[squid-users] does http_port sssl-bump work require-proxy-header?
Amos Jeffries
squid3 at treenet.co.nz
Tue Apr 14 02:56:33 UTC 2015
On 14/04/2015 4:47 a.m., Yuhua Wu wrote:
> For example, is this configuration supported?
>
> http_port 3129 require-proxy-header ssl-bump ……
>
> By the way, we added acl rules:
>
> acl frontend src 10.0.0.0/8
> proxy_protocol_access allow frontend
>
> Alex
>
Yes that should work.
<http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html#ss2.7>
Your above config example decrypts the traffic through the following layers:
HTTPS over HTTP/1.x over PROXY/TCP ...
As you can see the PROXY and HTTPS layers are separate protocols that
dont interact.
Amos
More information about the squid-users
mailing list