[squid-users] icap (squidclamav) and squid 3.5 ssl peek splice
Alex Rousskov
rousskov at measurement-factory.com
Sun Oct 23 19:34:23 UTC 2016
On 10/23/2016 11:33 AM, Ulysse 31 wrote:
> ssl_bump peek all
> ssl_bump splice all
> Does peek / splice don't allow icap scanning/filtering ?
The splice action does not allow for scanning/filtering message bodies.
The bump action does. The bump action is not compatible with the peek
action during step 2. So, your configuration will evolve among these lines:
ssl_bump bump all
or
ssl_bump stare step1
ssl_bump bump all
or
ssl_bump stare all
ssl_bump bump all
All production configurations are more complex/nuanced. The wiki has
more examples.
Make sure your get SslBump fully working _before_ you throw adaptation
into the mix. You should see all the bumped requests in access.log.
HTH,
Alex.
More information about the squid-users
mailing list