What is the content of: /etc/squid/exfiles.conf And did you tried using: ssl::server_name_regex -i "/etc/squid/doms.nobump" /etc/squid/doms.nobump: ##START OF FILE update\.microsoft\.com$ update\.microsoft\.com\.akadns\.net$ v10\.vortex\-win\.data\.microsoft.com$ settings\-win\.data\.microsoft\.com$ ##END OF FILE etc… Eliezer ---- http://ngtech.co.il/lmgtfy/ Linux System Administrator Mobile: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Test1964 Sent: Sunday, February 19, 2017 12:22 PM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Squid 3.5.24 - Exclude https sites from ssl_bump in Transparent Mode Hi, When I try to exclude some sites like Banks (or even gmail.com) for users using squid in TRANSPARENT Mode, I get in Squid log : "SECURITY ALERT: On URL......." (all servers and users using same dns, so this not an issue). My config file regard to this: acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 ssl_bump splice localhost acl exclude_sites ssl::server_name "/etc/squid/exfiles.conf" ssl_bump peek step1 all ssl_bump splice exclude_sites ssl_bump stare step2 all ssl_bump all * all users use fake ips (172.x.x.x) Any ideas how to fix ? Thanks Dan _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
