I have a scenario which I want to disable ssl-bump for specific hosts ip network masks. In this scenario I want to allow all localnet(10.0.0.0/8, 192.168.0.0/16...) https traffic to be spliced. I tried to understand from the acl docs if there is such acl out there but couldn't understand if it exists. I am using squid in this scenario as a simple forward proxy and not in intercept mode. >From the next: ***** ACL TYPES AVAILABLE ***** acl aclname src ip-address/mask ... # clients IP address [fast] acl aclname src addr1-addr2/mask ... # range of addresses [fast] acl aclname dst [-n] ip-address/mask ... # URL host's IP address [slow] acl aclname localip ip-address/mask ... # IP address the client connected to [fast] Is there a specific one that can help me with that or I should use ssl::server_name_regex : (^127\.0\.0\.1)|(^192\.168)|(^10\.)|(^172\.1[6-9])|(^172\.2[0-9])|(^172\.3[0 -1]) ?? In intercept mode I can just use iptables to bypass the interception but in a forward proxy mode I do not see another option. This might not be the place but, would ever maybe such an option to bypass squid parsing for specific destinations ie "splice" for special http requests? Thanks, Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
