[squid-users] transparent proxy splice using dstdomain issue
S.Kirschner
s.kirschner at afa-finanz.de
Tue Jul 7 11:45:35 UTC 2015
Hi I´m using squid version 3.5.3 as transparent proxy in pfsense and got an
issue with my configuration.
I would like to bump ssl connections and some should be spliced(for the
example I used "sparkasse.de"), in my case banking sites should be spliced.
Its working fine when i use IP´s for the acl´s or insert the hostname in the
/etc/hosts,
but I think both cant be the solution.
I think the issues exist because the reverse lookup dont got the anwser
"sparkasse.de", but why it does not use the hostname from the dns request to
the dns-server ?
Also got errors that the ssl accept failed.
Below you could see my squid.conf and the entries from the cache.log for
both cases.
*Without hostname in etc/hosts*
*With hostname in etc/hosts*
*SSL accept log entries*
*Squid.conf*
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/transparent-proxy-splice-using-dstdomain-issue-tp4672088.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users
mailing list