Hello everyone.
I am successfully filtering HTTPS traffic with intercept/PBR setup and users get my custom ERR_ACCESS_DENIED page from Squid. Permitted pages (both HTTP/HTTPS) also work absolutely fine.
The problem is, when users try to access filtered page with HTTP request, then they get ERR_CONNECTION_REFUSED in their browsers, instead of seeing that custom deny page and I see nothing in access.log, as if Squid never even got the request. If I remove that domain from deny ACL or access it via HTTPS, then it works fine and can be seen in access.log. What can I do to fix this?
Relevant fragment from configuration:
acl CONNECT method CONNECT
reply_header_access Alternate-Protocol deny all
ssl_bump stare all
ssl_bump bump all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
acl BADSITES ssl::server_name "/etc/squid/BADSITES"
acl USERS src 10.10.80.0/24
acl USERS src 10.10.80.0/24
http_access deny BADSITES USERS
http_access allow USERS
http_port 3128
https_port 3130 intercept ssl-bump connection-auth=off generate-host-certificates=on dynamic_cert_mem_cache_size=8MB cert=/etc/squid/ssl_cert/CA.pem
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
