Hello everyone.
After searching for hours on net im not able to block https connect on my squid.
I made some try on one computer wich have proxy's ip in parameters (so i guess squid is not in transparent mode)
Anyway, there is my squid.conf:
Code:
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow serveur
http_access allow localhost
http_access deny all
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
And there is one of my acl rules to block
https://youtube.com
Code:
acl yt dstdomain .youtube.com
http_reply_access deny yt
http_access deny CONNECT yt
With that rule
http://youtube.com is blocked but not https.
Please, someone can figure out where is the problem? Thanks