On 2014-02-26 16:15, Jerry OELoo wrote:
Hi All: I am new to Squid, I want to try its SSL Bump, Please kindly check as below. Thanks in advance. Network topology: A, client, Windows7, IP: 10.64.12.100, B, Proxy server, Ubuntu, running Squid, IP: 10.64.12.101
Okay. However that log snippet below says that the website your client is trying to connect to is being hosted on 10.64.12.100 port 32843.
kid1| ERROR: NF getsockopt(ORIGINAL_DST) failed on local=10.64.12.101:3130 remote=10.64.12.100:32843 FD 12 flags=33: (92) Protocol not available
How is the interception being done?
# Https Port https_port 3130 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/etc/squidcert/certs/proxyCert.pem key=/usr/local/etc/squidcert/private/proxyKey.pem
This port configuration requires NAT interception. Amos
