[squid-users] Squid SNI at Step 2
squid3 at treenet.co.nz
Mon Oct 26 14:50:49 UTC 2015
On 27/10/2015 1:34 a.m., Jatin Bhasin wrote:
> I am running squid 3.5.10 for bumping transparent SSL connections To
> achieve this I am using following squid configuration for SSL Bumping.
> acl nobumpSites ssl::server_name "/etc/squid/allowed_SSL_sites.txt"
> ssl_bump peek step1 all
> ssl_bump peek step2 nobumpSites
> ssl_bump bump step3 nobumpSites
> ssl_bump bump all
> File "/etc/squid/allowed_SSL_sites.txt" contains www.facebook.com.
> On reading documentation I understood that I should see a Fake CONNECT
> request for Facebook.com IP address as below:
> TAG_NONE/200 0 CONNECT 126.96.36.199:443 - ORIGINAL_DST/188.8.131.52
> And at Step2 there should be a Fake CONNECT request for SNI
> information extracted.
Only if SNI is actually sent by the client. It is not guaranteed to be sent.
More information about the squid-users