Alex, it worked perfectly. removing the previous 8441 acl and the adding acl SSL_ports port 8441 then a squid reload, all good to go!. thanks. --------------------- Erick Perez Soluciones Tacticas Pasivas/Activas de Inteligencia y Analitica de Datos para Gobiernos Quadrian Enterprises S.A. - Panama, Republica de Panama Skype chat: eaperezh WhatsApp IM: +507-6675-5083 --------------------- On Wed, Apr 10, 2019 at 2:22 PM Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On 4/10/19 8:37 AM, Erick Perez - Quadrian Enterprises wrote: > > > I have added a new domain in my whitelist in squid (no caching, just > > block/deny) and the domain is being blocked. suggestions? > > In general: > > 1. Figure out which directive denies the transaction. > 2. Adjust your configuration to allow the transaction. > > Specifically in your case, I suspect that > > #1 will point you to the "deny CONNECT !SSL_ports" rule and > > #2 would result in adding port 8441 to the SSL_ports ACL. > > You may also want to remove port 8441 from Safe_ports, depending on how > you use Safe_ports, and whether you consider port 8441 "safe" for your > specific usage. > > > HTH, > > Alex. > > > > url: https://www.sqlsoftware.nom.co:8441 > > > > #/etc/squid/alloweddomains > > .sqlsoftware.nom.co > > > > #access.log > > # > > 1554650994.238 0 10.231.0.53 TCP_DENIED/403 3742 CONNECT > > www.sqlsoftware.nom.co:8441 - NONE/- text/html > > 1554650994.254 0 10.231.0.53 TCP_DENIED/403 3742 CONNECT > > www.sqlsoftware.nom.co:8441 - NONE/- text/html > > # > > > > #squid.conf > > # > > acl mylan src 10.230.0.0/16 > > acl allowedsites dstdomain "/etc/squid/alloweddomains" > > acl Safe_ports port 8441 # sqlsoftware.nom.co > > acl CONNECT method CONNECT > > # Deny requests to certain unsafe ports > > http_access deny !Safe_ports > > # Deny CONNECT to other than secure SSL ports > > http_access deny CONNECT !SSL_ports > > http_access allow mylan allowedsites > > # > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users