-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 28.03.16 20:59, Alex Rousskov пишет: > On 03/27/2016 11:59 PM, Alexandr Yatskin wrote: >> Directive "deny_info" didn't work when we blocked https site with option >> "ssl_bump". > > "deny_info" is not compatible with the ssl_bump "terminate" action. The > "terminate" action means "Close client and server connections". It is > impossible to serve an [error] response on a closed connection. > > IIRC, blocking the CONNECT request (fake or real) with http_access is > enough to force Squid to respond with an "access denied" error -- Squid > should automatically bump the client connection (if that is still > possible when the CONNECT request is blocked) to serve an error response. I.e., to use deny_info bump is required? > > > > HTH, > > Alex. > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJW+XGPAAoJENNXIZxhPexGszEH/0KiEKoqE54cq3iO2t5ny78Y Mk2q1E8+PFOf5rT0Q4yGpi339ZvVL5MQMtFqle/MhAidnUsYwTYT/9Skut94BTuf PqM9L6G2zZjcats4cgL83qx/qkNxWGCxlWoZe1bMI5F1tkGkJaBsS8I1fEVWKezB ScToG0IdXR52yvbB/WpKeTPobzd3Ie+hQvdmom7ubr1FXumqplVvXN/S8pLEObOn TvcEBVvcUXYXa2n5MZ3oJaV4oW95Q0GeQ6AiHDfVE76qYSs3ZTdj9vhanEs+ZKyp a6ATIMm6JqPlFE+wDmmKCZgn//ePdAxi8lU3E/BFKARekL1vEMdsTyj+sJzXMYs= =Cs8V -----END PGP SIGNATURE-----
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users