What are the iptables rules for that?
Also look at:
http://wiki.squid-cache.org/EliezerCroitoru/Drafts/SSLBUMP
Eliezer
On 08/14/2014 09:32 AM, agent_js03 wrote:
This doesn't work for me either. Here is my updated squid conf:
/http_port 3128
http_port 3129 intercept
https_port 3130 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB key=/etc/squid3/ssl/private.pem
cert=/etc/squid3/ssl/public.pem
always_direct allow all
ssl_bump deny allowed_sites
ssl_bump allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 5/
When I try to access the web, I get the following error:
The following error was encountered while trying to retrieve the URL: /
Invalid URL
Some aspect of the requested URL is incorrect.
Some possible problems are:
Missing or incorrect access protocol (should be "http://"; or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed.
Your cache administrator is webmaster.
There is no error being output in cache.log. What am I missing here? I
should mention, the proxy works perfectly if I configure my browser to point
to it. However, that completely defeats the purpose: remember, I am trying
to set up a /transparent/ proxy, meaning all web traffic should be
transparently routed to the proxy server. I did as you said and all traffic
should be going to port 3128.
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/HTTP-HTTPS-transparent-proxy-doesn-t-work-tp4667193p4667210.html
Sent from the Squid - Users mailing list archive at Nabble.com.
