On Tuesday, April 21, 2020, 8:29:28 AM GMT+2, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > > Please see the FAQ: > <https://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Why_can.27t_I_use_authentication_together_with_interception_proxying.3F> > > Why bother with the second proxy at all? The explicit proxy has access > to all the details the interception one does (and more - such as > credentials). It should be able to do all filtering necessary. Can the explicit proxy ssl-bump HTTPS traffic and thus analyze traffic with ICAP + squidclamav, for instance? Simply put, will I be able to block, eg. https://secure.eicar.org/eicarcom2.zip not by mimetype, file extension, url matching, etc., but by analyzing its content with clamav via ICAP? > TPROXY and NAT are for proxying traffic of clients which do not support > HTTP proxies. They are hugely limited in what they can do. If you have > ability to use explicit-proxy, do so. Unfortunately, some programs don't support proxies, or we simply don't care and want to force-filter traffic anyway. Vieri _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
