On 2019/08/30 14:29, Robert Nagy wrote: > On 30/08/19 12:49 +0100, Stuart Henderson wrote: > > On 2019/08/30 10:30, Robert Nagy wrote: > > > On 29/08/19 20:47 +0100, Stuart Henderson wrote: > > > > Additional comment, isn't it going to need sslmitm to be enabled if > > > > it's going > > > > to do anything useful with the current state of the 'net? > > > > > > > > > > Well not really. For example in my use case it is only used for filtering. > > > Blocking specific website groups and allowing some of them during lunch > > > hours. > > > > > > Since every client is forced to use the proxy, https filtering will work > > > with > > > the CONNECT method. The only drawback of this is that you don't get > > > redirected > > > to the blocked page if you are using https, but you will get an ssl error > > > instead. > > > > > > -- > > > Robert Nagy > > > > > > > The main reason to use dansguardian/e2guardian is the content filtering > > though, if you're just blocking by time/site name pretty much anything can > > handle that (squid/trafficserver/..) > > > > I've tried and they all suck big time, especially squid/squidguard. > e2guardian works > anyway ... this does not matter now. > > -- > Robert Nagy >
squidguard sucks bigtime, the internal acl support is much better :)
