[squid-users] 3.5.8 — SSL Bump questions

Alex Rousskov rousskov at measurement-factory.com
Tue Sep 8 20:32:31 UTC 2015


On 09/08/2015 02:18 PM, James Lay wrote:

> I'm currently having great success with 3.5.8 and this
> peek/splice only method using transparent intercept:
> 
> ###############################
> acl step1 at_step SslBump1
> acl step2 at_step SslBump2
> acl step3 at_step SslBump3
> 
> ssl_bump peek step1 all
> ssl_bump peek step2 all
> acl allowed_https_sites ssl::server_name_regex
> "/opt/etc/squid/http_url.txt"
> ssl_bump splice step3 allowed_https_sites
> ssl_bump terminate all
> ###############################


Bugs notwithstanding, the above can be further simplified (in v3.5.8 and
later):

 acl allowed_https_sites ...
 ssl_bump peek all
 ssl_bump splice allowed_https_sites
 ssl_bump terminate all


HTH,

Alex.



More information about the squid-users mailing list