succeed, try:
> http_reply_access with request_header_add, and even with a
> configuration dns, I think is to request_header_add the best, though
> not it has worked for me, I hope your help, is to implement a school,
> thanks!
>
FYI; Christos has added a tweak to the "ssl-bump splice" handling that
permits sending the traffic to a cache_peer configured something like this:
acl example ssl::server_name .example.com
ssl_bump splice example
ssl_bump peek all
cache_peer forcesafesearch.example.com parent 443 0 \
name=GS \
originserver no-query no-netdb-exchange no-digest
acl search dstdomain .example.com
cache_peer_access GS allow search
cache_peer_access GS deny all
The idea being that you can use this on intercepted (or forward-proxy)
HTTPS traffic instead of hacking about with DNS to direct clients at the
servers Google use to present "safe" searching.
This should be available in 3.5.7, or the current 3.5 snaphots.
Cheers
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
