Search squid archive

Re: Squid Websocket Issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Based on Amos's Answer,

acl serverIsws ssl::server_name .w0.whatsapp.com
acl serverIsws ssl::server_name .w1.whatsapp.com

acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump bump !serverIsws all
ssl_bump splice all 

will above work ?

Or should i splice first and bump all others later?

This is very interesting. I will definitely try this when i will reach office.

On Mon, Dec 19, 2016 at 6:40 PM, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote:
I can give a hint that once you see the request you can identify using an ICAP\ECAP services couple details about the request.
Basically I had a regex which allowed any what's app traffic to be spliced by the SNI domain name.
It should be something like "w[0-9]+\.web\.whatsapp\.com$" to match the required domains for whatsapp to be spliced.
If nobody will try it before me it's on my todo list for this release (3.5.23, 4.0.17).

Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer@xxxxxxxxxxxx


-----Original Message-----
From: squid-users [mailto:squid-users-bounces@lists.squid-cache.org] On Behalf Of Amos Jeffries
Sent: Monday, December 19, 2016 8:51 AM
To: Hardik Dangar <hardikdangar+squid@xxxxxxxxx>
Cc: Squid Users <squid-users@lists.squid-cache.org>
Subject: Re: Squid Websocket Issue

On 19/12/2016 12:14 p.m., Hardik Dangar wrote:
> can you give me one example please ?
> like in the above example.
> w4.web.whatsapp.com domain is fixed
> are you suggesting i can create acl and by pass it to squid ?
>

You are the first person to ask about WhatsApp traffic.

These might be a useful starting point
<http://wiki.squid-cache.org/Features/SslPeekAndSplice#Configuration_Examples>

What the examples are doing for banks is what you want to do for WhatsApp.

The trick though will be figuring out how to splice *before* seeing what type of HTTP request exists inside the tunnel. If you are lucky the app will be using SNI.

Amos

_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux