I know Squid loses some of its capabilities when its set up to run in
Transparent/intercept mode. But looking around I can't find a
definitive answer to the following question:
If squid is set up in transparent mode, can it still tunnel secure
traffic (via the CONNECT method)?
Currently I have this set up with squid acting as a normal proxy
(where the client's browser knows to send traffic to squid) and I can
route any traffic (regular http or https via CONNECT) to my first
squid proxy, and then send it to another squid proxy in the hierarchy.
client --> squid ----> squid ---> destination
I know this works because I can see the CONNECT statements in my
access log for the second squid proxy.
My question is, if I were to set up the first squid proxy to run in
transparent mode--so the client's browser would not have to be set to
direct traffic to the first squid--could I still then route all
traffic in the same way as the above diagram?
It was my understanding that squid takes SSL traffic and wraps it in
HTTP CONNECT and passes it along without ever touching any of it. So
to me it seems like a squid set in transparent mode would just wrap
the SSL traffic up and keep passing it. But I could be mistaken.
Received on Tue Jan 04 2011 - 16:45:27 MST
This archive was generated by hypermail 2.2.0 : Fri Jan 07 2011 - 12:00:02 MST