----- Original Message ----- > From: Amos Jeffries <squid3@xxxxxxxxxxxxx> > To: squid-users@xxxxxxxxxxxxxxx > Cc: > Sent: Wednesday, 6 March 2013 11:36 AM > Subject: Re: Bypassing SSL Bump for dstdomain > > On 6/03/2013 1:40 p.m., Alex Rousskov wrote: >> On 03/05/2013 03:09 AM, Amos Jeffries wrote: >> >> >>> Squid tunnel functionality requires a CONNECT wrapper to generate >>> outgoing connections. >>> It is not yet setup to do the raw-TCP type of bypass the intercepted >>> traffic would require. >> Are you sure? IIRC, "ssl_bump none" tunneling code works for > intercepted >> connections, and that is what we claim in squid.conf: > > Hmm. Yes I see the code now. > > Looks like it should work form IPv4 but IPv6 intercepted HTTPS might be > missing the [] around the IP. > > Amos > I just tried 443 port interception with sslbump and is working perfectly. If sslbump none applies for request then it passes requests as is: Log shows something like this: 1362574305.069 90590 192.168.1.1 TCP_MISS/200 3600 CONNECT 23.63.101.48:443 - HIER_DIRECT/23.63.101.48 - if sslbump server-first applied for request then log shows: 1362574001.569 294 192.168.1.1 TCP_MISS/200 515 GET https://mail.google.com/mail/images/c.gif? - PINNED/2404:6800:4009:801::1015 image/gif (Note: URL may not be same in both cases, these are just example) I dont have IPv6, why is it showing IPv6 address, in 2nd case? Using squid 3.3.2. Regards Amm
