On 3/6/24 08:48, Jason Marshall wrote:
We have been using squid (version squid-5.5-6.el9_3.5) under RHEL9 as a simple pass-through proxy without issue for the past month or so. Recently our security team implemented an IPS product that intercepts domain names known to be associated with malware and ransomware command and control. Once this was in place, we started having issues with the behavior of squid.
Can you get a feed of the verboten domains from the team and configure Squid to block such requests, thereby eliminating the need to do the DNS lookup?
-- Grant. . . .
<<attachment: smime.p7s>>
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx https://lists.squid-cache.org/listinfo/squid-users
