[squid-users] Squid 3 SSL bump: Google drive application could not connect
Chris Bennett
chris at ceegeebee.com
Thu Jan 8 08:56:06 UTC 2015
Hi Jason,
> If you think the external acl method is too expensive to run, how do you
> expect to feed this NIDS data back into squid? I think you'd find you'd
> need an external acl check to do that bit anyway :-)
I should have been clearer - my use of the term feedback loop was
meant to imply that this was an out-of-band method of populating a
cache of valid HTTPS IP addresses (as well as the any SNI and even
'Application name') for HTTPS, and observed non-HTTPS traffic over 443
and any other ports. This may compliment any active external acl
style checking.
Was just thinking out loud - probably a crazy idea if every seriously
considered :)
Regards,
Chris
More information about the squid-users
mailing list