[squid-users] Time acl not working
Amos Jeffries
squid3 at treenet.co.nz
Wed Feb 7 13:00:08 UTC 2018
On 08/02/18 01:37, Danilo V wrote:
> - Squid.conf:
>
> /http_port 3128
> /
> /acl social dstdomain -i .facebook.com <http://facebook.com> .fbcdn.net
> <http://fbcdn.net> .twitter.com <http://twitter.com>
> /
> /acl LUNCH time 12:00-13:00/
> /http_access allow social LUNCH/
> /http_access deny social/
>
> 1. Adjust time in acl to your local test time.
> 2. Open facebook and twitter tabs in browser within allowed hours.
> 3. Once the interval expires try to scroll pages down or click internal
> links.
> 4. It's still working here. :-(
>
So what https_port and/or SSL-Bump settings do you use to actually
access the HTTPS requests?
Without either explicit TLS or SSL-Bump there is only an initial CONNECT
tunnel setup. The time ACLs are applied at that point and HTTP ends once
the tunnel starts. No ACLs or other checking is possible on the TCP
connection.
Amos
More information about the squid-users
mailing list