I can give a hint that once you see the request you can identify using an ICAP\ECAP services couple details about the request. Basically I had a regex which allowed any what's app traffic to be spliced by the SNI domain name. It should be something like "w[0-9]+\.web\.whatsapp\.com$" to match the required domains for whatsapp to be spliced. If nobody will try it before me it's on my todo list for this release (3.5.23, 4.0.17). Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx -----Original Message----- From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Amos Jeffries Sent: Monday, December 19, 2016 8:51 AM To: Hardik Dangar <hardikdangar+squid@xxxxxxxxx> Cc: Squid Users <squid-users@xxxxxxxxxxxxxxxxxxxxx> Subject: Re: Squid Websocket Issue On 19/12/2016 12:14 p.m., Hardik Dangar wrote: > can you give me one example please ? > like in the above example. > w4.web.whatsapp.com domain is fixed > are you suggesting i can create acl and by pass it to squid ? > You are the first person to ask about WhatsApp traffic. These might be a useful starting point <http://wiki.squid-cache.org/Features/SslPeekAndSplice#Configuration_Examples> What the examples are doing for banks is what you want to do for WhatsApp. The trick though will be figuring out how to splice *before* seeing what type of HTTP request exists inside the tunnel. If you are lucky the app will be using SNI. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
