Good day to You on the other side! Not sure where to ask this, so I`m just going to do it here. If this is the wrong place, please redirect me to the appropriate one. I`m a squid user and an administrator in a company and I`ve been requested to produce a HTTPS traffic inspection tool. I`ve decided to use your software, but I would need to be able to act more freely with the traffic at its unencrypted state. More specifically I would like to pass the traffic through Suricata software first. I understand that there is an "outline" option to suricata that I even would know how to configure to work, but I need it to be inline with squid to be able to drop traffic if needed. Suricata only works with unencrypted traffic and even if I feed it the encryption key, so I need to be able to run squid -> decrypt the traffic and apply some rules -> pass it to suricata for serious inspection -> pass it back to squid (if not dropped) -> encrypt it as normal and forward it. I`ve been turning the internet upside down for an open source solution for this issue, that provides whitelisting, automatic certificate generation and ability to work with an IPS inline. None do so, but squid is the best option since it does everything asked besides the IPS. So I would like to know if you could give me some answers to questions: Are you planning to develop such an option in the future? Is there a way to do this now? And last but not least: If I would decide to modify the code or write a plugin myself, could you suggest where to do it or what parts of the code should I look at. Thank you very much and I will be looking forward to hearing from you. Sincerily, Network administrator Ģirts. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
