On 09/06/17 16:05, Jason Chiu wrote:
test case 2: ----------------------------------------- but I want use transparent mode (intercept with PF rdr). intercept mode add the following acl rule : acl bumpedPorts myportname 3129 http_access allow CONNECT bumpedPorts ..... https_port 3129 intercept ssl-bump cert=/usr/local/squid/ssl_cert/myCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB access.log no appear TCP_DENIED/200 0 CONNECT 127.0.0.1:3129 but client web browser has been waiting and no response.
Ah, sorry I should have remembered this earlier: <http://www.squid-cache.org/Versions/v3/3.4/RELEASENOTES.html#ss2.4> TL;DR: Add --with-nat-devpf to your build options for FreeBSD. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
