[squid-users] ssl_crtd breaks after short time
Klavs Klavsen
kl at vsen.dk
Thu Jun 4 13:45:03 UTC 2015
after moving it here:
http_access allow okweb-urls testsrv1
http_access allow CONNECT bumpedPorts
http_access deny all
it still allows everything..
Amos Jeffries wrote on 06/04/2015 03:42 PM:
> On 5/06/2015 1:20 a.m., Klavs Klavsen wrote:
>> Hi,
>>
>> I added the bumpedports - and now traffic works and is allowed.. but it
>> allows everything on https.. :(
>>
>> Log says:
>> 10.xx.130.50 - - [04/Jun/2015:15:16:07 +0200] "CONNECT 72.51.34.34:443
>> HTTP/1.1" lwn.net - 200 28189 TCP_TUNNEL:ORIGINAL_DST peek
>>
>> so it doesn't seem to check the http_access lines for testsrv1.
>
> So, you maybe need to put the bumpedPorts check down just before the
> "deny all" line.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
--
Regards,
Klavs Klavsen, GSEC - kl at vsen.dk - http://www.vsen.dk - Tlf. 61281200
"Those who do not understand Unix are condemned to reinvent it, poorly."
--Henry Spencer
More information about the squid-users
mailing list