On 12/20/2016 02:42 AM, Hardik Dangar wrote: > Following changes in config works and whatsapp starts working, > > acl serverIsws ssl::server_name_regex ^w[0-9]+\.web\.whatsapp\.com$ > > acl step1 at_step SslBump1 > ssl_bump peek step1 > ssl_bump splice serverIsws > ssl_bump bump !serverIsws all You do not need the "!serverIsws" part because if serverIsws matches, then the splice rule wins, and Squid does not reach the bump rule. This configuration is sufficient: ssl_bump peek step1 ssl_bump splice serverIsws ssl_bump bump all In theory, adding "!serverIsws" does not hurt. However, negating complex ACLs is tricky/dangerous and should be avoided when possible. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
