Hi; I want to pass https traffic through squid without processing it, only pass the traffic. I'm not interested with filtering or seeing the content. I won't use proxy, the iptables rule below will redirect https traffic to squid. iptables -t nat -I PREROUTING -p tcp --dport 443 -j DNAT --to-destination 192.168.0.1:3128 If I succeed this I will work on an acl which uses SNI. I will appreciate if you give me ideas about SNI filtering too(the SNI I am talking about is different from the one implemented in squid, my only purpose is acl). http://en.wikipedia.org/wiki/Server_Name_Indication Good day to you..
