[squid-users] Is it possible to send the connection, starting with the CONNECT, to cache-peer?
Yuri Voinov
yvoinov at gmail.com
Tue Sep 15 17:33:26 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Squid working in transparent SSL Bump mode.
AFAIK, here is SSL decrypts. AFAIK, decrypted tunnel denied to be
forwarded to parent.
I need to forward some URLs without decryption to peer. Whole session
starting with CONNECT.
Problem: Peer must accepts both HTTP and HTTPS connections. Yes, there
is Privoxy, which can tunnel CONNECT. How to tell Squid - "Forward this
URL and this URL into peer, whenever HTTP or HTTPS"?
15.09.15 23:17, Matus UHLAR - fantomas пишет:
> On 15.09.15 22:45, Yuri Voinov wrote:
>> Does anyone know - is it possible to send the connection, starting with
>> the CONNECT, to cache-peer?
>
> cache_peer_access with proper ACLs should do that.
> note that always_direct can avoid it.
>
>> I need to send some sites, defined by ACL, connections with starts with
>> CONNECT (443 port), to the cache_peer first? Rather then direct
connect it?
>>
>> I.e., both HTTP/HTTPS must be forwarded to cache_peer for specified
>> sites. No one direct connections must establishes for these sites.
>>
>> Squid 3.4.14.
>>
>> Which options set I must use?
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJV+FZmAAoJENNXIZxhPexGvjsIAMdJAdC5FRivJ1A9jVBULQdC
vf7T1p5fOuC4Jjy54Vn8pg8HHsUM/7I/RaYJASvfYetH80uJuw+v34kc10o08Pjv
CMTms1qdLPj4hU9I9DCBj7OLOx16PuCRmpOKxqNOdbHhHSKVOEm1OPSEbCirDKVg
NOzfOYGxFJ87TBYLy/8qop02akxJcIifZV5Rlt0+ihg++8wnu3koi75SAM+oYt9U
jtFmzegPKkf/wCIvs+m2ecpWKsRF38ZmGAdpBm/Bykhco+ZVv5ead75bh88x2UON
YYPcGz9tIepbT4xUKxRbrY2LhvJL+qeRR6u0pTYymhlL9O+ASnTlb66vrZZy5nk=
=9qp+
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list