[squid-users] squid-users Digest, Vol 59, Issue 12

Arunabha Saha arunabha.saha at gmail.com
Tue Jul 16 17:51:27 UTC 2019


Thanks.   i did get it working with the latest 5.0.0 (unreleased) code
in github.    The configuration has to be  "ssl-bump client-first .."
for this to work.
Does that sound right?

On Fri, Jul 12, 2019 at 5:02 AM
<squid-users-request at lists.squid-cache.org> wrote:
>
> Send squid-users mailing list submissions to
>         squid-users at lists.squid-cache.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.squid-cache.org/listinfo/squid-users
> or, via email, send a message with subject or body 'help' to
>         squid-users-request at lists.squid-cache.org
>
> You can reach the person managing the list at
>         squid-users-owner at lists.squid-cache.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of squid-users digest..."
>
>
> Today's Topics:
>
>    1. Re: Non-standard proxy setup (Alex Rousskov)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 11 Jul 2019 09:31:02 -0400
> From: Alex Rousskov <rousskov at measurement-factory.com>
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Non-standard proxy setup
> Message-ID:
>         <42a9f4e2-8ca2-eb2b-88e9-751d4af7558a at measurement-factory.com>
> Content-Type: text/plain; charset=utf-8
>
> On 7/10/19 7:44 PM, Arunabha Saha wrote:
> >> The client will attempt to open a TLS/TCP connection to the origin
> >> server. Your router (or some such) will redirect client TLS/TCP bytes to
> >> your Squid's https_port. If configured correctly, Squid will accept that
> >> TCP connection and wrap/forward it into/inside an HTTP CONNECT tunnel
> >> through the corporate proxy.
>
> > i don't see squid
> > wrap the connection to parent proxy in a HTTP CONNECT tunnel.
> >    User ----->Squid(Transparent Proxy)--------->Parent Proxy------>Internet.
> >    I need to see a CONNECT tunnel between Squid(Transparent Proxy)
> > and Parent Proxy but I don't.   Based on another thread, Is this
> > something that works only starting squid 4.X.
>
> I do not remember for sure, but you may need a development version of
> Squid (future v5) or an unofficial patch to forward intercepted tunnels
> to a cache peer. If SslBump-related peering support is indeed required
> to support such forwarding, then please see this seemingly unrelated bug
> report for more details and options:
>
>   https://bugs.squid-cache.org/show_bug.cgi?id=4968
>
> Alex.
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
> ------------------------------
>
> End of squid-users Digest, Vol 59, Issue 12
> *******************************************



-- 
regards,
Arun


More information about the squid-users mailing list