When a browser requests https://www.example.com/index.html, Squid with ssl-bump sends two requests to the URL rewriter:
1. CONNECT www.example.com:443 2. GET https://www.example.com/index.html The URL rewriter must _not_ block the first and send an alternative URL for the second. Caveat: this works for URLs of sites that use TLS/SSL. For connections which cannot be bumped (e.g. Skype etc.) Squid only sends 1. CONNECT SO.ME.IP.ADDR:443 Marcus On 09/01/2015 10:08 PM, Amos Jeffries wrote:
On 2/09/2015 12:59 p.m., Oliver Webb wrote:Hopefully quite a simple one (to ask anyway!): In Squid 3.5.7 *with working Peek and Splice* how can I give my url_rewrite_program access to the decrypted URL? eg. https://example.com/malware-that-the-url-rewriter-will-block.exe.pdfYou need to use "bump" action in ssl_bump to decrypt the traffic (if you can). Once the request is decrypted by the "bump" Squid will pass it to the re-writer like any other URL. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
