On 5/06/2015 10:22 a.m., Amos Jeffries wrote: > On 5/06/2015 3:59 a.m., Atman Sense wrote: >> Hi, >> >> I'm using privoxy in transparent/intercepting mode to filter tracking >> sites. Because many sites switched to https I want to block https sites, >> too (only by hostnames, I don't want to decrypt the SSL connections). >> >> My idea was to use squid to intercept https connections and peek/splice >> to get the hostname via SNI. >> >> The problem is: When using a parent proxy, squid always "CONNECT" the IP >> and not the hostname, even if it is aware of it through SNI. Can I get >> squid to use the hostnames instead of IPs? Sorry, I was not reading your questio fully and correctly. The default log records the requested URL. On intercepted TLS connections there is none (just raw-IP:port), SNI is its own thing separately. You can log SNI, but with the custom log format tag %ssl::>sni Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
