[squid-users] SSL Sites not redirecting and showing in logs in Transparent Mode using WCCP

Gopi Joshi gkjoshi at gmail.com
Mon Jan 22 18:01:04 UTC 2018


I have installed Squid 3.5 on REdHat and configured it in transparent mode
using WCCP. On 4500 switch we are redirecting Port 80 and 443 , i am not
able to see SSL websites in access.logs , it shows only IP address.also we
are not able to webchain SSL websites based on URL , below is configuration
, rest are default

http_port 3128 transparent
https_port 3127 intercept ssl-bump cert=/opt/squid_certs/proxyCA.pem

### No decryption ##
ssl_bump none all
sslcrtd_program  /usr/lib64/squid/ssl_crtd -s /opt/squid_ssldb/ssl_db -M
sslcrtd_children 5

WCCP Configuration

# WCCPv2 parameters
wccp2_forwarding_method l2
wccp2_return_method l2
wccp2_assignment_method mask
wccp2_rebuild_wait off
wccp2_service standard 0
wccp2_service dynamic 70
wccp2_service_info 70 protocol=tcp
flags=dst_ip_hash,src_ip_alt_hash,src_port_alt_hash priority=231 ports=443
#wccp2_service_info 70 protocol=tcp priority=231 ports=443

is there a way for squid to see URL / Domain information for SSL Sites
without decrypting ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180122/6bfd89b5/attachment.html>

More information about the squid-users mailing list