On 06/30/2016 09:10 AM, Amos Jeffries wrote: ...
The on_unsupported_protocol directive is about what its name says *any* unsupported protocol. Not ICQ specific. I think the issue here is that Skype looks at the binary level like TLS. TLS being a supported protocol if it looks close enough then it would be seen as invalid/broken TLS, not some non-TLS.
Applications may use any protocol that they desire to tunnel through a proxy. They may use TLS+SMTP, TLS+HTTP, TLS+XYZ, RC4+FOO, SSH, VPN, BAR, TXT and many others. Since bumping is intended to only interfere with TLS+HTTP, Squid should bump _only_ TLS+HTTP and not interfere with all other protocols. Squid 3.5 finally made a lot of progress with bumping TLS+HTTP and the missing piece to be able to use it in many environments is a mechanism to deal with all other protocols (non TLS+HTTP). The first step is to not break applications. The second step is to have mechanisms to decide what to do with the other protocols, since most admins want to block SSH and VPN, while allowing Skype and BAR. Marcus
Sory Renato, with that not working I'm not sure where to go next. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
