Le 11/03/2018 à 09:24, Amos Jeffries a écrit : > What you need to start with is switch your thinking from "domains" to > considering things in terms of connections and individual servers. Since > "domain" is a URL concept, and URLs are all hidden inside the encrypted > part of the traffic there is no knowing what that really is until after > decryption. > > However when dealing with servers and connections, the connections TLS > SNI can tell you which *server* a client is connecting to and you can > decide to do the splice action based on which servers you are having > trouble with (not domains). > > Or better yet, decide even earlier in your NAT system not to send that > traffic to the proxy at all. I'm sorry, but I don't understand what you're saying. Here's what I want, It's very simple. Create a text file that contains a list of domains. For example: google.com hotmail.com github.com credit-cooperatif.fr And then all connections that go to anyone of these domains don't get cached, but simply pass through Squid. Thanks, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : info@xxxxxxxxxxxxx Tél. : 04 66 63 10 32 _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
