Re: [squid-users] ssl_bump newbie troubles

2016-04-20 Thread Alex Rousskov
On 04/20/2016 04:18 PM, Odhiambo Washington wrote: > On 21 April 2016 at 00:11, Alex Rousskov wrote: > > On 04/20/2016 02:22 PM, Odhiambo Washington wrote: > > > All I want is the ability to intercept SSL sites and control access to > > them using TIME ACLs. That's all. You also

Re: [squid-users] ssl_bump newbie troubles

2016-04-20 Thread Odhiambo Washington
On 21 April 2016 at 00:11, Alex Rousskov wrote: > On 04/20/2016 02:22 PM, Odhiambo Washington wrote: > > > All I want is the ability to intercept SSL sites and control access to > > them using TIME ACLs. That's all. > > I will assume that your definition of a

Re: [squid-users] ssl_bump newbie troubles

2016-04-20 Thread Alex Rousskov
On 04/20/2016 02:22 PM, Odhiambo Washington wrote: > All I want is the ability to intercept SSL sites and control access to > them using TIME ACLs. That's all. I will assume that your definition of a "site" is "domain name". > So in simple: > 1. UserX tries to access facebook.com/youtube.com >

Re: [squid-users] ssl_bump newbie troubles

2016-04-20 Thread Odhiambo Washington
On 20 April 2016 at 18:38, Alex Rousskov wrote: > On 04/20/2016 08:16 AM, Odhiambo Washington wrote: > > > I even wonder if this config is correct: > > > > acl ssl_bump_broken_sites dstdomain ... > > ssl_bump none ssl_bump_broken_sites > > ssl_bump peek step1 >

Re: [squid-users] ssl_bump newbie troubles

2016-04-20 Thread Amos Jeffries
On 21/04/2016 2:16 a.m., Odhiambo Washington wrote: > Hi, > > I am trying my hands on ssl_bump and it's almost working, but that's > ish-ish.. because I have several problems. > > I even wonder if this config is correct: > > *acl step1 at_step SslBump1* > *acl step2 at_step SslBump2* > *acl

Re: [squid-users] ssl_bump newbie troubles

2016-04-20 Thread Alex Rousskov
On 04/20/2016 08:16 AM, Odhiambo Washington wrote: > I even wonder if this config is correct: > > acl ssl_bump_broken_sites dstdomain ... > ssl_bump none ssl_bump_broken_sites > ssl_bump peek step1 > ssl_bump stare step2 > ssl_bump bump all You did not say what you want Squid to do, so it is

[squid-users] ssl_bump newbie troubles

2016-04-20 Thread Odhiambo Washington
Hi, I am trying my hands on ssl_bump and it's almost working, but that's ish-ish.. because I have several problems. I even wonder if this config is correct: *acl step1 at_step SslBump1* *acl step2 at_step SslBump2* *acl step3 at_step SslBump3* *acl ssl_bump_broken_sites dstdomain