Hi everyone,
I'm trying to deny all urls except for only whitelisted regular expressions. I have only this regular _expression_ in my file "squid_sites.txt"
My "squid.conf"
debug_options 28,7###### Global settings define###http_port 3128###### Authorization rules define######### Networks define###acl localnet src 10.5.0.0/1acl localnet src 172.16.0.0/16acl localnet src fc00::/7acl localnet src fe80::/10###### Ports define###acl SSL_ports port 443 # httpsacl SSL_ports port 22 # SSHacl Safe_ports port 80 # httpacl Safe_ports port 443 # httpsacl Safe_ports port 22 # SSHacl purge method PURGEacl CONNECT method CONNECTacl bastion src 10.5.0.0/1acl whitelist url_regex "/vagrant/squid_sites.txt"###### Rules define###http_access allow manager localhosthttp_access deny managerhttp_access deny !Safe_portshttp_access allow localhosthttp_access allow purge localhosthttp_access deny purgehttp_access deny CONNECT !SSL_portshttp_access allow bastion whitelisthttp_access deny bastion all# http_access deny all###### Secondary global settings define#### icp_access allow localnet# icp_access deny all## htcp_access allow localnet# htcp_access deny all# Add any of your own refresh_pattern entries above these.access_log /var/log/squid3/access.log squidcache_log /var/log/squid3/cache.log squidcache_store_log /var/log/squid3/store.log squidrefresh_pattern ^ftp: 1440 20% 10080refresh_pattern ^gopher: 1440 0% 1440refresh_pattern -i (/cgi-bin/|\?) 0 0% 0refresh_pattern (Release|Package(.gz)*)$ 0 20% 2880coredump_dir /var/spool/squid3maximum_object_size 1024 MBcache_mem 2048 MB
I tried enabling debugging and tailing /var/log/squid3/cache.log but my curl statement keeps matching "all".
$ curl -sSL --proxy localhost:3128 -D - "https://wiki.squid-cache.org/SquidFaq/SquidAcl" -o /dev/null 2>&1 | grep SquidX-Squid-Error: ERR_ACCESS_DENIED 0
Any ideas what I'm doing wrong?
Thank you.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
