[squid-users] New server_name acl causes fatal error starting Squid 3.5.4
Stanford Prescott
stan.prescott at gmail.com
Wed May 20 18:03:49 UTC 2015
I think I finally figured out how to not bump certain sites and to bump all
others. I put this in squid.conf
*acl step1 at_step SslBump1acl step2 at_step SslBump2acl nobumpSites
ssl::server_name .wellsfargo.com <http://wellsfargo.com>ssl_bump peek
step1ssl_bump splice step2 nobumpSitesssl_bump bump all*
When I check the access log I see that the wellsfargo.com com only appears
as http://wellsfargo.com without any of the full URL but any other https
site I see as, for example, https://yahoo.com with the full URL.
Are the lines in the squid.conf correct and is it doing what I want it do,
which is to not bump the nobumpSites and bump all other sites that are not
in nobumpSites?
On Wed, May 20, 2015 at 12:45 PM, Stanford Prescott <stan.prescott at gmail.com
> wrote:
> Never mind. I figured the acl out. I was using someone else's instructions
> who accidentally left out the double :: *ssl::server_name* using just a
> single :.
>
> On Wed, May 20, 2015 at 12:36 PM, Stanford Prescott <
> stan.prescott at gmail.com> wrote:
>
>> After a diversion getting SquidClamAV working, i am back to trying to get
>> peek and splice working. I am trying to put together information from
>> previous recommendations I have received. Right now, I can't get the
>> server_name acl working. When I put this in my squid.conf
>>
>> *acl nobumpSites ssl:server_name .example.com <http://example.com>*
>>
>> I get a fatal error starting squid using that acl saying the acl is
>> "Bungled".
>>
>> Is the form of the acl incorrect?
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150520/a168c062/attachment.html>
More information about the squid-users
mailing list