Re: [squid-users] Allow connect specify https website

From: Muthukumar <[email protected]>
Date: Wed, 23 Jun 2004 10:10:01 +0530

[acl SSL_Ports 443
acl host_allowed src "/squid/etc/host_allowed.txt"
acl passwd proxy_auth REQUIRED
acl special_domain dstdomain "/squid/etc/special_domain.txt"

[http access section]
http_access allow SSL_Ports special_domain
http_access allow host_allow passwd

File [special_domain.txt]
tac.co.th
File [host_allow.txt ] = all Intranet ip address

===========================================================

Change the special_domain.txt file contents as .tac.co.th (dot) is important to notify the domain
----------- special_domain.txt --------------
tac.co.th

Are you using the ip-address with netmasks there in "/squid/etc/host_allowed.txt" file

# acl settings
acl SSL_ports port 443 # https
< other acl rules >

# http access rules
http_access deny SSL_ports !special_domain # It will deny all the https requests other than requests from *.tac.co.th domain
to ALL
http_access allow host_allow passwd # It will require the authentication for all clients

After configuring there,start the squid -k reconfigure or squid -k parse then restart it.
Check the squid for the https://*.tac.co.th/

Regards,
Muthukumar.

---
===============  It is a "Virus Free Mail" ===============
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.708 / Virus Database: 464 - Release Date: 6/18/2004
Received on Fri Jun 25 2004 - 21:11:33 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:03 MDT