On 09/14/2016 12:56 PM, erdosain9 wrote: > If i put > > acl step1 at_step SslBump1 > acl excludeSSL ssl::server_name_regex web/.whatsapp/.com > > ssl_bump peek step1 > ssl_bump splice excludeSSL > ssl_bump bump all > > I dont get nothing about web.whatsapp.com in access.log What kind of CONNECT requests do you get logged in this case? > But if i change config to > > ssl_bump stare all > ssl_bump bump all > > I get this Access.log. > > > 1473879403.629 1030 192.168.1.172 TAG_NONE/200 0 CONNECT > web.whatsapp.com:443 - HIER_DIRECT/31.13.85.51 - I would expect a logged CONNECT for the splicing case as well (assuming splicing works). If Squid knows the server name (and a matching excludeSSL implies that it does), then Squid should log it when logging CONNECT after the spliced connections terminate. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
