KOn 15.10.18 01:04, RB wrote:
I'm trying to deny all urls except for only whitelisted regular expressions. I have only this regular expression in my file "squid_sites.txt" ^https://wiki.squid-cache.org/SquidFaq/SquidAcl.*
are you aware that you can only see CONNECT in https requests, unless using ssl_bump?
acl bastion src 10.5.0.0/1 acl whitelist url_regex "/vagrant/squid_sites.txt"
[...]
http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access allow localhost http_access allow purge localhost http_access deny purge http_access deny CONNECT !SSL_ports http_access allow bastion whitelist http_access deny bastion all
I tried enabling debugging and tailing /var/log/squid3/cache.log but my curl statement keeps matching "all".
of course it matches all, everything should match "all". I more wonder why doesn't it match "http_access allow localhost"
$ curl -sSL --proxy localhost:3128 -D - " https://wiki.squid-cache.org/SquidFaq/SquidAcl"; -o /dev/null 2>&1 | grep Squid X-Squid-Error: ERR_ACCESS_DENIED 0
Any ideas what I'm doing wrong?
have you reloaded squid config after changing it? Did squid confirm it? -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
