• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Bypassing SSL specific domains on squid3?

Scheduled Pinned Locked Moved General pfSense Questions
6 Posts 3 Posters 1.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    ajeeb
    last edited by Feb 1, 2015, 12:43 AM

    I am new user of squid3 ! so far is good especially when using CA and ssl and Transparent mode … to block some sites with some content !
    but there is one problem ... I can't get into App Store within iOS device ! ... I google and try to add :
    .apple.com
    .mzstatic.com
    .itunes.apple.com

    at whitelist access control ... it does not works !

    any idea?

    BR

    1 Reply Last reply Reply Quote 0
    • M
      marcelloc
      last edited by Feb 1, 2015, 1:00 AM

      On transparent mode, the best way to do not intercept is creating a host alias(not domains) fill it up and then apply this alias under squid general option "do no proxy for these destination address."

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • A
        asterix
        last edited by Feb 1, 2015, 1:21 AM

        Same issue as I mentioned in my post in a different thread. SSL filtering is not as easy as plain transparent mode. Especially for network devices like smart TV, blu-ray players and tabs/Ipads

        1 Reply Last reply Reply Quote 0
        • A
          ajeeb
          last edited by Feb 1, 2015, 1:29 AM

          thanks for reply ,
          but I can't find all hosts ! when u try to download an iOS app … it's simply drops ... maybe somebody puts some lights !
          I don't want to disable SSL filtering ... cause I can control the internet especially  when kids around

          BR

          1 Reply Last reply Reply Quote 0
          • M
            marcelloc
            last edited by Feb 1, 2015, 6:48 AM

            Try to get networks ip ranges/bgp too.

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • A
              ajeeb
              last edited by Feb 1, 2015, 6:18 PM

              well I manage to get major hosts of iDevices ! and to make none mistake alias```

              17.130.137.73
              17.130.137.75
              17.130.137.79
              17.134.62.129
              17.142.164.50
              17.154.66.11
              17.154.66.54
              17.154.66.67
              17.154.66.69
              17.154.66.74
              17.154.66.108
              17.154.66.109
              17.154.66.110
              17.154.66.124
              17.154.66.125
              17.154.239.50
              17.154.239.54
              17.158.28.8
              17.158.28.14
              17.158.28.17
              17.158.28.21
              17.158.28.25
              17.158.28.36
              17.158.28.37
              17.158.28.48
              17.158.28.49
              17.158.28.50
              17.164.0.36
              17.167.136.28
              17.167.137.30
              17.167.140.64
              17.167.146.36
              17.167.146.37
              17.167.150.74
              17.167.193.60
              17.167.193.61
              17.167.193.64
              17.167.194.234
              17.167.195.58
              17.167.195.66
              17.171.71.105
              17.171.75.198
              17.172.208.47
              17.173.66.82
              17.173.66.84
              17.173.66.133
              17.173.66.134
              17.173.66.135
              17.173.66.136
              17.173.66.144
              17.173.255.107
              17.252.27.248
              23.44.244.118
              23.44.246.52
              66.235.135.144
              82.166.201.169
              88.221.154.217
              88.221.155.205
              92.122.12.93
              92.122.15.163
              92.122.214.57
              184.29.70.224
              217.12.15.152

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received