Hi, *Context*: I want to use Squid as a forward proxy, where I want to 1) send all the Image requests directly, presumably using request header 'accept' 2) send all other requests through a cache peer Proxy service
The req_header directive is working fine for HTTP Requests, but not for HTTPS. I've done the setup for SSL Bump in here and that's giving decrypted HTTPS requests in the access.log as well. *Issue:* The req_header directive is not working on the decrypted HTTPS requests. *Squid.conf* # SSL Bump Port http_port 127.0.0.1:3128 ssl-bump cert=/usr/local/etc/cert/example.com.cert key=/usr/local/etc/cert/example.com.private generate-host-certificates=on version=1 options=SINGLE_DH_USE # SSL Bump Config acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 acl imageIsBlocked req_header accept -i image ssl_bump terminate imageIsBlocked #terminate is just for testing, to be replaced by splice ssl_bump bump all *Access.log* 1587011751.217 204 127.0.0.1 TCP_MISS/200 393 GET https://dt.adsafeprotected.com/dt? - HIER_DIRECT/104.244.39.20 image/gif 1587011751.264 1050 127.0.0.1 NONE/200 0 CONNECT pagead2.googlesyndication.com:443 - HIER_DIRECT/172.217.13.226 - 1587011751.303 787 127.0.0.1 NONE/200 0 CONNECT pagead2.googlesyndication.com:443 - HIER_DIRECT/172.217.13.226 - 1587011752.246 2846 127.0.0.1 NONE/200 0 CONNECT partners.tremorhub.com:443 - HIER_DIRECT/3.224.28.212 - 1587011753.348 1096 127.0.0.1 TCP_MISS/200 1105 GET https://partners.tremorhub.com/syncnoad? - HIER_DIRECT/3.224.28.212 text/xml 1587011754.152 799 127.0.0.1 TCP_MISS/200 1124 GET https://partners.tremorhub.com/syncnoad? - HIER_DIRECT/3.224.28.212 text/xml 1587011756.091 1934 127.0.0.1 TCP_MISS/200 1086 GET https://partners.tremorhub.com/syncnoad? - HIER_DIRECT/3.224.28.212 text/xml 1587011760.264 4169 127.0.0.1 TCP_MISS_ABORTED/200 1113 GET https://partners.tremorhub.com/syncnoad? - HIER_DIRECT/3.224.28.212 text/xml 1587011760.822 367 127.0.0.1 TCP_MISS/200 1185 POST https://pagead2.googlesyndication.com/pcs/activeview? - HIER_DIRECT/ 172.217.13.226 image/gif 1587011760.862 407 127.0.0.1 TCP_MISS/200 1185 GET https://pagead2.googlesyndication.com/pcs/activeview? - HIER_DIRECT/ 172.217.13.226 image/gif Any help would be appreciated, as I have spent weeks trying to get around the work post SSL Bumping. *Thanks & Regards,* *Shubham Jain*
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users