On 17.01.10 00:42, anand phulwani wrote:
> My problem is ,i am using squid 2.7 as a transparent proxy on Ubuntu
> Server 9.10 on Sun VirtualBox and my network is divided into two groups,
> to one i want to allow gtalk & gmail and to other i want to allow just
> gmail.
>
> I came to know that one solution could be WPAD/PAC.
> But I am looking for other alternative. i tried
> a) Recompiling it with --enable-ssl and installing,which allowed me to control gtalk
> but it stopped opening gmail.com
> b) So i thought of redirecting 0:442, 444:65535 to port 3128(http_port) and masquerading port 443.this allowed gmail,but removed the access control over gtalk
> c) then i reverted to snapshot when i repeated the step a ,my gtalk is unable to connect, i dont understand what had i missed(there is something i have missed i just dont know what i am missing).
> d) then i tried 3129(https_port) and generated key and certificate as a wild try.but still gtalk is unable to connect.
> Also I Would Like To Ask
> e)Can I Use Squid 3.0 For HTTPS?, although it is still not maintained by ubuntu core developers and is not quoted as stable.Is it reliable?.
no. intercepting (called transparent proxying) SSL protocols is not possible
without dangerous side-effects.
Also, intercepting other protocols than HTTP is mostly impossible.
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One OS to rule them all, One OS to find them, One OS to bring them all and into darkness bind themReceived on Tue Jan 26 2010 - 08:55:40 MST
This archive was generated by hypermail 2.2.0 : Tue Jan 26 2010 - 12:00:04 MST