Re: [squid-users] Basic questions on transparent/intercept proxy

From: Amm <ammdispose-squid_at_yahoo.com>
Date: Tue, 30 Jul 2013 01:59:39 +0800 (SGT)

> From: csn233 <csn233_at_gmail.com> >Sent: Monday, 29 July 2013 10:40 PM >Subject: Re: [squid-users] Basic questions on transparent/intercept proxy >On Sun, Jul 28, 2013 at 9:11 PM, Amm <ammdispose-squid_at_yahoo.com> wrote: >> ----- Original Message ----- >> >>> From: csn233 <csn233_at_gmail.com> >>> To: "squid-users_at_squid-cache.org" <squid-users_at_squid-cache.org> >> >>>To intercept HTTPS traffic, is SSL-bump a must? Even when I only want >>> to record the CONNECT traffic in access.log just like a normal forward >>> proxy without decrypting anything? >> >> No. But it will log only IPs not the host name or URL. >> >> Amm >No, as in ssl-bump is not a requirement for HTTPS traffic to be >logged? Your answer seems to be different from other replies. Can you >provide examples of how? I am not sure if I understood your previous question right. I think what others said is right. Here is what I have done. (simplified version) https_port 8081 intercept ssl-bump generate-host-certificates=on cert=/etc/squid/ssl_cert/squid.pem #ssl_bump none all #<--- this line is not required So ssl-bump as a keyword is required on https_port but you dont need ssl_bump ACL line (by default it bumps nothing). Traffic will be logged just as IP. (Not actual hostname) Regards, Amm.
Received on Mon Jul 29 2013 - 19:01:13 MDT

This archive was generated by hypermail 2.2.0 : Tue Jul 30 2013 - 12:00:27 MDT