[squid-users] R: SSL Bump and NF getsockopt failed
Job
Job at colliniconsulting.it
Mon Oct 5 12:06:36 UTC 2015
Hello Amos!
>The connection arriving at Squid does not have any NAT records in the
>Squid machine kernel.
>It is mandatory that NAT be done on the Squid machine. Not on some
>remote router (aka CPE "port-forwarding").
The iptables gateway is in the same machine where Squid+SSL bump run.
Our transparent proxy for 80/HTTP works perfectly, but users cannot access do https pages.
By consolle, if i telnet localhost 3129 (https intecept port), i have no connections, even though in netstat -avn | grep 3129 i have active and listening connections.
Please note i use the REDIRECT --to-port command in iptables.
Where am i wrong?
Thank you!
Francesco
More information about the squid-users
mailing list