[squid-users] access log without hostname
Alex Rousskov
rousskov at measurement-factory.com
Fri Sep 20 12:48:00 UTC 2019
On 9/20/19 3:49 AM, sknz wrote:
> I upgraded Squid to 3.5.28 September 2019 and compiled it with SSL. Now it's
> working for both Http and Https site, also logging traffic with hostname.
>
> For example, when I write "hotmail.com" in a fresh browser address bar and
> press Enter, it shows this:
>
> Our services aren't available right now
>
> <p>We're working to restore all services as soon as possible. Please check
> back soon</p>
> 0v4KEXQAAAACY6CM2x6+tS6+eNfa3kUWNU0cyRURHRTExMTIARWRnZQ==
>
> it supposes to update url for https version automatically. if I type full
> address "https://www.hotmal.com", now it works! How to solve this issue?
A splicing Squid does not participate in redirection from
http[s]://example.com to http://www.example.com. If that redirection
works fine without Squid and does not work with Squid, then most likely
your Squid installation is outdated and/or buggy.
I would start by upgrading to the latest Squid v4 or better. SslBump
support in recent Squid releases is usually better, and the difference
is often important.
Alex.
> ==================
> http_port 3128
> http_port 3126 intercept
> https_port 3127 intercept ssl-bump generate-host-certificates=off
> cert=/etc/squid3/certs/squid.pem
>
> acl step1 at_step SslBump1
> ssl_bump peek step1
> ssl_bump splice all
>
> and iptables redirected, 80>3126 and 443>3127.
>
More information about the squid-users
mailing list