On 17.01.10 00:42, anand phulwani wrote:
My problem is ,i am using squid 2.7 as a transparent proxy on Ubuntu
Server 9.10 on Sun VirtualBox and my network is divided into two groups,
to one i want to allow gtalk gmail and to other i want to allow just
gmail.
I came to know that one solution could be WPAD/PAC.
But I am looking for other alternative. i tried
a) Recompiling it with --enable-ssl and installing,which allowed me to
control gtalk
but it stopped opening gmail.com
b) So i thought of redirecting 0:442, 444:65535 to port 3128(http_port) and
masquerading port 443.this allowed gmail,but removed the access control over
gtalk
c) then i reverted to snapshot when i repeated the step a ,my gtalk is unable
to connect, i dont understand what had i missed(there is something i have
missed i just dont know what i am missing).
d) then i tried 3129(https_port) and generated key and certificate as a wild
try.but still gtalk is unable to connect.
Also I Would Like To Ask
e)Can I Use Squid 3.0 For HTTPS?, although it is still not maintained by
ubuntu core developers and is not quoted as stable.Is it reliable?.
no. intercepting (called transparent proxying) SSL protocols is not possible
without dangerous side-effects.
Also, intercepting other protocols than HTTP is mostly impossible.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
One OS to rule them all, One OS to find them,
One OS to bring them all and into darkness bind them