Hello Everyone,
I've successfully managed to configure sslbump with
squid-3.HEAD-20121231-r12554.
However, I am having troubles in configuring SslBump using
Bump-Server-First in Transparent mode. Basically I don't think I have
the correct set of directives/configuration parameters in
FWIW I've created a bug report.
http://bugs.squid-cache.org/show_bug.cgi?id=3731
So far the patch I mentioned has worked beautifully on my production machines.
On Fri, Dec 28, 2012 at 6:59 PM, Amos Jeffries wrote:
> On 29/12/2012 3:49 p.m., Andrew Beverley wrote:
>>
>> On Fri, 2012-12-28 at 18:
to configure sslbump with
squid-3.HEAD-20121231-r12554.
However, I am having troubles in configuring SslBump using
Bump-Server-First in Transparent mode. Basically I don't think I have
the correct set of directives/configuration parameters in squid.conf
to check/test SslBump using Bump-Server-
On 1/01/2013 12:33 p.m., Eliezer Croitoru wrote:
Hey,
From this basic snippet of the email I can tell you:
1. using DNAT is wrong anyway for intercept proxy.
2. specifically for SSL-BUMP it's ^^^ the cause of most of your problems.
Since SSL-BUMP tries to to bump server first it should be able
On 30/12/2012 10:55 p.m., Tim Bates wrote:
Has anyone had experiences with running Squid *transparently* on an
OpenVZ container in combination with a Cisco router?
Can it be done?
Is there anything to watch out for, or any tricks?
TB
Which definition of "transparent" are you trying to achieve
Sorry my bad,
If it's on the same machine then it should be fine.
if on other it's another story.
on what machine is it? these rules?
Thanks,
Eliezer
On 1/1/2013 7:14 AM, Amos Jeffries wrote:
> No. DNAT and REDIRECT do the same thing and both are valid for Squid
> with NAT intercept.
>
> REDIRE
Eliezer & Amos,
Thank you for your input & assistance.
The iptables rules are on the same machine in which I'm running squid.
Amos, just for my understanding changing the below given directive
should do the trick ?
ssl_bump client-first all
to
ssl_bump server-first all
On Tue, Jan 1, 2013 a
On 1/01/2013 7:19 p.m., Swapneel Patnekar wrote:
Eliezer & Amos,
Thank you for your input & assistance.
The iptables rules are on the same machine in which I'm running squid.
Amos, just for my understanding changing the below given directive
should do the trick ?
ssl_bump client-first all
to
