Hi,
The MikroTik router I am using has 24 ports.
There is 4 department and for each department 4 ports of Mikrotik is given.
That is
Department A has 4 computers and each of them is connected with ethernet cable from port 4,5,6 and 7 of Mikrotik Router.
Department B, C, and D have the same number of the computer as Department A and they are connected to 8,9,10,11 and 12,13,14,15 and 16,17,18,19 port of Mikrotik respectively with the ethernet cable.
Each department is in different network (different private IP range).
Each department is later combined into each bridge interface.
Port 20 of Mikrotik is connected to Unifi-AP, which is broadcasting WiFi signals. Mobile devices and Laptop which are not connected via ethernet cable uses WiFi signals.
One of the port from Department A is connected to Raspberry Pi where squid is configured.
Now what I want to do is log all the web traffic that is requested from those devices which are using WiFi.
I have attached the configuration of squid and Mikrotik which I had done for HTTP. (Please note that when I had done this for HTTP, the squid wasn't configured with --enable-SSL or --enable-crtd)
I had referred some online sites to do for HTTPS but none of them worked. Please help if anyone knows how to log all HTTPS request.
I have attached document regarding the rules applied in Mikrotik and squid3 configuration for HTTP.
----
http://www.nepallink.net || Link Road, Khusibu
Helen Rai
Platform operations, Nepallink
44260822 || 9841262275 || support@xxxxxxxxxxxxx http://www.nepallink.net || Link Road, Khusibu
On Mon, Jul 30, 2018 at 7:34 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
On 30/07/18 22:58, Helen Rai wrote:
> Hi,
>
> I am using Mikrotik Routerboard Model CRS125-24G-1S-2HnD which Links
> the internal network with WAN. One of the port is connected with WiFi
> Router which is broadcasting WiFi signal. Some of the devices work on
> WiFi network. I have installed squid3 (Version 3.5.27) in Raspberry Pi
> which is also connected with Mikrotik. Squid is installed with --enable-SSL.
>
The --enable-ssl option was removed in Squid-3.5.
<http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.28- >.RELEASENOTES.html#ss4.3
Use --with-openssl instead, and ensure the Debian libssl1.0-dev package
is installed when building.
To see any URLs inside the HTTPS you will need --enable-ssl-crtd.
> Now, what I want to do is Redirect or log all the HTTP and HTTPS
> requests are done from devices which are in WiFi network to squid proxy
> server.
>
> I have tried doing it for months now, I am able to log all HTTP traffic
> but am unable to do it for HTTPS.
>
> Please help me with this and if you need any detail from me, please
> contact me.
>
If using the correct build option(s) does not resolve your problem we
will need to know what the Mikrotik routign settings, Rasberry Pi
routing and NAT settings, and squid.conf *_port lines are to provide any
assistance.
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
Attachment:
Mikrotik_rules
Description: Binary data
Attachment:
squid_conf
Description: Binary data
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
