[squid-users] Have issue with "https_port ssl-bump intercept"

Alex Rousskov rousskov at measurement-factory.com
Fri Aug 10 20:28:04 UTC 2018

On 08/10/2018 01:04 PM, pius wrote:

> I had an ACL whitelist for IPs. I tried the test again removing that. 

Sounds more like a blacklist than whitelist if removing the rule
_allows_ the request.

> Now I get an error TAG_NONE/200 0 CONNECT.

That is a good sign. The fake CONNECT request was not denied. Please
post all the access.log lines as you did before to show the whole picture.

And what does curl say?

> Still, I am not getting server IP or domain name and
> got squid IP instead. (

Ignore that detail for now.

> Does that mean, the request is still blocked in step 1 Or is that Google
> won't accept fake CONNECT request?

Neither, and Google does not receive CONNECT requests (fake or real) --
they are handled internally by Squid.

Please see the following wiki page for what is really going on at
various steps: https://wiki.squid-cache.org/Features/SslPeekAndSplice



More information about the squid-users mailing list