Search squid archive

Re: ssl-bump does not redirect to block page

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/02/19 3:52 am, leo messi wrote:
> Hi
> My squid config is something like this:
> acl blk ssl::server_name .google.com
> http_access deny blk
> http_access allow all
> 
...
> 
> acl step1 at_step SslBump1
> ssl_bump peek step1
> ssl_bump splice all
> 
> 
> My problem is when i block some pages like google.com,my firefox browser
> show "secure connection failed",but i want it to show block page or
> warning page, how can i do this?


You have chosen to splice the traffic. So far only TCP SYN packet and
TLS clientHello have happened. There is no HTTP request to 'redirect'.

To cause anything at all to display in the browser you require fully
decrypting the traffic. aka the 'bump' action.
Please see <https://wiki.squid-cache.org/Features/SslPeekAndSplice>


Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux