On 16/04/20 9:09 pm, Vieri wrote: > Hi, > > In sslbump tproxy "mode" one cannot authenticate user to limit/allow their access to web content. > > I was thinking however of making a web form with auth within a custom Squid error page. This way a user would "automatically" whitelist a web site and have access to it while the IT dep. would know which user accessed where despite the site being blacklisted. > > From the error page I can tell which ACL is blocking that site so I could create an "exception" ACL for that ACL. > My question is: can this whitelist or graylist ACL be dynamic without needing to reload Squid, a bit like ipsets with iptables/nftables without the need to reload rules? > Squid comes with an external ACL helper that authorizes access based on DB entries. You can use any system you like to manage the DB entries. see <http://www.squid-cache.org/Versions/v4/manuals/ext_sql_session_acl.html> Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
