Re: [squid-users] can any transparent mode handle SSL and FTP for access control

From: Adrian Chadd <adrian@dont-contact.us>
Date: Mon, 11 Dec 2006 23:17:25 +0800

On Mon, Dec 11, 2006, Shaun Skillin (home) wrote:

> I have squid working fine for HTTP traffic using WCCPv2, and have used
> it with policy routing without issue. I know that squid can't cache SSL
> connections, but is there a way (in a transparent mode, not configuring
> each browser) to use squid for access control of SSL and FTP
> connections?

I've got some ideas for doing SSL access control (based on just source/destination
IPs for the time being) for WCCPv2-intercepted SSL in client-ip-spoofing modes
(eg with TPROXY.)

But it first requires a better WCCPv2 implementation, so I'm working on that in
my spare time.

So, the answer atm is "not without hacking up Squid"..

Adrian

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
Received on Mon Dec 11 2006 - 08:15:52 MST

This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST