On Thu, Aug 24, 2017 at 5:16 PM, Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > On 08/24/2017 06:00 PM, Aaron Turner wrote: >> So I've deployed squid in forward mode, installed the CA in my web >> clients, etc and have squid working fine for both http and https >> traffic. > > Forgive me for double checking, but is SSL bumping actually working? For > example, do you see individual decrypted HTTPS requests in access.log? Actually, looks like I was misunderstanding the access.log, it was working: 1503620688.280 0 10.93.3.85 TAG_NONE/200 0 CONNECT synfin.net:443 - HIER_NONE/- - ip_index=0,client=- 1503620689.241 947 10.93.3.85 TCP_MISS/200 57810 GET https://synfin.net/sock_stream/ - HIER_DIRECT/45.79.73.39 text/html ip_index=2,client=foobar1 I didn't initially understand that each CONNECT then generates a second entry. As you can see the second line has both the full URI (indicating the SSL got bumped) and decoded my client id (foobar1). > What is your Squid version? 3.5.26 >> One thing I need to do is be able to extract a http request header >> into an external_acl_type: >> >> external_acl_type client_ip_map_0 %>{My-Custom-Client-Id} >> /usr/lib64/squid/user_loadbalance.py 0 4 > > That is not your actual external_acl_type line, I hope. The %>h part > looks malformed. Really? Works and seems to match the instructions indicating "%>{Header}" Thanks, Aaron _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
