[squid-users] acl for redirect
Mike
mcsnv96 at afo.net
Tue Jun 23 23:03:28 UTC 2015
We have a server setup using squid 3.5 and e2guardian (newer branch of
dansguardian), the issue is now google has changed a few things around
and google is no longer filtered which is not acceptable. We already
have the browser settings for SSL Proxy set to our server, and squid has
ssl-bump enabled and working. Previously there was enough unsecure
content on Google that the filtering was still working, but now google
has gone 100% encrypted meaning it is 100% unfiltered. What is happening
is it is creating an ssl tunnel (for lack of a better term) between
their server and the browser, so all squid sees is the connection to
www.google.com, and after that it is tunneled and not recognized by
squid or e2guardian at all.
I found a few options online that was used with older squid versions but
nothing is working with squid 3.5... Looking for something like this:
acl google dstdomain .google.com
deny_info http://www.google.com/webhp?nord=1 google
http_access deny google
Essentially want to have squid take all regular requests for google.com
and send/relay it to the unsecured page at
http://www.google.com/webhp?nord=1 which allows e2guardian to properly
filter. With the current settings though, it goes to the squid access
denied page.
Mike
More information about the squid-users
mailing list