[squid-users] acl to deny https url from one src addy

From: Steve Brown <sbrown@dont-contact.us>
Date: Fri, 26 Nov 2004 12:15:17 +0000

Hi list,

What's the best way to stop a particular IP address from getting access
to a https url?

I've tried:

acl badurl url_regex ^https://bad.site/*
acl badaddy src 1.2.3.4/32
http_access deny badurl badaddy

and that works for plain http urls, but doesn't for httpS, presumably
because of the connect method bypassing the acl?

and adding
http_access deny CONNECT badurl badaddy

didn't fix it. Naturally I'm overlooking something?

Steve
Received on Fri Nov 26 2004 - 05:15:23 MST

This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:02 MST