Search squid archive

Re: Is "https_port" required for transparent (reverse) proxying?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01.12 10:56, Tim Neto wrote:
> Okay, so the terminology is no longer "transparent" and instead I should 
> use "intercepting".
> 
> Here is what I have:
> 
>      --------------                        -----------------            
>                      ---------------------
>     |  Client       |       Internet      | Firewall host  |    
> Internal Network    | Secure Web       |
>     |  Computer | <--------------->| with IPtables  
> |<----------------------->| Server (https)    |
>     |                 |                        | and Squid      
> |                                 | port 80 and 443 |
>      --------------                        -----------------            
>                      ---------------------

sorry I can't read this. Do you use fixed-width font for text e-mail?
(you should).

> The trouble we are having is Squid is not passing the https traffic through.

Do you need squid pass the https traffic through?
Wouldn't be enough if it accepted HTTPS trafic and forwarded it as HTTP?
(this usually means reverse proxy and it's its usual use)

And, again, the proxy does not need to be intercepting - it's useless.

> So the question remains, how do I pass HTTPS traffic from the open 
> Internet to my internal web server using Squid 2.5STABLE11?

Just direct https traffic to proxy and configure it to forward requests to
correct host (using squid hosts table).

-- 
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
It's now safe to throw off your computer.

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux