[squid-users] squid 3.4.8 ssl-bump resolve ip in access.log
LANGLOIS Nicolas
nicolas.langlois at rouen.archi.fr
Tue Dec 1 11:40:06 UTC 2015
Hi, i'm trying to set up squid 3.4.8 on debian , i want a full transparent proxy, no conf on client side .
it's working actually but i 'm ask to report websites access but for https actually i just get this kind of line in my access.log :
< TCP_MISS/200 288 CONNECT 64.233.184.106:443 - ORIGINAL_DST/64.233.184.106 <
Is there a way to have dns resolution and log the website visited for https ?
Here is a part of my squid.conf :
http_port 192.168.1.1:3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/ssl_cert/squid.pem
http_port 192.168.1.1:3129 intercept
https_port 192.168.1.1:3130 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/ssl_cert/squid.pem
ssl_bump none all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
always_direct allow all
or is there a magical solution for transparent proxy with no client-side (certs or proxy conf) config working actually with https ?
Regards
Nicolas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151201/17ec3b76/attachment.html>
More information about the squid-users
mailing list