[squid-users] 3.5.4 need more help with peek and splice and external helper
Stanford Prescott
stan.prescott at gmail.com
Thu May 7 02:28:26 UTC 2015
I am using intercept. It has worked well for me for the ssl-bump so far.
*http_port 192.168.100.1:800 <http://192.168.100.1:800> intercept*
*https_port 192.168.100.1:808 <http://192.168.100.1:808> intercept ssl-bump
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
cert=/var/smoothwall/mods/proxy/ssl_cert/squidCA.pem*
I haven't ever tried it without intercept. I will try it and see what
happens.
On Wed, May 6, 2015 at 7:59 PM, Jason Haar <Jason_Haar at trimble.com> wrote:
> On 07/05/15 12:45, Stanford Prescott wrote:
>
> *1430958788.054 5572 192.168.100.104 TCP_TUNNEL/200 2964 CONNECT
> 172.225.222.201:443 <http://172.225.222.201:443> -
> ORIGINAL_DST/172.225.222.201 <http://172.225.222.201> -*
>
> That smells like transparent/intercept? Is that correct? You have to NOT
> do that until you've got it working via the standard proxy option. It's
> very hard to do SSL intercept transparently
>
> --
> Cheers
>
> Jason Haar
> Corporate Information Security Manager, Trimble Navigation Ltd.
> Phone: +1 408 481 8171
> PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150506/2df63320/attachment.html>
More information about the squid-users
mailing list