On 1/25/19 10:18 AM, bandeep2000 wrote: > Have configured squid proxy with https whitelisted sites using ssl bump, > peek and splice feature in transparent mode. > Is there a way to terminate the connection with access denied message > gracefully(with 403 error code) Yes, there is, but it comes at a price: If you want to serve an HTTP response to the TLS client, you must bump the client connection. Actually, Squid will bump on errors automatically for you if you do _not_ tell it to terminate the TLS connection in ssl_bump rules and rely on http_access for access control instead. Here is an incomplete and untested sketch to illustrate the idea: ssl_bump peek all ssl_bump splice all ... add rules to allow step1 CONNECT requests here ... http_access allow allowed_http_sites http_access deny all Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
