Search squid archive

Re: Help with UA filtering in https connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 02.01.18 06:04, squidnoob wrote:
In my existing config, i have:

# delay filtering decisions until we get to bumped requests
http_access allow CONNECT safe_ports
http_access deny CONNECT


I understand adding this line that you suggested as it's not already there.
http_access deny !safe_ports

However, i don't understand why i would need to add this (http_access deny
CONNECT !SSL_Ports ) given the two lines above in the existing config. I'm
probably just misunderstanding how this works.

the two lines above unconditionally allow CONNECT anywhere, you can't deny
it further because no further checking is done.

when using:

http_access deny CONNECT !SSL_ports
you deny CONNECT request to non-SSL ports and can deny them further.

--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
99 percent of lawyers give the rest a bad name. _______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux