[squid-users] SSL Bump Issue
Amos Jeffries
squid3 at treenet.co.nz
Fri Mar 4 09:11:03 UTC 2016
On 4/03/2016 10:01 p.m., Ali Jawad wrote:
> Actually, now that I am using 3.15 it seems I get the error for port 80 ->
> 3128 intercepts again
>
> TCP_MISS/503 4274 GET http://www.whereIwantToVisit.net/ - ORIGINAL_DST/
> 162.220.244.7 text/html
This is the same problem happening for both port 443 and port 80.
You need to exclude the squid outgoing traffic from the iptables NAT
REDIRECT.
Compare the tutorial rules with what you have:
<http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect>
I believe you are missing that first rule with "-s $SQUIDIP -p tcp
--dport 80 -j ACCEPT".
Amos
More information about the squid-users
mailing list