On Thu, Mar 29, 2007, Emilio Casbas wrote: > I reply myself, I have found the response in this thread > > http://www.squid-cache.org/mail-archive/squid-users/200102/0816.html > and the possible solution: > http://www.squid-cache.org/mail-archive/squid-users/200102/0822.html > > Then the question now is, ?does squid support the transparent SSL proxy? > or, is there any plan to support it in a future version? Its not that hard to implement! I'm suprised noone's just gone ahead and done it. Lots of people seem to want it, and this project is heavily driven by people contributing code which implements the kind of behavour they were after. In essence, you'll do this (which only works for transparently intercepted connections, btw.) * listen on a port * accept a connection * do the ACL lookups you can - source/destination IP, source MAC, time. srcdomain maybe. * if successful, look at how the ssl tunneling code in Squid currently works and basically do that - so SSL requests are either forwarded directly to the origin or tunneled via a CONNECT to another proxy. If someone offered Henrik or I a small fee then we could squeeze it into our current workloads and get it into Squid-2 and Squid-3. That, or write the code up and submit it - we'll then review it and commit it when its ready. Adrian
