[squid-users] Best way to utilize time constraints with squid?
Jonathan Lee
jonathanlee571 at gmail.com
Mon Apr 29 16:54:26 UTC 2024
Squid -k parse also does not fail with use of the time ACL
Sent from my iPhone
> On Apr 27, 2024, at 07:49, Jonathan Lee <jonathanlee571 at gmail.com> wrote:
>
> The time constraints for termination do appear to lock out all new connections until that timeframe has elapsed. My devices have connection errors during this duration.
>
> Just to confirm ssl_bump can not be used with time ? Because my connections don’t work during the timeframe so that is a plus.
>
>
> Sent from my iPhone
>
>>> On Apr 27, 2024, at 00:41, Amos Jeffries <squid3 at treenet.co.nz> wrote:
>>>
>>> On 26/04/24 17:15, Jonathan Lee wrote:
>>> aclblock_hourstime01:30-05:00ssl_bumpterminateallblock_hourshttp_accessdenyallblock_hours
>>> In this a good way to time lock squid with times lock down?
>>
>> That depends on your criteria/definition of "good".
>>
>> Be aware that http_access only checks *new* transactions. Large downloads, and long-running transactions such as CONNECT tunnel which start during an allowed time will continue running across the disallowed time(s).
>>
>>
>>> To essentially terminate all connections and block http access.
>>
>> The "terminate all connections" is not enforced by 'time` ACL. Once a transaction is allowed to start, it can continue until completion - be that milliseconds or days later.
>>
>>
>> HTH
>> Amos
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> https://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list