[squid-users] peek and splice content inspection question

Marko Cupać marko.cupac at mimar.rs
Thu Aug 13 12:47:18 UTC 2015


Hi,

a few years ago I had a working setup of squid + dansguardian which was
giving me ability to inspect traffic and filter it according to various
criteria, mainly extensions, mime types and presence of malicious code
(clamav).

Lately most of the web moved to https, and dansguardian isn't maintained
for almost three years, which made my setup obsolete.

Is it possible - by means of squid's peek and splice feature - to
inspect file extensions and mime types of https traffic? Can bumped
https traffic be forwarded to icap (squidclamav) for AV scanning? And
finally, would overly curious and unethical admin be able to easily dump
bumped data and find sensitive information there?

Thank you in advance,
-- 
Marko Cupać
https://www.mimar.rs/


More information about the squid-users mailing list