[squid-users] Web Whatsapp, Dropbox... problem
Alex Rousskov
rousskov at measurement-factory.com
Wed Sep 14 21:54:40 UTC 2016
On 09/14/2016 12:56 PM, erdosain9 wrote:
> If i put
>
> acl step1 at_step SslBump1
> acl excludeSSL ssl::server_name_regex web/.whatsapp/.com
>
> ssl_bump peek step1
> ssl_bump splice excludeSSL
> ssl_bump bump all
>
> I dont get nothing about web.whatsapp.com in access.log
What kind of CONNECT requests do you get logged in this case?
> But if i change config to
>
> ssl_bump stare all
> ssl_bump bump all
>
> I get this Access.log.
>
>
> 1473879403.629 1030 192.168.1.172 TAG_NONE/200 0 CONNECT
> web.whatsapp.com:443 - HIER_DIRECT/31.13.85.51 -
I would expect a logged CONNECT for the splicing case as well (assuming
splicing works). If Squid knows the server name (and a matching
excludeSSL implies that it does), then Squid should log it when logging
CONNECT after the spliced connections terminate.
Alex.
More information about the squid-users
mailing list