When HTTP traffic is forwarded with Squid all is ok, because the proper X-FORWARDED-FOR header is set and we are able to identify the request issuer. When Squid forwards HTTPS traffic to us, situation is different, because the only IP which we are able to "see" is that one of the Squid server.
Now, my question ... is there a way to instruct Squid to create some kind of tunnel and to forward the HTTPS traffic through it?
Hmm. Squid supports proxying https connections, and it will create a tunnel between itself and the SSL server on the other side (using DIRECT rather than an HTTP GET method).
However, once you've gotten that SSL tunnel formed, what goes through it is opaque to Squid: Squid cannot add headers or do anything of that sort without violating the encryption.
-- -Chuck
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
