[squid-users] Squid access.log
Kornexl, Anton
Anton.Kornexl at uni-passau.de
Thu Jan 16 21:06:25 UTC 2020
Thank you for this INFO
I use ufdbguard with the line
url_rewrite_program /usr/sbin/sgwrapper_ufdb
I had
redirect-https "https://www.jug.... in the config file for ufdbguard
Removing https:// from this definition removed the fake CONNECT https:443 entries
Anton Kornexl
-----Ursprüngliche Nachricht-----
Von: squid-users <squid-users-bounces at lists.squid-cache.org> Im Auftrag von Amos Jeffries
Gesendet: Donnerstag, 16. Januar 2020 20:59
An: squid-users at lists.squid-cache.org
Betreff: Re: [squid-users] Squid access.log
On 17/01/20 3:08 am, Alex Rousskov wrote:
> On 1/16/20 3:06 AM, Kornexl, Anton wrote:
>> I see many requests with CONNECT https:443 in my access.log
>
>> How are these entries triggered?
>
> These records are logged when your Squid is done with an HTTP CONNECT
> tunnel or after Squid intercepts a TLS connection. In very broad terms,
> they are a sign that your Squid participates in HTTPS transactions.
> Normally, there should be more than "https:443" in those CONNECT records.
>
This particular "https:443" happens when people use SquidGuard or
similarly broken redirector to tell Squid the *URI* (hostname:443) of a
CONNECT tunnel is a *URL* (https://hostname:443[path])..
If this is your case, fix the redirector or use this:
uri_rewrite_access deny CONNECT
Amos
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list