On 4/10/19 8:37 AM, Erick Perez - Quadrian Enterprises wrote: > I have added a new domain in my whitelist in squid (no caching, just > block/deny) and the domain is being blocked. suggestions? In general: 1. Figure out which directive denies the transaction. 2. Adjust your configuration to allow the transaction. Specifically in your case, I suspect that #1 will point you to the "deny CONNECT !SSL_ports" rule and #2 would result in adding port 8441 to the SSL_ports ACL. You may also want to remove port 8441 from Safe_ports, depending on how you use Safe_ports, and whether you consider port 8441 "safe" for your specific usage. HTH, Alex. > url: https://www.sqlsoftware.nom.co:8441 > > #/etc/squid/alloweddomains > .sqlsoftware.nom.co > > #access.log > # > 1554650994.238 0 10.231.0.53 TCP_DENIED/403 3742 CONNECT > www.sqlsoftware.nom.co:8441 - NONE/- text/html > 1554650994.254 0 10.231.0.53 TCP_DENIED/403 3742 CONNECT > www.sqlsoftware.nom.co:8441 - NONE/- text/html > # > > #squid.conf > # > acl mylan src 10.230.0.0/16 > acl allowedsites dstdomain "/etc/squid/alloweddomains" > acl Safe_ports port 8441 # sqlsoftware.nom.co > acl CONNECT method CONNECT > # Deny requests to certain unsafe ports > http_access deny !Safe_ports > # Deny CONNECT to other than secure SSL ports > http_access deny CONNECT !SSL_ports > http_access allow mylan allowedsites > # _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
