On 20.05.22 11:21, robert k Wild wrote:
So for SSL inspection, for squid to look into the URl headers, what's the
better one
Server name or
DST domain
I thought I have explained it:
dstdom_regex is from the request, not from the SSL data.
On Fri, 20 May 2022, 11:12 Matus UHLAR - fantomas, <uhlar@xxxxxxxxxxx>
wrote:
On 19.05.22 19:29, robert k Wild wrote:
>Think I found it but, what the difference between these two
>
>acl aclname ssl::server_name_regex [-i] \.foo\.com ...
this one is taken from SNI option when squid looks at SSL handshake
parameters.
>acl aclname dstdom_regex [-n] [-i] \.foo\.com ...
this one is the one provided in clients' request, where SSL requests
usually
look like:
CONNECT www.google.com:443 HTTP/1.0
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
Send this email to 100 your friends - let them see what an idiot you are
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
