Professional Documents
Culture Documents
squid-cache.org
Optimising Web Delivery
docs
download
donate
support
about
contact
shop
blog
Search
search
History:
Changes in 3.3 ssl_bump
Introduction
About Squid Why Squid? Squid Developers How to Donate How to Help Out Getting Squid Squid Source Packages Squid Deployment CaseStudies Squid Software Foundation
New action types none, client-first, server-first. The default is none. Use of allow/deny is now deprecated and they should be removed as soon as possible. To retain the exact same behaviour between 3.3 and older releases replace deny with none, and allow with clientfirst. However an upgrade to server-first is the recommended. NOTE: M ixing of allow/deny with the new action types is prohibited and will cause Squid to exit with a FATAL error. Changes in 3.1 ssl_bump New Access control for which CONNECT requests to an http_port marked with an ssl-bump flag are actually "bumped". Please see the ssl-bump flag of an http_port option for more details about decoding proxied SSL connections. DEFAULT: No requests are bumped. NOCOM M ENT_START # Example: Bump all requests except those originating from localhost and # those going to webax.com or example.com sites. # # acl broken_sites dstdomain .webax.com # acl broken_sites dstdomain .example.com # ssl_bump deny localhost # ssl_bump deny broken_sites # ssl_bump allow all
Documentation
Configuration: Reference Examples FAQ and Wiki Guide Books: Beginners Definitive Non-English M ore...
Configuration Details:
Option Name: Replaces: Requires: Default Value: Suggested Config:
--enable-ssl Does not bump unless rules are present in squid.conf
ssl_bump
Support
Security Advisories Bugzilla Database M ailing lists Contacting us Commercial services Project Sponsors Squid-based products
http://www.squid-cache.org/Doc/config/ssl_bump/
1/2
10/3/2014
Miscellaneous
Developer Resources Related Writings Related Software: Authenticators Ecap Icap Ident Log Analysis M onitor Proxies Redirectors General Squid Artwork
Mirrors
Website: at eu gr gr il jp nl pl us za ... full list
T h ef i r s tm a t c h i n gs s l _ b u m po p t i o nw i n s .I fn oA C L sm a t c h ,t h e c o n n e c t i o ni sn o tb u m p e d .U n l i k em o s ta l l o w / d e n yA C Ll i s t s ,s s l _ b u m p d o e sn o th a v ea ni m p l i c i t" n e g a t et h el a s tg i v e no p t i o n "r u l e .Y o u m u s tm a k et h a tr u l ee x p l i c i ti fy o uc o n v e r to l ds s l _ b u m pa l l o w / d e n y r u l e st h a tr e l yo ns u c ha ni m p l i c i tr u l e . T h i sc l a u s es u p p o r t sb o t hf a s ta n ds l o wa c lt y p e s . S e eh t t p : / / w i k i . s q u i d c a c h e . o r g / S q u i d F a q / S q u i d A c lf o rd e t a i l s . S e ea l s o :h t t p _ p o r ts s l b u m p ,h t t p s _ p o r ts s l b u m p
#E x a m p l e :B u m pa l lr e q u e s t se x c e p tt h o s eo r i g i n a t i n gf r o m #l o c a l h o s to rt h o s eg o i n gt oe x a m p l e . c o m . a c lb r o k e n _ s i t e sd s t d o m a i n. e x a m p l e . c o m s s l _ b u m pn o n el o c a l h o s t s s l _ b u m pn o n eb r o k e n _ s i t e s s s l _ b u m ps e r v e r f i r s ta l l
Back
$Id: footer .inc,v 1.37 2013/05/09 06:37:55 squidadm Ex p $ Design by Fr ee CSS Templates. Template customisation by Alex Daw son and Adr ian Chadd. Icons fr om "Silk" collection by Mar k James of famfamfam.com All w eb content licensed under Cr eative Commons Attr ibution Shar ealike 2.5 License
http://www.squid-cache.org/Doc/config/ssl_bump/
2/2