[squid-users] tproxy sslbump and user authentication

Vieri rentorbuy at yahoo.com
Tue Apr 21 12:33:10 UTC 2020

On Tuesday, April 21, 2020, 8:29:28 AM GMT+2, Amos Jeffries <squid3 at treenet.co.nz> wrote: 
> Please see the FAQ:
> <https://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Why_can.27t_I_use_authentication_together_with_interception_proxying.3F>
> Why bother with the second proxy at all? The explicit proxy has access
> to all the details the interception one does (and more - such as
> credentials). It should be able to do all filtering necessary.

Can the explicit proxy ssl-bump HTTPS traffic and thus analyze traffic with ICAP + squidclamav, for instance?
Simply put, will I be able to block, eg. https://secure.eicar.org/eicarcom2.zip not by mimetype, file extension, url matching, etc., but by analyzing its content with clamav via ICAP?

> TPROXY and NAT are for proxying traffic of clients which do not support
> HTTP proxies. They are hugely limited in what they can do. If you have
> ability to use explicit-proxy, do so.

Unfortunately, some programs don't support proxies, or we simply don't care and want to force-filter traffic anyway.


More information about the squid-users mailing list