[squid-users] squid 3.3.8 https
Erdosain9
erdosain9 at gmail.com
Mon Aug 8 20:39:12 UTC 2016
I want to limit the bandwidth for youtube, so I want to intercept https
connections. I followed several tutorials and can not. Could someone give
me a hand ?? Thanks to all.
this is my squid.conf
# Squid listen Port
http_port 192.168.1.215:3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB key=/etc/squid/example.com.private
cert=/etc/squid/example.com.cert
# SSL Bump Config
always_direct allow all
ssl_bump server-first all
sslproxy_cert_error deny all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 8 startup=1 idle=1
I import the example.com.cert to the webbrowser and then any web https i go
i get "The proxy server is refusing connections". if not https go well.
this is access.log:
192.168.1.172 TCP_HIT/200 52543 GET
http://www.silencio.com.ar/wp-content/uploads/2016/07/AHJ8239-540x386.jpg
- HIER_NONE/- image/jpeg
192.168.1.172 TCP_HIT/200 49912 GET
http://www.silencio.com.ar/wp-content/uploads/2016/07/strokes-2001-adentro-540x386.jpg
- HIER_NONE/- image/jpeg
192.168.1.172 TCP_HIT/200 43804 GET
http://www.silencio.com.ar/wp-content/uploads/2016/07/ArcticMonkeys012-540x386.jpg
- HIER_NONE/- image/jpeg
192.168.1.172 TCP_DENIED/200 0 CONNECT www.google-analytics.com:443 -
HIER_NONE/- -
192.168.1.172 TCP_MISS/301 807 GET http://www.youtube.com/ -
HIER_DIRECT/64.233.186.91 text/html
192.168.1.172 NONE/200 0 CONNECT www.youtube.com:443 -
HIER_DIRECT/64.233.186.91 -
192.168.1.172 NONE/200 0 CONNECT blocklist.addons.mozilla.org:443 -
HIER_DIRECT/52.35.149.230 -
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160808/c24d5b80/attachment.html>
More information about the squid-users
mailing list