[squid-users] Fwd: [Squid-3.5.20]Squid transparent proxy http/https without client site config
Amos Jeffries
squid3 at treenet.co.nz
Fri Nov 24 13:27:26 UTC 2017
On 25/11/17 02:04, minh hưng đỗ hoàng wrote:
>
>
> Dear Squid-users,
> I want to setup a Squid proxy in transparent mode http/https traffic
> without any config in Client site.
>
> I use Squid 3.5.20 on Centos7.I just install squid with default feature
> as *yum install squid.*
> *
> *
> I just do that , but i have some problem with my output logging in
> access.log .
> Specifically, my access.log only show ip_address_server:443 instead
> domain name of destination server like that :
>
>
> *1511525732.912 206 172.18.18.15 TAG_NONE/200 0 CONNECT
> 172.217.24.35:443 - ORIGINAL_DST/172.217.24.35 -*
> *
> *
> I know that i take some mistake in my squid.conf . But i can't find out
> how to fix it. Could you please show me how to improve my squid.conf .
>
You configured "ssl_bump none all".
<https://wiki.squid-cache.org/Features/SslPeekAndSplice#Actions>
"do not use these with Squid-3.5 and newer"
Use this instead:
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump splice all
There should be two log entries per HTTPS connection. One before peek
happens with raw-IP:port details. And a second one after peek which may
have a _server_ name (*not* domain name) if and only if the client sends
TLS SNI extension data.
Amos
More information about the squid-users
mailing list