Hi all, I have a question about Squid configuration as trasparent proxy using SSL. I would to use Squid 2.6 as trasparent proxy with http and https connection. I followed this steps: 1) I configurated my iptables: # Generated by iptables-save v1.4.7 on Wed Nov 9 13:37:50 2011 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [10363:2864591] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -i eth+ -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -p icmp -j ACCEPT -A FORWARD -i lo -j ACCEPT -A FORWARD -i eth+ -j ACCEPT -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Wed Nov 9 13:37:50 2011 # Generated by iptables-save v1.4.7 on Wed Nov 9 13:37:50 2011 *nat :PREROUTING ACCEPT [4:650] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3129 COMMIT 2) I configurated my squid.conf about http_port and it work well. http_port 3128 transparent 3) About SSL I setted this: https_port 3129 transparent key=/etc/squid/ssl/myhost.com-private.pem cert=/etc/squid/ssl/myhost.com-certificate.pem but about https not work. If I use this command lsof -n -i -P | grep squid about the squid I see also: squid 6483 squid 6u IPv4 155998 0t0 UDP *:43053 squid 6483 squid 13u IPv4 156001 0t0 TCP *:3128 (LISTEN) squid 6483 squid 14u IPv4 156003 0t0 UDP *:3130 and I not see 3129 port. Any suggestions?
