There's stuff in Squid-3 (sslbump) for pulling apart the SSL stream. A more lightweight version to implement basic ACL processing and act as a sort of stepping stone for further testing wouldn't be that difficult to code up.
Adrian On Mon, Apr 07, 2008, [EMAIL PROTECTED] wrote: > Assuming this does not 'work' by default, does a hack exist to make > transparent SSL proxy work in the same way that transparent HTTP works? > > I have a need to redirect dst port 443 traffic to Squid for acl > analysis. Obviously this works as intended by configuring the browser > to manually send HTTPS traffic to the HTTPS proxy, but does not work > with transparent redirect under Linux. > > -- Joe -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -