On 10/17/2013 07:56 AM, Plamen wrote: > Is there any way that squid can handle such NON HTTP communication in a way > that will not break the normal behavior of this kind of traffic when it goes > through it. Today, the above is partially supported for intercepted SSL traffic only, via the "ssl_bump none" action that blindly tunnels intercepted non-HTTP connections based on TCP-level information such as source and destination IP addresses and ports. Unfortunately, the rest of the traffic on that interception port would have to be SSL encrypted for Squid to handle it correctly, which makes this trick unusable for port-80 interception setups. It is possible to make Squid smarter and more flexible when facing non-HTTP traffic (with various trade-offs, of course), and some protocols have elevated demand for being recognized and tunneled (e.g., WebSockets is a prime candidate). I am not aware of any active project adding such support, but there is a healthy level of discussions about the problem, so I suspect better tunneling support will be added sooner or later. http://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F Cheers, Alex.
