[squid-users] sqid redirector for ssl?
Hi all, I want to redirect an ssl connection of just one application of a ssl enabled host. I tried using squirm, and got it well working with http, but if I add the s to the pattern matcher, it does not work anymore. For me it looks like that squid is not using the redirector for ssl traffic. is it possible to use the redirector for ssl secured connections? Do I have to enable sth. additional to let it work? I have squid-2.5.STABLE12 running. kind regards Sebastian
Re: [squid-users] sqid redirector for ssl?
tor 2007-03-15 klockan 10:34 +0100 skrev Sebastian Reitenbach: > it does not work anymore. For me it looks like that squid is not using the > redirector for ssl > traffic. is it possible to use the redirector for ssl secured connections? It is using the redirector for SSL traffic. But if this is a forward proxy then all Squid knows about SSL traffic is CONNECT hostname:port, and this is what is sent to the redirector. The only possible result of the redirector is to leave the request as-is or return a new hostname:port where the connections should be forwarded. In reverse proxies acting as SSL terminators full redirect capabilities is available, as then Squid is proxying the HTTP requests just as it does for plaintext http.. but the distinction between http and https in Squid-2.5 as reverse proxy is a bit blurred.. to keep sanity upgrade to 2.6 in such case. Regards Henrik signature.asc Description: Detta är en digitalt signerad meddelandedel
Re: [squid-users] sqid redirector for ssl?
Hi, > > It is using the redirector for SSL traffic. But if this is a forward > proxy then all Squid knows about SSL traffic is CONNECT hostname:port, > and this is what is sent to the redirector. The only possible result of > the redirector is to leave the request as-is or return a new > hostname:port where the connections should be forwarded. > I tried that, but it doesn't seem to work. I have this line in the squirm.pattern file: regex ^www.mydomain.de:443$ www.intern:443 and when I test squirm at the command line, then I can observe this: www.mydomain.de:443 127.0.0.1/- - GET www.intern:443 127.0.0.1/- - GET Fri Mar 16 09:35:15 2007:www.mydomain.de:443:www.intern:443 www.intern:443 127.0.0.1/- - CONNECT www.mydomain.de:443 127.0.0.1/- - CONNECT for me it looks like the squirm is ignoring the connect statement, or did I missed something else? kind regards Sebastian
Re: [squid-users] sqid redirector for ssl?
Hi all, > > > I tried that, but it doesn't seem to work. > > I have this line in the squirm.pattern file: > regex ^www.mydomain.de:443$ www.intern:443 > > and when I test squirm at the command line, then I can observe this: > > www.mydomain.de:443 127.0.0.1/- - GET > www.intern:443 127.0.0.1/- - GET > Fri Mar 16 09:35:15 2007:www.mydomain.de:443:www.intern:443 > www.intern:443 127.0.0.1/- - CONNECT > > www.mydomain.de:443 127.0.0.1/- - CONNECT > > for me it looks like the squirm is ignoring the connect statement, or did I > missed something else? after a short look into the source I found out that squirm only handles GET requests. After exchanging the pattern matching of GET, with CONNECT it works as I want it to work. Sebastian
