lör 2007-01-27 klockan 12:14 -0500 skrev ab cd: > i am currently attempting to use squid to become an SSL gateway/man in > the middle device for the outside world so that we have the ability to > monitor the traffic before it leaves the network. This function is not yet implemented. Currently only SSL server support is implemented allowing Squid to act as a single SSL server (per ip:port). To experiment you can try enabling the hidden SSL_CONNECT_INTERCEPT define ./configure ... echo "#define SSL_CONNECT_INTERCEPT 1" >>include/autoconf.h make clean make install this will make Squid intercept any CONNECT requests sent by the clients and direct them to the first https_port. But be warned that it's highly experimental code and some important pieces is still missing for this to be even remotely useful in real life. The biggest part missing is spoofing of the server certificates to avoid the "certificate name mismatch" popup on each visited site. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
