On 14/07/2012 3:22 a.m., Abdessamad BARAKAT wrote:
Hi, 1) HTTPS Interception I try to setup https transparent configuration with squid 3.1.20 The traffic was correctly forwarded to the proxy port 3129 via WCCP (Cisco ASA GW) , but the proxy doesn't use ssl connection to join the final server but a clear http connection with port 80 The flow client --> squid proxy use correctly ssl with the squid's certificate Any idea why the squid don't use a https connection to join the final server ?
Squid-3.1 is not designed for HTTPS interception. You require features only available in the 3.2 series.
2) FTP Interception If I understand correctly, squid can handle FTP transparent use with browser's use (FTP native client not suppported)
There is nothing transparent about that. The browser tells Squid what URL to fetch from FTP parts of the Internet. Squid produces an HTTP object for the browser.
I have configured only WCCP stuff, nothing about FTP on squid and I can see the 3-way handshake was established correctly between the client and the proxy, but after that nothing...
What proxy? Not Squid, because Squid would be sending HTTP erorr codes, not FTP handshake codes.
If I want to use a native ftp client, anyone can suggest me a good ftp transparent proxy ( I see frox or ftp-proxy but theses softwares doesn't seem maintained or have a recent stable version)
Release date is not a good measure of usefulness. The FTP protocol has not changed in years, so there is no new features to be added to a well written FTP proxy.
Amos
