[squid-users] How to create a simple whitelist using regexes?
Matus UHLAR - fantomas
uhlar at fantomas.sk
Mon Oct 15 08:49:24 UTC 2018
KOn 15.10.18 01:04, RB wrote:
>I'm trying to deny all urls except for only whitelisted regular
>expressions. I have only this regular expression in my file
>"squid_sites.txt"
>
>^https://wiki.squid-cache.org/SquidFaq/SquidAcl.*
are you aware that you can only see CONNECT in https requests, unless using
ssl_bump?
>acl bastion src 10.5.0.0/1
>acl whitelist url_regex "/vagrant/squid_sites.txt"
[...]
>http_access allow manager localhost
>http_access deny manager
>http_access deny !Safe_ports
>http_access allow localhost
>http_access allow purge localhost
>http_access deny purge
>http_access deny CONNECT !SSL_ports
>
>http_access allow bastion whitelist
>http_access deny bastion all
>I tried enabling debugging and tailing /var/log/squid3/cache.log but my
>curl statement keeps matching "all".
of course it matches all, everything should match "all".
I more wonder why doesn't it match "http_access allow localhost"
>$ curl -sSL --proxy localhost:3128 -D - "
>https://wiki.squid-cache.org/SquidFaq/SquidAcl" -o /dev/null 2>&1 | grep
>Squid
>X-Squid-Error: ERR_ACCESS_DENIED 0
>Any ideas what I'm doing wrong?
have you reloaded squid config after changing it?
Did squid confirm it?
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.
More information about the squid-users
mailing list