On Tuesday, April 21, 2020, 8:29:28 AM GMT+2, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
Please see the FAQ:
<https://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Why_can.27t_I_use_authentication_together_with_interception_proxying.3F>
Why bother with the second proxy at all? The explicit proxy has access
to all the details the interception one does (and more - such as
credentials). It should be able to do all filtering necessary.
On 21.04.20 12:33, Vieri wrote:
Can the explicit proxy ssl-bump HTTPS traffic and thus analyze traffic with ICAP + squidclamav, for instance?
yes.
Simply put, will I be able to block, eg.
https://secure.eicar.org/eicarcom2.zip not by mimetype, file extension,
url matching, etc., but by analyzing its content with clamav via ICAP?
without bumping, you won't be able to block by anything, only by secure.eicar.org
hostname.
TPROXY and NAT are for proxying traffic of clients which do not support
HTTP proxies. They are hugely limited in what they can do. If you have
ability to use explicit-proxy, do so.
Unfortunately, some programs don't support proxies, or we simply don't care
and want to force-filter traffic anyway.
of course, but it has drawbacks.
You need to create own certificate and push it to clients/applications.
Some applications may refuse the certificate anyway
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
