[squid-users] About SSL peek-n-splice/bump configurations

Julian Perconti vh1988 at yahoo.com.ar
Sun Aug 12 22:09:01 UTC 2018


I would like to know which of these two cfg's are "better" or "more secure"
when a site/domain is spliced, bumped, etc.

Here the lines...

# mandatory lines:

acl noBumpSites ssl::server_name_regex -i "/etc/squid/url.nobump"

acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3


# ssl_bump option 1: (with this I don't see the domain in "TUNNEL" line,
just the IP addr.)

ssl_bump peek step1
ssl_bump peek step2 noBumpSites
ssl_bump splice step3 noBumpSites
ssl_bump stare step2
ssl_bump bump step3

# ssl_bump option 2: (with this I see the domain in "TUNNEL" line.)

ssl_bump peek step1
ssl_bump splice noBumpSites
ssl_bump bump all

And (if possible) could anyone explain the differnce between these 2 cfg's ?

The peek-n-splice config (for me) was never clearly.

Thank you in advance,

All the best

More information about the squid-users mailing list