[squid-users] icap (squidclamav) and squid 3.5 ssl peek splice

Alex Rousskov rousskov at measurement-factory.com
Sun Oct 23 19:34:23 UTC 2016


On 10/23/2016 11:33 AM, Ulysse 31 wrote:

> ssl_bump peek all
> ssl_bump splice all

> Does peek / splice don't allow icap scanning/filtering ?

The splice action does not allow for scanning/filtering message bodies.
The bump action does. The bump action is not compatible with the peek
action during step 2. So, your configuration will evolve among these lines:

  ssl_bump bump all

or

  ssl_bump stare step1
  ssl_bump bump all

or

  ssl_bump stare all
  ssl_bump bump all

All production configurations are more complex/nuanced. The wiki has
more examples.

Make sure your get SslBump fully working _before_ you throw adaptation
into the mix. You should see all the bumped requests in access.log.


HTH,

Alex.



More information about the squid-users mailing list