extern/workspaces-core-images
1
0
Fork 0
mirror of https://github.com/kasmtech/workspaces-core-images.git synced 2025-01-22 05:08:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

KASM-2637 Removed rules blocking non 443 CONNECT command

Browse Source
This commit is contained in:
Richard Koliser 2022-05-16 09:51:36 -04:00
parent c288c7d6f1
commit e2fa2a8b3e
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/ubuntu/install/squid/resources/squid.conf
View File

@ -16,7 +16,6 @@ ssl_bump splice ssl_bypass_domains
ssl_bump splice ssl_bypass_ips ssl_bump splice ssl_bypass_ips
ssl_bump bump all ssl_bump bump all
acl SSL_ports port 443
acl CONNECT method CONNECT acl CONNECT method CONNECT
# The following two lines are an example of how we can leaverage squid to block ports, there can be as # The following two lines are an example of how we can leaverage squid to block ports, there can be as
@ -24,7 +23,10 @@ acl CONNECT method CONNECT
#acl Safe_ports port 443 # https #acl Safe_ports port 443 # https
#http_access deny !Safe_ports #http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports # Users need to connect to non 443 ports for https traffic. We comment out the standard deny here.
#acl SSL_ports port 443
#http_access deny CONNECT !SSL_ports
http_access allow localhost manager http_access allow localhost manager
http_access deny manager http_access deny manager
http_access allow localhost http_access allow localhost