[squid-users] Newbie question, How to fully disable/disallow https?

Arctic5824 arctic5824 at protonmail.com
Tue Jun 22 21:33:25 UTC 2021


On Tuesday, June 22nd, 2021 at 2:15 PM, Antony Stone <Antony.Stone at squid.open.source.it> wrote:
> >
> > What!?
> >
> > That is not even one of your listed IP addresses.
> >
> > Are you really running an open proxy on the Internet!?
> >
> > Please turn it off now until you understand the advice Alex and I are


Hey Antony, I appreciate your concern but I have already confirmed with my VPS provider (that I am hosting this proxy on) that they will not termante me for this, they have also clarified this in their TOS, may it be tor relays or any other form of dodgy traffic.

>  No, please send us only the lines relating to a single request which you think should have been blocked.

My bad, here are a few
> 1624395604.354   2430 73.189.239.235 TCP_TUNNEL/200 5162 CONNECT accounts.google.com:443 - HIER_DIRECT/2a00:1450:4001:80e::200d -


>  3070 73.189.239.235 TCP_TUNNEL/200 6778 CONNECT www.reddit.com:443 - HIER_DIRECT/151.101.129.140 -

according to Alex:
"All the http_access rules below "allow all" do not matter because the
first matching rule wins -- Squid would not even try to evaluate the
rest of the rules. Thus, your "http_access deny CONNECT" rule has no effect."
so I am now using: https://paste.gg/p/anonymous/e7d5080091bc400e8a75e8285b3dea77
instead of "http_access allow all" i replaced that line with "http_access allow all !CONNECT"

and it seems to be working, atleast in my browser, yet i still see some users using https,
>    359 5.253.19.75 TCP_MISS/502 4957 GET https://search.yahoo.com/search? - HIER_DIRECT/212.82.100.137 text/html

>  0 5.188.211.10 TCP_DENIED/403 3718 CONNECT www.google.com:443 - HIER_NONE/- text/html

Im not sure how they are doing this, I'd like to prevent this without everyone being forced to install custom (SSL?) cirts into their browser and stuff, thanks

-Arctic


More information about the squid-users mailing list