[squid-users] Skype bypass using ssl_bump peek
Yu-Hsuan Liao
windflower1201 at gmail.com
Wed Dec 17 09:52:07 UTC 2014
> Only if "skype_list" matches the TCP packet IP address (without rDNS
> being looked up) will the peek happen.
> I think you need to add at_step ACL test to peek always at step1, then
> do the other actions at step2 once SNI (domain name) is possibly
> available.
Hello Amos,
What if a non-SSL over 443 or a non-HTTP over SSL connections?
Skype voice connection seems an non standard SSL negotiation(Partial
Handshake),
is it possible revert to tunnel mode at steps to bypass connection?
Thx.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20141217/f627b027/attachment.html>
More information about the squid-users
mailing list