[squid-users] acl for ports 443

From: Dwayne Hottinger <dhottinger@dont-contact.us>
Date: Mon, 10 Apr 2006 13:04:41 -0400

I run smartfilter plugin for squid. I define catagorys that I want blocked to
the internet. I found that I am unable to block any website that has https://
appended to the front end (443). As a result, a lot of the student body has
figured out how to bypass the filter. (smart kids). My question is do I need
these acl's? They are:
acl SSL_ports port 443 563
acl Safe_ports port 443 563 # https, snews
Then I have:
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

Looks like this is a standard squid.conf file. I am thinking that as a result
of the above acls websites with https:// dont go through my cache, therefore
are not subject to the filtering rules I have setup in smartfilter. Can I
safely remove these acls and not hurt squid performance. I am running squid
2.5 stable 6 on redhat 8 with diskd.

thanks

ddh

--
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools
Received on Mon Apr 10 2006 - 11:04:42 MDT

This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT