[squid-users] Squid doesn't use domain name as a request URL in access.log when splice at step 3 occurs
Amos Jeffries
squid3 at treenet.co.nz
Sat Nov 5 04:22:42 UTC 2016
On 5/11/2016 6:56 a.m., Garri Djavadyan wrote:
> On 2016-11-04 19:42, Amos Jeffries wrote:
>> On 5/11/2016 1:43 a.m., Garri Djavadyan wrote:
>>> The configuration for splice at step 3:
>>>
>>> # diff etc/squid.conf.default etc/squid.conf
>>> 73a74,78
>>>> https_port 3129 intercept ssl-bump cert=etc/ssl_cert/myCA.pem
>>> generate-host-certificates
>>>> acl StepSplice at_step SslBump3
>>>> ssl_bump splice StepSplice
>>>> ssl_bump peek all
>>>> logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un
>>> %Sh/%<a %mt %ssl::>sni
>>>
>>>
>>> The result:
>>> 1478256303.420 574 172.16.0.21 TCP_TUNNEL/200 6897 CONNECT
>>> 104.124.119.14:443 - ORIGINAL_DST/104.124.119.14 - www.openssl.org
>>>
>>>
>>> Is it a bug or intended behavior? Thanks.
>>>
>>
>> The person (Christos) who designed that behaviour is not reading this
>> mailing list very often.
>
> Does it mean a bug report would have better chances to get noticed?
Sorry, squid-dev is the best place for that.
Amos
More information about the squid-users
mailing list