Search squid archive

Re: "ACCESS DENIED" page by ssl_bump terminate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 


28.03.16 20:59, Alex Rousskov пишет:
> On 03/27/2016 11:59 PM, Alexandr Yatskin wrote:
>> Directive "deny_info" didn't work when we blocked https site with option
>> "ssl_bump".
>
> "deny_info" is not compatible with the ssl_bump "terminate" action. The
> "terminate" action means "Close client and server connections". It is
> impossible to serve an [error] response on a closed connection.
>
> IIRC, blocking the CONNECT request (fake or real) with http_access is
> enough to force Squid to respond with an "access denied" error -- Squid
> should automatically bump the client connection (if that is still
> possible when the CONNECT request is blocked) to serve an error response.
I.e., to use deny_info bump is required?
>
>
>
> HTH,
>
> Alex.
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJW+XGPAAoJENNXIZxhPexGszEH/0KiEKoqE54cq3iO2t5ny78Y
Mk2q1E8+PFOf5rT0Q4yGpi339ZvVL5MQMtFqle/MhAidnUsYwTYT/9Skut94BTuf
PqM9L6G2zZjcats4cgL83qx/qkNxWGCxlWoZe1bMI5F1tkGkJaBsS8I1fEVWKezB
ScToG0IdXR52yvbB/WpKeTPobzd3Ie+hQvdmom7ubr1FXumqplVvXN/S8pLEObOn
TvcEBVvcUXYXa2n5MZ3oJaV4oW95Q0GeQ6AiHDfVE76qYSs3ZTdj9vhanEs+ZKyp
a6ATIMm6JqPlFE+wDmmKCZgn//ePdAxi8lU3E/BFKARekL1vEMdsTyj+sJzXMYs=
=Cs8V
-----END PGP SIGNATURE-----

Attachment: 0x613DEC46.asc
Description: application/pgp-keys

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux