[squid-users] Squid 3 SSL bump: Google drive application could not connect

Yuri Voinov yvoinov at gmail.com
Thu Jan 1 22:17:52 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
BTW,

gents.

Detecting non-HTTPS connections over 443 port is real problem.

This technique is used in some IM apps, cloud apps and other ways.

To catch them I need to review cache.log in realtime, snoop raw IP flow,
manually add URL regexp to non-bumping ACL.

And this is common task. Exclusion list (which is grows continiously) is
bad idea.

I think, a good idea to complete external ACL helper and include it in
Squid distributive.

If helper cah learning in conjunction with SQLite DB - it solves one of
our bump problems.

WBR, Yuri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJUpcePAAoJENNXIZxhPexGge0IALIoTdhXhuFOLlFePRnTnN04
G2nyFYGPCYDZnctX5rAJkmuA1xPP8C4Gt6PgHJLhplRwpkci0z6zOXqCqBMse2Gr
8Hrky+bAyvx+b5Nzq8qz8BB+z1wZmkod+k2uC5QhAq/lJM9rX5CSvloBIHmeA8yh
pBF1qvxmrBmhA0knP49qXBMP9ttA0f2V58kCa7K1zrjcODHbjyHJSXb0d8Yad1Mq
DeihkSnGU/pD1EACtHLjYcSd26O+aCWi3bzucPE64CRCi9t6mClgTnUrAGkrhP7k
CKfZOVTfE3wIYn4p5h9MAFyGrWwNLtfXWsCFC89YPPpzvyhHDREE7xIC5xzVAQ8=
=Snbm
-----END PGP SIGNATURE-----



More information about the squid-users mailing list