On 2014-02-26 16:15, Jerry OELoo wrote:
Hi All:
I am new to Squid, I want to try its SSL Bump, Please kindly check as
below. Thanks in advance.
Network topology:
A, client, Windows7, IP: 10.64.12.100,
B, Proxy server, Ubuntu, running Squid, IP: 10.64.12.101
Okay. However that log snippet below says that the website your client
is trying to connect to is being hosted on 10.64.12.100 port 32843.
kid1| ERROR: NF getsockopt(ORIGINAL_DST) failed on
local=10.64.12.101:3130 remote=10.64.12.100:32843 FD 12 flags=33: (92)
Protocol not available
How is the interception being done?
# Https Port
https_port 3130 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
cert=/usr/local/etc/squidcert/certs/proxyCert.pem
key=/usr/local/etc/squidcert/private/proxyKey.pem
This port configuration requires NAT interception.
Amos
