[squid-users] Question regarding TPROXY and sslBump
Amos Jeffries
squid3 at treenet.co.nz
Sat Feb 15 07:16:50 UTC 2020
On 15/02/20 10:28 am, Felipe Polanco wrote:
> Hi,
>
> Can squid running in TPROXY mode intercept and decrypt HTTPS payload
> with sslBump?
>
Maybe. It can do so about as well as NAT intercept mode can.
Wherther TPROXY works depends on what level of access you have to
control the TCP packet routing.
Whether SSL-Bump can decrypt depends on what TLS features are being used
by the HTTPS traffic - and whether it is HTTPS at all.
These things are only loosely related.
Amos
More information about the squid-users
mailing list