Hey All, I have been working on couple tools which are using my drbl-peer library. - external acl helper - dns blacklist server - and couple others.. I took a dns proxy server named grimd and upgraded it since the developer didn't responded fast enough. This dns proxy has a nice feature that allows it to "blackhole" A and AAAA queries for blacklisted domains. I can define the IPv4 and IPv6 host which will be the "blackhole" and it's all playing well with plain HTTP(port 80). But with HTTPS I want to be able to intercept all traffic and pass it into the http cache-peer. I am not sure what would be the best way to do it with squid but I was thinking about something like: - peek client SNI - bump client first(compared to server first) And I can use the same Root CA key+certificate that exists on the main squid on interception instance. I am not sure what version of Squid-Cache to use for this test (3.5.27 or 4.0.21). The main thing I am not sure about such a setup is that the target ip:443 would be the "blackhole" squid instance itself and not the original server ip address. Would it matter at all if the destination ip is the Squid instance on port 443? (I will try to use iptables nat REDIRECT from port 443 to 23129 which would be an intercept port) Thanks, Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
