On 2016-05-18 08:14, se@xxxxxx wrote:
Hello! I am currently setting up a squid server, which should serve as a transparent proxy in our network. We mainly need it to do the following: Allow and Block Domains on HTTP and HTTPS protocol (withOUT bumping the traffic). We only want to allow domain names on the SSL port, no URLs. It actually works fine for HTTP, but I can't configure the "peek and splice" method for the HTTPS traffic. I have come to a point, where HTTP access is being filtered exactly as I wanted to, but following odd error occures when visiting HTTPS sites: When using "https_port 10.0.0.222:3130 cert=/root/cert.pem key=/root/key.pem ssl-bump intercept" I get an Access Denied Error for any Website I try to access, which occured while "trying to retrieve the URL: 10.0.0.222:3130"! If I configure the https_port option with "accel vhost allow-direct" like the http_port, the allowed Pages work fine but with squid's certificate. Somewhere the Squid seems to redirect his actual https traffic back to itself when using the "intercept" option and that is why I cannot use the splice method. You can find my configuration files on http://kpa.gr/squid-conf/ Thanks very much in advance, Pantelis W _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
Read: http://thread.gmane.org/gmane.comp.web.squid.general/114384/focus=114389 I'm doing exactly what you're wanting. James _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users