Re: [squid-users] HTTPS traffic in normal transparent proxy

From: <viveksnv_at_aol.in>
Date: Wed, 15 Oct 2008 10:23:37 -0400

My configuration is...

http_port 0.0.0.0:3128 transparent

https_port 0.0.0.0:3129 transparent
cert=/usr/local/squid-test/CA/servercert.pem
key=/usr/local/squid-test/CA/serverkey.pem

Iptable rules are:

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT
--to-port 3129

In cache.log

Accepting transparently proxied HTTP connections at 0.0.0.0, port 3128,
FD 12.
Accepting HTTPS connections at 0.0.0.0, port 3129, FD 13

In access.log while accessing https://gmail.com

TCP_MISS/200 2213 CONNECT gmail.com:443

But problem is now gmail not blocked...

In http://gmail.com requests...it's blocked..

Thanks
Vivek N.

On ons, 2008-10-15 at 07:57 -0400, viveksnv_at_aol.in wrote:
>
>
> Thanks Henrik.
>
> i tried with
>
> https_port 0.0.0.0:3129 transparent
> cert=/usr/local/squid/CA/servercert.pem
> key=/usr/local/squid/CA/serverkey.pem
>
> But not working...

Not working in what manner?

Squid rejects the configuration?
Error message in the browser?
Error message in cache.log?

Regards
Henrik

________________________________________________________________________
You are invited to Get a Free AOL Email ID. - http://webmail.aol.in
Received on Wed Oct 15 2008 - 14:20:30 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 16 2008 - 12:00:04 MDT