I'm not using SSL intercept configuration. Now i see is required, even for explicit mode.
Thank you for explanation.
Danilo
Em qua, 7 de fev de 2018 às 11:00, Amos Jeffries <squid3@xxxxxxxxxxxxx> escreveu:
On 08/02/18 01:37, Danilo V wrote:
> - Squid.conf:
>
> /http_port 3128
> /
> /acl social dstdomain -i .facebook.com <http://facebook.com> .fbcdn.net
> <http://fbcdn.net> .twitter.com <http://twitter.com>
> /
> /acl LUNCH time 12:00-13:00/
> /http_access allow social LUNCH/
> /http_access deny social/
>
> 1. Adjust time in acl to your local test time.
> 2. Open facebook and twitter tabs in browser within allowed hours.
> 3. Once the interval expires try to scroll pages down or click internal
> links.
> 4. It's still working here. :-(
>
So what https_port and/or SSL-Bump settings do you use to actually
access the HTTPS requests?
Without either explicit TLS or SSL-Bump there is only an initial CONNECT
tunnel setup. The time ACLs are applied at that point and HTTP ends once
the tunnel starts. No ACLs or other checking is possible on the TCP
connection.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
