[squid-users] Squid proxy whitelisting with HTTPS URL filtering
Amos Jeffries
squid3 at treenet.co.nz
Thu Dec 31 08:54:38 UTC 2015
On 2015-12-29 04:55, joru.pacs wrote:
> Hi!
>
> Currently, I am using the version squid-3.5.12. I have configure the
> SSL bump this way:
>
> http_port 8080 ssl-bump \
> cert=/usr/local/squid/etc/ssl_cert/myCA.pem \
> generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
>
> acl step1 at_step SslBump1
>
> #sslproxy_options NO_SSLv2,NO_SSLv3,SINGLE_DH_USE
>
> ssl_bump peek step1
> ssl_bump bump all
>
> I am able to do HTTP filtering, however, using doing an HTTPS url
> filter does not work. A specific example is whitelisting the following
> URL https://www.facebook.com/login, but I do not want to allow all of
> facebook’s traffic to be whitelisted, thus the url
> https://www.facebook.com should not be allowed.
>
> Trying to do a url_regex to www.facebook.com/login [1] will give me
> the default error page from squid. I am using firefox to use the
> proxy. And in the logs I am given a 403 error:
>
> "GET https://www.facebook.com/login HTTP/1.1" 403 "-" "Mozilla/5.0
> (Macintosh; Intel Mac OS X 10.11; rv:42.0) Gecko/20100101
> Firefox/42.0” TAG_NONE:HIER_NONE
>
That tells that;
- the bumping is happening, and
- traffic being decrypted, and
- request is denied by your http_access rules.
So what are the other squid.conf contents?
Amos
More information about the squid-users
mailing list