Bypass squid proxy for gitlab.com on container
-
I have configured transparent squid proxy. When I am using below squid configuration to allow access to whitelisted domain list, everything is working fine but I am trying to access gitlab.com/bitbucket.org inside a docker container, I am unable to clone git based repository.
access.log output:-
592330218.577 33 192.168.5.39 TAG_NONE/200 0 CONNECT 172.65.251.78:443 gitlab.com HIER_NONE/- -
Error during git clone:-
fatal: unable to access 'https://gitlab.com/hisrarul/tanga.git/': gnutls_handshake() failed: The TLS connection was non-properly terminated.
visible_hostname squid
cache deny allacl localnet src 192.168.0.0/16
http_access allow localnetLog format and rotation
logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %ssl::>sni %Sh/%<a %mt
logfile_rotate 10
debug_options rotate=10Handling HTTP requests
http_port 3128
http_port 3129 intercept
acl allowed_http_sites dstdomain "/etc/squid/whitelist.txt"
http_access allow allowed_http_sitesHandling HTTPS requests
https_port 3130 cert=/etc/squid/ssl/squid.pem ssl-bump intercept
acl SSL_port port 443
http_access allow SSL_port
acl allowed_https_sites ssl::server_name "/etc/squid/whitelist.txt"
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3
ssl_bump peek step1 all
ssl_bump peek step2 allowed_https_sites
ssl_bump splice step3 allowed_https_sites
ssl_bump terminate step2 all
http_access deny allAs per the post Bypass squid proxy for domain-name
When I tried to exclude gitlab.com/bitbucket.org then rest of the url listed in whitelist.txt file become inaccessible.