Search squid archive

peek & splice only to log ssl info

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

I'll upgrade some debian servers to debian 10 where squid-ssl package (4.13) is available and I'm searching for way to enhance current logging of CONNECT requests to include SSL data - SNI servername and possibly basic certificate info.

I only intend to splice connections but after repeated reading https://wiki.squid-cache.org/Features/SslPeekAndSplice I still don't understand parts of the logic.

- is the combination described at:
https://wiki.squid-cache.org/Features/SslPeekAndSplice#Basic_Splicing_and_Bumping
enough for logging SNI and cert info?

- are peek and they completely equal at step 1?

- what's the difference between peek and splice that makes it impossible (most of the time) to splice (stare) or bump (peek) the connection?
  I guess I don't really need to know this one but I'm curious.


thanks for comments.

--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Your mouse has moved. Windows NT will now restart for changes to take
to take effect. [OK]
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux