[squid-users] TLS passthrough
Fernando Giorgetti
fgiorgetti at gmail.com
Mon Oct 2 15:02:55 UTC 2023
Thank you Amos and Rafael,
Using the LinuxDnat approach worked great as well.
On Sat, Sep 30, 2023 at 5:18 AM Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 30/09/23 11:06, Fernando Giorgetti wrote:
> > If someone has already done that, with the client running in a different
> > machine, I would love to know how.
>
>
> There are several ways;
>
> 1) run Squid on the gateway router for your network, or
>
> 2) place Squid in a DMZ between the LAN gateway and WAN gateway.
>
> 3) setup a custom route+gateway for port 80 and 443 LAN traffic as the
> Squid machine. Excluding traffic from that machine itself.
>
>
> >
> > In case Squid runs on the same machine used as a network gateway to the
> > client machine, I suppose the config would be similar, but if it's not
> > running on the same machine used as the gateway, then it would be nice
> > to see how.
> >
>
> That would be (1). See
> <https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat> for
> how to configure the gateway router running Squid.
>
> The configuration difference between the at-source (aka, on client
> machine) you are/were using is just some iptables rules.
>
>
> HTH
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20231002/57620584/attachment.htm>
More information about the squid-users
mailing list