Deb Heller-Evans wrote:
> Meanwhile, Joe Cooper says:
> |
> | If you are performing interception (transparent) proxying, as I seem to
> | recall you are, your Squid isn't seeing those packets. Squid doesn't
> | handle tunnelling of SSL requests unless the browser is explicitly
> | configured to use the proxy--so you can't redirect 443 over to Squid,
> | and if it isn't redirected then Squid doesn't see them.
>
> Wow, have you ever illuminated the holes in my knowledge. It all
> begins to make more sense to me (See that LightBulb over my head?
> See how it is getting brighter??).
Good. That's what we're here for.
> | If VirusWall can be used in an interception configuration even with SSL
> | connections (it is possible I think, and Henrik has explained some time
> | ago on this list how it could be accomplished), then you may wish to
> | implement some form of port forwarding to redirect SSL requests on port
> | 443 over to the VirusWall. It will then log those requests, I presume.
> | As it is, it never sees them either.
>
> Hmmm... I didn't catch this discussion in the archives - I'll have to
> do another search.
I should point out that Henrik explained how it could be implemented,
but it would require significant programming to do it. It's not a
simple configuration change. So may not be worth searching for, except
for further illumination of the topic.
> | If you aren't using interception proxying, and your browsers are
> | explicitly configured, then just fill in the Squid address for all of
> | your clients SSL connections in addition to HTTP. You'll get logging of
> | those requests just like any other.
>
> Actually, I'm testing both interception and explicit proxying
> config's to see which would gain us the better control, logging,
> and response times - not necessarily in that order!
>
> Joe, Thanks for the tips. I appreciate your clarity. More work to do!
You're welcome.
--
Joe Cooper <joe@swelltech.com>
Affordable Web Caching Proxy Appliances
http://www.swelltech.com
Received on Fri Oct 05 2001 - 12:42:28 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:37 MST