Search squid archive

Running squid in intercept mode breaks whatsapp

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Following is my squid config :

http_port 3129 intercept
https_port 3131 intercept ssl-bump cert=/etc/ray/certificates/myCA.pem \
    generate-host-certificates=off dynamic_cert_mem_cache_size=2MB
## For Captive Portal
http_port 3132 intercept
https_port 3133 intercept ssl-bump cert=/etc/ray/certificates/myCA.pem \
    generate-host-certificates=off dynamic_cert_mem_cache_size=1MB

#sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
#sslcrtd_children 5

# TLS/SSL bumping definitions
acl tls_s1_connect at_step SslBump1
acl tls_s2_client_hello at_step SslBump2
acl tls_s3_server_hello at_step SslBump3

# TLS/SSL bumping steps
ssl_bump peek tls_s1_connect all # peek at TLS/SSL connect data
ssl_bump splice all # splice: no active bumping

pinger_enable off
digest_generation off
netdb_filename none
ipcache_size 128
fqdncache_size 128
via off
forwarded_for transparent
httpd_suppress_version_string on
cache deny all
cache_mem 0 MB
memory_pools off
shutdown_lifetime 3 seconds

#logfile_daemon /dev/null
access_log none

#acl good_url dstdomain .yahoo.com
http_access allow all

url_rewrite_program /tmp/squid/urlcat
url_rewrite_children 3 startup=1 idle=1 concurrency=10
#url_rewrite_access allow all
#url_rewrite_extras "%>a/%>A %un %>rm bump_mode=%ssl::bump_mode sni=\"%ssl::>sni\" referer=\"%{Referer}>h\""
url_rewrite_extras "%>a %lp %ssl::>sni"

----------------------------------------------------------------------------------------------

I am redirecting port 80 and port 443 traffic to squid..

I went through some blogs and forums which suggest that Whatsapp seems to send non SSL traffic on port 443 (https://developers.facebook.com/docs/whatsapp/guides/network-requirements/)

And since I am running in intercept mode, it seems to terminate non-SSL traffic as well..

Could someone kindly suggest how to bypass this..
--
Thank You
Chirayu Patel
Truecom Telesoft 
+91 8758484287


_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux