<div dir="ltr"><div>Thanks,</div><div># Begin of "/etc/squid/squid.conf"</div><div>acl localnet src <a href="http://192.168.15.0/24">192.168.15.0/24</a><br><br>acl SSL_ports port 8443<br>acl SSL_ports port 443<br>acl SSL_ports port 563<br>acl SSL_ports port 22<br>acl SSL_ports port 21<br>acl SSL_ports port 8081<br>acl SSL_ports port 3478<br>acl SSL_ports port 563<br>acl SSL_ports port 8085<br>acl SSL_ports port 2083<br>acl SSL_ports port 2221<br>acl SSL_ports port 2222<br>acl SSL_ports port 950<br>acl SSL_ports port 10443<br>acl SSL_ports port 23389<br>acl SSL_ports port 5222<br>acl SSL_ports port 9090<br>acl SSL_ports port 7792<br>acl SSL_ports port 2222<br>acl SSL_ports port 8443<br>acl SSL_ports port 2223<br>acl SSL_ports port 90<br>acl SSL_ports port 19305<br><br>acl Safe_ports port 20<br>acl Safe_ports port 21<br>acl Safe_ports port 22<br>acl Safe_ports port 70<br>acl Safe_ports port 80<br>acl Safe_ports port 90<br>acl Safe_ports port 210<br>acl Safe_ports port 280<br>acl Safe_ports port 443<br>acl Safe_ports port 488<br>acl Safe_ports port 563<br>acl Safe_ports port 591<br>acl Safe_ports port 631<br>acl Safe_ports port 777<br>acl Safe_ports port 901<br>acl Safe_ports port 950<br>acl Safe_ports port 1025-65535<br><br>acl CONNECT method CONNECT<br><br>http_access deny !Safe_ports<br><br>http_access deny CONNECT !SSL_ports<br><br>http_access allow localhost manager<br>http_access deny manager<br><br>http_access allow localnet<br>http_access allow localhost<br><br>http_access deny all<br><br>http_port 3128 ssl-bump cert=/etc/squid/certs/squid-ca-cert-key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB<br>http_port 3129 intercept ssl-bump cert=/etc/squid/certs/squid-ca-cert-key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB<br>https_port 3130 intercept ssl-bump cert=/etc/squid/certs/squid-ca-cert-key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MB<br><br>acl DiscoverSNIHost at_step SslBump1<br>acl NoSSLIntercept ssl::server_name_regex "/etc/squid/acl.url.nobump"<br><br>ssl_bump peek DiscoverSNIHost<br>ssl_bump splice NoSSLIntercept<br>ssl_bump bump all<br><br>tls_outgoing_options cafile=/etc/squid/ca-bundle.crt<br><br>sslproxy_foreign_intermediate_certs /etc/squid/certs/lets-encrypt-r3.pem<br>tls_outgoing_options cafile=/etc/squid/mozilla.pem<br><br>url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf<br>url_rewrite_children 64 startup=16 idle=4 concurrency=0<br>url_rewrite_bypass off<br><br>debug_options ALL,2<br><br>cache_dir ufs /var/spool/squid 100 16 256<br>coredump_dir /var/spool/squid<br>cache_mgr <a href="mailto:informatica@regioncusco.gob.pe">informatica@regioncusco.gob.pe</a><br><br>error_default_language es<br>dns_v4_first on<br><br>refresh_pattern ^ftp: 1440 20% 10080<br>refresh_pattern ^gopher: 1440 0% 1440<br>refresh_pattern -i (/cgi-bin/|\?) 0 0% 0<br>refresh_pattern . 0 20% 4320<br></div><div># End of "/etc/squid/squid.conf"</div><div><br></div><div>---</div><div><br></div><div># Begin of "/etc/squid/acl.url.nobump"<br></div><div>.whatsapp\.net<br>(w[0-9]+[a-z]+)\.squid-cache\.org<br>(w[0-9]+[a-z]+)\.websocket\.org<br>(w[0-9]+[a-z]+)\.reniec\.gob\.pe<br></div><div># End of "/etc/squid/acl.url.nobump"<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">El dom, 30 de may. de 2021 a la(s) 22:19, NgTech LTD (<a href="mailto:ngtech1ltd@gmail.com">ngtech1ltd@gmail.com</a>) escribió:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Hey,<div dir="auto"><br></div><div dir="auto">can you please share your squid.conf (Excluded sensitive details) so we can try to recommend a solution?</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">בתאריך יום ב׳, 31 במאי 2021, 4:03, מאת Alex Irmel Oviedo Solis <<a href="mailto:alleinerwolf@gmail.com" target="_blank">alleinerwolf@gmail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Good night, I'm having problems with a transparent squid proxy (with squidGuard enabled). Whatsapp's web client doesn't work, I tried to add an exclusion to SSL Bump following this manual <a href="https://wiki.squid-cache.org/ConfigExamples/Chat/Whatsapp" rel="noreferrer" target="_blank">https://wiki.squid-cache.org/ConfigExamples/Chat/Whatsapp</a>, but still not working.<br><br>Are there any way to probe or debug if this exclusion is working?<br clear="all"><br>-- <br><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><i style="color:rgb(136,136,136);font-size:12.8px"><font face="'comic sans ms', sans-serif"><span style="font-family:arial;font-style:normal"><i><font face="'comic sans ms', sans-serif">"Una alegría compartida se transforma en doble alegría; una pena compartida, en media pena."</font></i></span></font></i></div><div dir="ltr"><span style="color:rgb(136,136,136);font-size:12.8px">--></span><a href="http://www.alexove.me/" style="color:rgb(17,85,204);font-size:12.8px" rel="noreferrer" target="_blank"> http://www.alexove.me</a><div style="color:rgb(136,136,136);font-size:12.8px">--> Celular (Movistar): +51-959-625-001<br></div><div style="color:rgb(136,136,136);font-size:12.8px">--> Sigueme en Twitter: <a href="http://twitter.com/alexove_pe" style="color:rgb(17,85,204)" rel="noreferrer" target="_blank">http://twitter.com/alexove_pe</a><br>--> Perfil: <a href="http://fedoraproject.org/wiki/user:alexove" style="color:rgb(17,85,204)" rel="noreferrer" target="_blank">http://fedoraproject.org/wiki/user:alexove</a></div></div></div></div></div></div>
_______________________________________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org" rel="noreferrer" target="_blank">squid-users@lists.squid-cache.org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer noreferrer" target="_blank">http://lists.squid-cache.org/listinfo/squid-users</a><br>
</blockquote></div>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><i style="color:rgb(136,136,136);font-size:12.8px"><font face="'comic sans ms', sans-serif"><span style="font-family:arial;font-style:normal"><i><font face="'comic sans ms', sans-serif">"Una alegría compartida se transforma en doble alegría; una pena compartida, en media pena."</font></i></span></font></i></div><div dir="ltr"><span style="color:rgb(136,136,136);font-size:12.8px">--></span><a href="http://www.alexove.me/" style="color:rgb(17,85,204);font-size:12.8px" target="_blank"> http://www.alexove.me</a><div style="color:rgb(136,136,136);font-size:12.8px">--> Celular (Movistar): +51-959-625-001<br></div><div style="color:rgb(136,136,136);font-size:12.8px">--> Sigueme en Twitter: <a href="http://twitter.com/alexove_pe" style="color:rgb(17,85,204)" target="_blank">http://twitter.com/alexove_pe</a><br>--> Perfil: <a href="http://fedoraproject.org/wiki/user:alexove" style="color:rgb(17,85,204)" target="_blank">http://fedoraproject.org/wiki/user:alexove</a></div></div></div></div></div>