[squid-users] 3.5.8 intercept Whitelist http&https

[Бараблин Дмитрий]

Hello all!

im trying to configure squid 3.5.8 as intercept with Whitelist ACLs on 
HTTP and HTTPS.

what my config:

acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl whitelist dstdom_regex -i "/etc/squid/whitelist"
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
dns_nameservers 8.8.8.8
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
acl whitelist_ssl ssl::server_name_regex -i "/etc/squid/whitelist_ssl"
http_port 10.0.0.185:3128 intercept
http_port 10.0.0.185:3130
https_port 10.0.0.185:3129 intercept ssl-bump 
options=ALL:NO_SSLv3:NO_SSLv2 connection-auth=off 
cert=/etc/squid/squidCA.pem
always_direct allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
cl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump splice whitelist_ssl
ssl_bump peek whitelist_ssl
ssl_bump terminate all


this config nice work with HTTPS sites, but not filtered http. When im 
added "http_access allow localnet whitelist", which stop at all sites.

whitelist&whitelist_ssl - both file have some contents aka

\.google-analytics\.com
\.googleapis\.com
\.google\.com
\.googleusercontent\.com
\.gstatic\.com

please tell me what I'm doing wrong!

-- 
WBR, Dmitry Barablin