[squid-users] Non-Transparent HTTP+HTTP Proxy

Matus UHLAR - fantomas uhlar at fantomas.sk
Mon Sep 16 10:07:04 UTC 2019

On 16.09.19 03:27, sknz wrote:
>So my straight-forward goal is here,
>i. Non-transparent proxy ( transparent doesn't work with captive portal )

if you mean, explicit proxy (client must explicitly configure it), not an
intercepting proxy (http connections are redirected to proxy, browser
doesn't know), then it's the default squid configuration.

You must explicitly allow connections from client ips.

however, captive portals could work with transparent proxy too. 
With http, no problem, with https, you need certificate.
But, mobile phones test connections when checking new wi-fi network, so they
can find out and report authorisation requirements on caprivw portals.

>ii. LOG HTTP and HTTPS traffic ( for HTTPS hostname will do )

this is on by default, unless you use distribution that turned it off.

>iii. Without issuing any certificate in client device

dtandard behaviour.

Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)

More information about the squid-users mailing list