[squid-users] Best way to utilize time constraints with squid?
Jonathan Lee
jonathanlee571 at gmail.com
Sat Apr 27 14:48:17 UTC 2024
The time constraints for termination do appear to lock out all new connections until that timeframe has elapsed. My devices have connection errors during this duration.
Just to confirm ssl_bump can not be used with time ? Because my connections don’t work during the timeframe so that is a plus.
Sent from my iPhone
> On Apr 27, 2024, at 00:41, Amos Jeffries <squid3 at treenet.co.nz> wrote:
>
> On 26/04/24 17:15, Jonathan Lee wrote:
>> aclblock_hourstime01:30-05:00ssl_bumpterminateallblock_hourshttp_accessdenyallblock_hours
>> In this a good way to time lock squid with times lock down?
>
> That depends on your criteria/definition of "good".
>
> Be aware that http_access only checks *new* transactions. Large downloads, and long-running transactions such as CONNECT tunnel which start during an allowed time will continue running across the disallowed time(s).
>
>
>> To essentially terminate all connections and block http access.
>
> The "terminate all connections" is not enforced by 'time` ACL. Once a transaction is allowed to start, it can continue until completion - be that milliseconds or days later.
>
>
> HTH
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list