|
|
|
@ -443,7 +443,8 @@ PassSite.
|
|
|
|
|
Per-site filters can be defined using client IP addresses, users, and
|
|
|
|
|
description keywords. If the UserAuth option is disabled, only client IP
|
|
|
|
|
addresses can be used in PassSite filters. Multiple sites can be defined, one
|
|
|
|
|
on each line. PassSite rules can search for exact or substring matches.
|
|
|
|
|
on each line. PassSite rules can search for exact or substring matches.
|
|
|
|
|
PassSite rules do not support macro expansion.
|
|
|
|
|
.SH User control lists
|
|
|
|
|
User control lists can be implemented using filtering rules. The DivertUsers
|
|
|
|
|
and PassUsers options will be deprecated in favor of filtering rules in the
|
|
|
|
@ -464,7 +465,8 @@ the lists are blocked. SSLproxy simply terminates their connections.
|
|
|
|
|
- If *no* DivertUsers list is defined, only users *not* listed in PassUsers
|
|
|
|
|
are diverted to listening programs.
|
|
|
|
|
.LP
|
|
|
|
|
These user control lists can be defined globally or per-proxyspec.
|
|
|
|
|
These user control lists can be defined globally or per-proxyspec. User
|
|
|
|
|
control lists do not support macro expansion.
|
|
|
|
|
.SH Logging
|
|
|
|
|
Logging options include traditional SSLproxy connect and content log files as
|
|
|
|
|
well as PCAP files and mirroring decrypted traffic to a network interface.
|
|
|
|
|