[squid-users] Strange behaviour with Chrome (client OS = WinXP x64) ...
Yuri Voinov
yvoinov at gmail.com
Sun Feb 1 18:50:32 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
02.02.2015 0:46, Amos Jeffries пишет:
> On 2/02/2015 7:16 a.m., Yuri Voinov wrote:
>>
>>
>> 01.02.2015 23:48, Walter H. пишет:
>>> Hello,
>>
> <snip>
>
>>> acl ssl_bump_domains_bankingsites dstdomain banking.raiffeisen.at
>> banking.ing-diba.at ebanking.easybank.at services.kepler.at
>> www.kepler.at www.rcb.at
>>> acl ssl_bump_domains_msftupdates dstdomain .update.microsoft.com
>>> ssl_bump none ssl_bump_domains_bankingsites
>>> ssl_bump none ssl_bump_domains_msftupdates
>>> ssl_bump server-first all
>> You do it wrong. You don't know site names BEFORE bump.
>>
>
> No. His http_port settings are those which match a proxy being
> configured explicitly in the brower, which means CONNECT messages with
> domain name expected to be present.
Oh, of course. I compare it with my interception configuration. :)
But ip-based dst acl for bankings will works in any case. Just
pass-through banking IP without bump - and, viola! - they works.
Yes?
>
>
> It might not be, which could be the problem. But that can only known by
> looking at the CONNECT request message itself.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJUznV4AAoJENNXIZxhPexGOuIIAIcq7xXlBk5UJ2cNkglcWH9s
xwCYgpH7VyiG6z9rZk4BFOvOqmIPiCIx9izzgXkK5QssKgeCBB4fXt/bOnM3WDBO
qEyA+awbMCfkPQExWd6LSNhDEqPAdhkUHnRmK+tKmhGPaipqJUsm5UH9cBTO2VdK
ARrsfu/HR+DluwhUdE5Zem81H27iQmClD7NCrFiFsrDEAcMEDueVvKjYYUuYGwor
f81lMcj2ZpnEF8Ogyo7mZOmIR3+nRlzJLLvpm0wIerFzfPOkZKqCtV9GQezlkKYf
NStXj2ei33ZwwP/QGiv4SmjBQrTU6hRIZNuPk5B1yjkXyzEVpYfhW5xGT3fzKbU=
=2JZO
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list