Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-12 Thread Alex Rousskov
On 2/11/19 3:55 AM, Paul Doignon wrote: >> The closest you are going to get to the above is with: >> * bump everything[1], and >> * use http_access to check the https:// URLs for your policy >> * use "deny_info TCP_RESET" [2] on the blocked requests. >> >> [1] some things literally cannot be

Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-11 Thread eliezer
-Original Message- From: squid-users On Behalf Of Paul Doignon Sent: Monday, February 11, 2019 12:55 To: squid-users Subject: Re: [squid-users] Filering HTTPS URLs - A complete configuration > No need to compile and build it for AWS: > I already built it for both AWS 1 and 2:

Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-11 Thread Paul Doignon
> No need to compile and build it for AWS: > I already built it for both AWS 1 and 2: > http://ngtech.co.il/repo/amzn/ > > Can be downloaded and is tested to work very well on both OS. > > Eliezer Thanks, looks really good ! I guess those Amazon Linux 1 packages come from there :

Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-06 Thread Amos Jeffries
On 7/02/19 3:52 am, Paul Doignon wrote: > Thanks, I appreciate your detailed answer. > > > > I'm struggling a lot to configure Squid. To improve the security of my > app in my AWS private subnet, > > > > If it is indeed *your* app; then please alter it not to require the > > interception we

Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-06 Thread eliezer
-28704261 Email: elie...@ngtech.co.il -Original Message- From: squid-users On Behalf Of Paul Doignon Sent: Wednesday, February 6, 2019 16:52 To: squid-users Subject: Re: [squid-users] Filering HTTPS URLs - A complete configuration Thanks, I appreciate your detailed answer. > &g

Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-06 Thread Paul Doignon
Thanks, I appreciate your detailed answer. > > I'm struggling a lot to configure Squid. To improve the security of my app > > in my AWS private subnet, > > If it is indeed *your* app; then please alter it not to require the > interception we see below. Ability to connect to a TLS explicit

Re: [squid-users] Filering HTTPS URLs - A complete configuration

2019-02-05 Thread Amos Jeffries
On 6/02/19 3:33 am, Paul Doignon wrote: > Hi, > > I'm struggling a lot to configure Squid. To improve the security of my app in > my AWS private subnet, If it is indeed *your* app; then please alter it not to require the interception we see below. Ability to connect to a TLS explicit proxy or

[squid-users] Filering HTTPS URLs - A complete configuration

2019-02-05 Thread Paul Doignon
Hi, I'm struggling a lot to configure Squid. To improve the security of my app in my AWS private subnet, I would like to build a HTTPS proxy to whitelist *only* some URLs. My wish is to *not* rely on SNI filtering but bump HTTPS traffic in order to filter the URLs (path) of HTTPS requests. I