On 12/12/2014 02:31 AM, Yu-Hsuan Liao wrote:
> I'm trying to using Squid 3.5's new feature peek-and-splice to bypass
> Skype connection
> I'm a little confused about ssl_bump steps,
> the wiki says that
>
> peek Receive client (step SslBump1) or server (step SslBump2)
> certificate while preservi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/12/2014 10:52 p.m., Yu-Hsuan Liao wrote:
>> Only if "skype_list" matches the TCP packet IP address (without
>> rDNS being looked up) will the peek happen.
>
>> I think you need to add at_step ACL test to peek always at
>> step1, then do the oth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/12/2014 10:52 p.m., Yu-Hsuan Liao wrote:
The peek at step1 should be detecting that non-TLS/SSL is occuring.
For the non-HTTP over TLS/SSL... IF you bumped it Squid can still
fallback to tunnel I think, but a slower way than splice normally
wo
> Only if "skype_list" matches the TCP packet IP address (without rDNS
> being looked up) will the peek happen.
> I think you need to add at_step ACL test to peek always at step1, then
> do the other actions at step2 once SNI (domain name) is possibly
> available.
Hello Amos,
What if a non-SSL o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/12/2014 10:31 p.m., Yu-Hsuan Liao wrote:
> Hello everyone,
>
> I'm trying to using Squid 3.5's new feature peek-and-splice to
> bypass Skype connection I'm a little confused about ssl_bump
> steps, the wiki says that
>
> peek Receive client (st
Hello everyone,
I'm trying to using Squid 3.5's new feature peek-and-splice to bypass
Skype connection
I'm a little confused about ssl_bump steps,
the wiki says that
peek Receive client (step SslBump1) or server (step SslBump2)
certificate while preserving the possibility of splicing the
connecti
