[squid-users] issues with sslbump and "Host header forgery detected" warnings
Amos Jeffries
squid3 at treenet.co.nz
Sat Nov 7 11:42:36 UTC 2020
On 7/11/20 10:18 am, Leonardo Rodrigues wrote>
> However, some connections are failing with the "Host header forgery
> detected" warnings. Example:
>
...
> Questions:
>
> - without using WPAD or without configuring proxy on the client
> devices, is this somehow "fixable" ? Same DNS already being used ...
All we can do is minimize the occurrences (sometimes not very much).
This wiki page has all the details of why and workarounds
<https://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery>.
> - is there any chance the NONE/409 (Conflict) logs i'm seeing are
> not related to this? Maybe these are just WARNINGs and not ERRORs, or
> these would really cause a fail to the intercepted connection?
No. The only time current Squid produce 409 status is these Host header
problems.
> - any other hint on this one without having to set proxy, in any
> way, on the clients? I just wanna have hostnames (and traffic generated)
> logged, no need for full decrypt (bumping) of the connections.
>
No, sorry.
Amos
More information about the squid-users
mailing list