from http://wiki.squid-cache.org/Features/SslPeekAndSplice # Better safe than sorry: # Terminate all strange connections. ssl_bump splice serverIsBank ssl_bump bump haveServerName ssl_bump peek all ssl_bump terminate all I am not sure how haveServerName is constructed I read this as 1) splice the connection if it meets ACL serverIsBank 2) bump the connection (MTM) if acl haveServerName is meet 3) try and peek the ssl connection . which I understands is start MTM whilst keeping the ability to splice. I presume this means look at the client cert and the server cert ? so you get more info.... But this doesn't stop the process ? 4) terminate all that get here. again nothing stops at #3 it just gathers more info ? Is my understanding right ??? _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
