Univention Bugzilla – Bug 38258
Custom ACL snippets in squid.conf
Last modified: 2015-11-02 12:22:44 CET
Janek is currently implementing the changes mentioned in Bug 37543 within the package univention-squid. The package is not part of UCS@school but will be used heavily in UCS@school. Please get in touch with him and write a test case for these changes. +++ This bug was initially created as a clone of Bug #37543 +++ The customer should be able to add custom ACLs to the squid.conf, e.g. to implement a workaround like in Bugs 37541 and 37542.
A new script with the name '43_proxy/05_custom_ACL_snippets_in_squidconf' is created to test the mentioned bug, including: - Testing user-agent string with acl_types 'browser','browser-i' - Testing destination domain name with acl_types 'dstdomain', 'dstdomain-i' - Test the destination port number using an internal http server and network redirection via iptables. Note1: for 'dstdomain' which defines a case sensitive domain name rule, it was not possible to request a case sensitive domain name, so the test implemented this case to be as if the string was small case. Note2: for ports numbers, the allowed ones are only (21, 443, 80), because of a top default rule: acl web_ports port 80 acl web_ports port 443 acl web_ports port 21 http_access deny !web_ports Tested on single server (master, backup) and multi server environments (master, slave).