[squid-users] Some questions about ssl_bump.
bmarkey at gmail.com
Tue Nov 17 21:25:59 UTC 2015
Looking at the squid docs for peek and splice (
# Do no harm:# Splice indeterminate traffic.ssl_bump splice
serverIsBankssl_bump bump haveServerNamessl_bump peek allssl_bump
So my understanding of this.
splice just passes through.
then we bump everything else ?
and finally splice all?
Must you bump before peek? I assume so but I'm not sure.
On Tue, Nov 17, 2015 at 3:33 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 18/11/2015 9:24 a.m., Bruce Markey wrote:
> > Amos,
> > I knew something wasn't right.
> > Ok then I'm going to start there. I had a heck of a time getting
> > squidguard to even work due to its reliance on old berkely db packages,
> > be happy to see it go.
> > So that being said. I'm going to lose squidguard. Upgrade squid to 3.5.
> > I haven't even looked at the 3.5 stuff. How big of a config change am I
> > looking at? That being said, upgrade or start fresh?
> For the ssl_bump lines yes. They operate very differently, with a bit of
> a learning curve around the recursive/repeated ssl_bump processing.
> The rest of the config change should be smooth if it was working well
> with 3.3. "squid -k parse" can highlight the differences there.
> > Thanks again. This is the first definitive answer I've gotten!.
> squid-users mailing list
> squid-users at lists.squid-cache.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the squid-users