On 24/04/24 17:27, Jonathan Lee wrote:
Hello fellow Squid users I wanted to ask a quick question for use with termination would http access for cache still work with this type of setup and custom refresh patterns?
I think it would terminate all but the clients and if they use the cache it would be ok.
These things are sequential, but otherwise not directly related.
SSL-Bump is about TLS handshake opening a connection from a client.
The "ssl_bump splice" action allows the client connection to go through
Squid in the form of a blind tunnel. Caching (and thus refresh of cached
objects) is not applicable to tunneled traffic.
The "ssl_bump terminate" action closes the client connection
immediately. It should be obvious that nothing can be done in that
connection once it is closed. HTTP(S) and/or caching are irrelevant -
they can never happen on a terminated connection.
But I think an invasive container would be blocked my goal here.
acl markBumped annotate_client bumped=true
acl active_use annotate_client active=true
acl bump_only src 192.168.1.3 #webtv
acl bump_only src 192.168.1.4 #toshiba
acl bump_only src 192.168.1.5 #imac
acl bump_only src 192.168.1.9 #macbook
acl bump_only src 192.168.1.13 #dell
acl bump_only_mac arp macaddresshere
acl bump_only_mac arp macaddresshere
acl bump_only_mac arp macaddresshere
acl bump_only_mac arp macaddresshere
acl bump_only_mac arp macaddresshere
ssl_bump peek step1
miss_access deny no_miss active_use
ssl_bump splice https_login active_use
ssl_bump splice splice_only_mac splice_only active_use
ssl_bump splice NoBumpDNS active_use
ssl_bump splice NoSSLIntercept active_use
ssl_bump bump bump_only_mac bump_only active_use
acl activated note active_use true
ssl_bump terminate !activated
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
