[squid-users] TAG_NONE/xxxx
Amos Jeffries
squid3 at treenet.co.nz
Sun Jul 12 00:43:25 UTC 2015
On 12/07/2015 8:16 a.m., Yuri Voinov wrote:
>
> Yep, man.
>
> Sad, but true.
No man.
[sorry, sent the followup in private by mistake. Repeating now for
everyone ... with a bit more info]
The TAG_* is a representation of what Squid has done in processing
the transaction.
We dont yet have tags/codes labelling the different SSL-Bump logic
paths. So the fake-CONNECT request processing shows up as "NONE" at the
moment when splicing or bumping was done. TUNNEL when SSL-bump action
"none" is done for intercepted traffic. And "terminate" action is not
logged at all for some reason.
Details on the existing tag meanings can be found here:
<http://wiki.squid-cache.org/SquidFaq/SquidLogs#Squid_result_codes>
Since David configurd splice as has bumping action the TAG_NONE/200
means the intercepted transation (fake-CONNET) was spliced. No further
details will be logged, because they are inside the encryption flowing
through the splice.
Amos
>
> 11.07.15 16:13, David Touzeau пишет:
>> To understand what you says:
>
>> Means that squid try to understand the TLS protocol in order to
> retrieve certificate information but some TAGS in certificate are not
> properly understood.
>> So Squid still accept/forward the connection without decoding TLS ?
>
>> Le 11/07/2015 11:33, Amos Jeffries a écrit :
>>> On 11/07/2015 9:23 p.m., David Touzeau wrote:
>>>> Hi all
>>>>
>>>>
>>>> We using Squid 3.5.6 in transparent mode with SSL
>>>>
>>>>
>>>> With the following settings:
>>>>
>>>> acl ssl_step1 at_step SslBump1
>>>> acl ssl_step2 at_step SslBump2
>>>> acl ssl_step3 at_step SslBump3
>>>> ssl_bump peek ssl_step1
>>>> ssl_bump splice all
>>>>
>>>>
>>>> We have many entries "TAG_NONE/XXXX" in access.log when accessing to SSL
>>>> websites.
>>>>
>>>> What does it means ?
>>> Spliced connection. No HTTP handling occured.
>>>
>>> The TLS logics do not yet have proper processing tags defined yet. That
>>> is still on the todo list.
>>>
>>> Amos
>>>
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> http://lists.squid-cache.org/listinfo/squid-users
>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>
>
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
More information about the squid-users
mailing list