Hi list Using Squid 3.5.11 and playing with Peek-and-splice and SSL-Fingerprinting. I've configured the following settings: acl SSL_BLACKLIST server_cert_fingerprint "/etc/squid/SSL_BLACKLIST" acl DENY_SSL_BUMP ssl::server_name_regex -i "/etc/squid/DENY_SSL_BUMP" acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 ssl_bump splice DENY_SSL_BUMP ssl_bump stare all ssl_bump terminate SSL_BLACKLIST ssl_bump bump all With this config, connections with known fingerprints are terminated and sites, which shouldn't be bumped, are spliced. It's working fine, but for me it's suspicious, why I don't need to define a "at_step"-directive. Does the word "all" within the "stare"-directive means all-steps? Or refers the "all" to the implied ACL "all"-directive? When replacing "ssl_bump stare all" with "ssl_bump stare step1", then terminating the connection while catching a known ssl-fingerprint isn't working. Why? Thanks a lot for an explanation. Kind regards, Tom _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
