Le ven 21/03/2003 à 18:57, Luis Fernando C. Talora a écrit : > I've tried to use RedHat Linux 8.0 to build a transparent proxy with > squid (squid-2.4.STABLE7-4) and netfilter (iptables-1.2.6a-2). Squid > is listening on port 8080. When a http packet arrives, the requisition > appears on squid log and the page is viewed nicely. When a https > requisition is made, squid seem not to recieve the redirection from > netfilter, though. The nat rule used for redirection follows: > > iptables -t nat A PREROUTING -i $EXTERNAL_INTERFACE -p tcp -d ! > $INTERNAL_NETWORK -m multiport --dports 80,443 -j REDIRECT --to-port > 8080 Afaik, HTTPS cannot be proxied transparently as client must issue a CONNECT method to have the proxy fall back into TCP relay mode. Or you use kind of SSL certificate replacement... You problem can be related to this. -- Cédric Blancher <blancher@xxxxxxxxxxxxxxxxxx> IT systems and networks security expert - Cartel Sécurité Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
