There's stuff in Squid-3 (sslbump) for pulling apart the SSL stream.
A more lightweight version to implement basic ACL processing and act as a
sort of stepping stone for further testing wouldn't be that difficult
to code up.
Adrian
On Mon, Apr 07, 2008, anesthes@cisdi.com wrote:
> Assuming this does not 'work' by default, does a hack exist to make
> transparent SSL proxy work in the same way that transparent HTTP works?
>
> I have a need to redirect dst port 443 traffic to Squid for acl
> analysis. Obviously this works as intended by configuring the browser
> to manually send HTTPS traffic to the HTTPS proxy, but does not work
> with transparent redirect under Linux.
>
> -- Joe
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -Received on Mon Apr 07 2008 - 11:01:55 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 30 2008 - 12:00:07 MDT