Search squid archive

Re: Allow some domains to bypass Squid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Le 11/03/2018 à 19:44, Yuri a écrit :
> It's trivial to implement. Here is my config snippet:
> 
> # SSL bump rules
> acl DiscoverSNIHost at_step SslBump1
> acl NoSSLIntercept ssl::server_name_regex
> "/usr/local/squid/etc/acl.url.nobump"
> ssl_bump peek DiscoverSNIHost
> ssl_bump splice NoSSLIntercept
> ssl_bump bump all
> 
> acl.ur.nobump fragment:
> 
> # Adobe updates (web installation)
> # This requires to splice due to SSL-pinned web-downloader
> (get|platformdl|fpdownload|ardownload[0-9])\.adobe\.com

I gave this configuration a spin on my local proxy, and it works great,
without special firewall rules.

Thanks very much! You made my day!

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info@xxxxxxxxxxxxx
Tél. : 04 66 63 10 32
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux