I'm using squid 3.5.3 to intercept https without issuing the client certificate. https_port 3127 intercept ssl-bump generate-host-certificates=off cert=certs/squid.pem ssl_bump none all So my squid access log is similar to this. Is there any way to make it more meaningful? perhaps hostname? ............................... 1568902948.817 65168 10.1.0.1 TCP_TUNNEL/200 891 CONNECT 157.240.16.63:443 - ORIGINAL_DST/157.240.16.63 - 10.1.0.1 1568903081.342 240109 10.1.0.1 TCP_TUNNEL/200 458 CONNECT 172.217.163.132:443 - ORIGINAL_DST/172.217.163.132 - 10.1.0.1 1568903132.645 240133 10.1.0.1 TCP_TUNNEL/200 99047 CONNECT 172.217.31.214:443 - ORIGINAL_DST/172.217.31.214 - 10.1.0.1 ............................... -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
