Looking at the squid docs for peek and splice ( http://wiki.squid-cache.org/Features/SslPeekAndSplice ).
# Do no harm: # Splice indeterminate traffic. ssl_bump splice serverIsBank ssl_bump bump haveServerName ssl_bump peek all ssl_bump splice all
So my understanding of this.
splice just passes through.
then we bump everything else ?
then peek
and finally splice all?
Must you bump before peek? I assume so but I'm not sure.
On Tue, Nov 17, 2015 at 3:33 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 18/11/2015 9:24 a.m., Bruce Markey wrote:
> Amos,
>
> I knew something wasn't right.
>
> Ok then I'm going to start there. I had a heck of a time getting
> squidguard to even work due to its reliance on old berkely db packages, I'd
> be happy to see it go.
>
> So that being said. I'm going to lose squidguard. Upgrade squid to 3.5.
>
> I haven't even looked at the 3.5 stuff. How big of a config change am I
> looking at? That being said, upgrade or start fresh?
For the ssl_bump lines yes. They operate very differently, with a bit of
a learning curve around the recursive/repeated ssl_bump processing.
The rest of the config change should be smooth if it was working well
with 3.3. "squid -k parse" can highlight the differences there.
>
> Thanks again. This is the first definitive answer I've gotten!.
>
Welcome.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
