When a browser requests https://www.example.com/index.html, Squid with ssl-bump sends two requests to the URL rewriter:
1. CONNECT www.example.com:443
2. GET https://www.example.com/index.html
The URL rewriter must _not_ block the first and send an alternative URL for the second.
Caveat: this works for URLs of sites that use TLS/SSL.
For connections which cannot be bumped (e.g. Skype etc.) Squid only sends
1. CONNECT SO.ME.IP.ADDR:443
Marcus
On 09/01/2015 10:08 PM, Amos Jeffries wrote:
On 2/09/2015 12:59 p.m., Oliver Webb wrote:
Hopefully quite a simple one (to ask anyway!):
In Squid 3.5.7 *with working Peek and Splice* how can I give my url_rewrite_program access to the decrypted URL?
eg. https://example.com/malware-that-the-url-rewriter-will-block.exe.pdf
You need to use "bump" action in ssl_bump to decrypt the traffic (if you
can).
Once the request is decrypted by the "bump" Squid will pass it to the
re-writer like any other URL.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users