whitelist specific domains on https traffic in Squid
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
whitelist specific domains on https traffic in Squid
Problem Statement : I have a squid server running and I want my users to only access few domains like www.abc.com and www.abc1.com. All these domains are accessible only over https, hence the whole http traffic is blocked.
Now since its https, I am performing packet inspection using ssl-bump and can basically get the whole request in clear text. Using this, I should be able to get the target domain and allow specfic domain websites.
Would like your help to understand where did this go wrong? In order to use the above proxy, in another terminal I am doing export https_proxy=https://IP:3128 and then making a curl to google.com which shows error
Quote:
curl: (35) error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
.
Specifics : Ubuntu 20, Squid version 6.0.0-VSC (I compiled it with source with those ssl flags)
Problem Statement : I have a squid server running and I want my users to only access few domains like www.abc.com and www.abc1.com. All these domains are accessible only over https, hence the whole http traffic is blocked. Now since its https, I am performing packet inspection using ssl-bump and can basically get the whole request in clear text. Using this, I should be able to get the target domain and allow specfic domain websites.
Would like your help to understand where did this go wrong? In order to use the above proxy, in another terminal I am doing export https_proxy=https://IP:3128 and then making a curl to google.com which shows error . Specifics : Ubuntu 20, Squid version 6.0.0-VSC (I compiled it with source with those ssl flags)
Why wouldn't you just follow the very simple instructions to let Squid use a simple whitelist? Takes one line in the config and a simple text file with the allowed domains: https://myshittycode.com/2021/04/21/...telisted-urls/
So the solution you mentioned works well for http requests. I have first tried the whole setup for http domains and it works perfectly fine. The problem start with https since those are encrypted packets. I am using ssl-bump for that only.
And to answer your question, no it will not work and I have already tried this. If you look closely to the conf file, you will notice that line is already added.
So the solution you mentioned works well for http requests. I have first tried the whole setup for http domains and it works perfectly fine. The problem start with https since those are encrypted packets. I am using ssl-bump for that only.
And to answer your question, no it will not work and I have already tried this. If you look closely to the conf file, you will notice that line is already added.
Yep, sure is...have you looked at the Squid documentation?
This thread has the exact same question, and 95%+ of the exact Squid configuration you posted, along with a solution. You are essentially performing a MITM on your own network; expect problems. https://community.spiceworks.com/top...-https-traffic
For me following his exact same wrong config which rejects the traffic for him doesnt work. I keep on getting this error on curl
Is this due to some mistake I did during building squid? No one seems to be getting this error
Re-posting the same config doesn't give anyone new information. And again, you're getting errors on the pages, because you are doing a MITM on your web traffic; have you actually put an address into a browser, rather than using curl??
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.