Re: SSL transparent proxy hack?

From: Adrian Chadd <adrian@dont-contact.us>
Date: Tue, 8 Apr 2008 01:19:26 +0800

There's stuff in Squid-3 (sslbump) for pulling apart the SSL stream.

A more lightweight version to implement basic ACL processing and act as a
sort of stepping stone for further testing wouldn't be that difficult
to code up.

Adrian

On Mon, Apr 07, 2008, anesthes@cisdi.com wrote:
> Assuming this does not 'work' by default, does a hack exist to make
> transparent SSL proxy work in the same way that transparent HTTP works?
>
> I have a need to redirect dst port 443 traffic to Squid for acl
> analysis. Obviously this works as intended by configuring the browser
> to manually send HTTPS traffic to the HTTPS proxy, but does not work
> with transparent redirect under Linux.
>
> -- Joe

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
Received on Mon Apr 07 2008 - 11:01:55 MDT

This archive was generated by hypermail 2.2.0 : Wed Apr 30 2008 - 12:00:07 MDT