Assuming this does not 'work' by default, does a hack exist to make
transparent SSL proxy work in the same way that transparent HTTP works?
I have a need to redirect dst port 443 traffic to Squid for acl
analysis. Obviously this works as intended by configuring the browser
to manually send
There's stuff in Squid-3 (sslbump) for pulling apart the SSL stream.
A more lightweight version to implement basic ACL processing and act as a
sort of stepping stone for further testing wouldn't be that difficult
to code up.
Adrian
On Mon, Apr 07, 2008, [EMAIL PROTECTED] wrote:
Assuming
tis 2008-04-08 klockan 01:19 +0800 skrev Adrian Chadd:
There's stuff in Squid-3 (sslbump) for pulling apart the SSL stream.
That's for proxied request.
For transparen interception what you can do is to redirect the traffic
to an https_port using the transparent option. Works, but isn't really
Hi Henrik,
Is this a 3.x only option or will it work in 2.6 as well?
I tried redirecting to a local https_port on the same daemon as http_port, but
it wouldn't even listen on the socket I configured.
Perhaps I should try harder..
-- Joe
Quoting Henrik Nordstrom [EMAIL PROTECTED]:
tis
[EMAIL PROTECTED] wrote:
Hi Henrik,
Is this a 3.x only option or will it work in 2.6 as well?
3.1+ only.
Amos
I tried redirecting to a local https_port on the same daemon as
http_port, but
it wouldn't even listen on the socket I configured.
Perhaps I should try harder..
-- Joe
mån 2008-04-07 klockan 17:32 -0400 skrev [EMAIL PROTECTED]:
I tried redirecting to a local https_port on the same daemon as http_port, but
it wouldn't even listen on the socket I configured.
Perhaps I should try harder..
Yes...
https_port 4433 cert=/path/to/proxy_cert.pem