[squid-users] Do peek and stare function exact same at step 1? Also does dstdom_regex work in ssl_bump?
Amish
anon.amish at gmail.com
Mon Jun 19 12:16:36 UTC 2017
Hello,
I was referring to:
http://wiki.squid-cache.org/Features/SslPeekAndSplice#Actions
Based on explanation I wonder if peek and stare are exactly same at step 1?
If yes, which one should I use at step 1? peek or stare?
I am asking because in future their function may change (at step 1).
My intention is to bump as much traffic as can be done. (at step 3)
Currently:
At step 1 I peek most traffic (and splice traffic originating from some IPs)
At step 2 I stare most traffic (and splice exempted domains)
At step 3 everything is bumped.
If peek and stare are same at step 1, I may change peek to stare so that
it looks consistent.
My 2nd question is:
In the above link it is mentioned under "Configuration Examples" that:
"At no point during ssl_bump processing will dstdomain ACL work. That
ACL relies on HTTP message details that are not yet decrypted"
Does it hold true for dstdom_regex as well? Because both seem to apply
to same thing.
Thanks and regards,
Amish.
More information about the squid-users
mailing list