On 4/09/19 2:59 am, fansari wrote:
> OK - I cannot figure out the whole requirement right now.
>
> In case it will not not work like this: with a) you mean "intercept" and
> with b) "tproxy"?
>
No for (b) I mean "TLS explicit". New connections from clients start
with TLS handshake immediately, n
On 03.09.19 11:44, fansari wrote:
Seems that intercept is easier than tproxy.
FYI, tproxy means incercept AND changing outgoing IP address to the IP
address of the original client.
yes, intercept alone is easier, because tproxy means implementing
intercepting and something in addition.
nowada
Seems that intercept is easier than tproxy.
I have now this config:
acl wifi_net src xxx.xxx.0.0/24
acl our_proxy localip xxx.xxx.0.1/32
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports por
OK - I cannot figure out the whole requirement right now.
In case it will not not work like this: with a) you mean "intercept" and
with b) "tproxy"?
Which of these scenarios would you recommend in case http_port will not do
for us?
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble
On 4/09/19 1:21 am, fansari wrote:
> I have tested this and it is working.
>
> This is what I said: when I use this http_port directive then it works.
>
> So what is still unclear to me is: what is this https_port directive for? I
> understood from one of you answers I found to someone else that
I have tested this and it is working.
This is what I said: when I use this http_port directive then it works.
So what is still unclear to me is: what is this https_port directive for? I
understood from one of you answers I found to someone else that this will
lead to something like double stacked
On 4/09/19 12:29 am, fansari wrote:
> Thank you for your reply.
>
> If I drop the keyword "intercept" I get this error message when starting
> squid:
>
> FATAL: ssl-bump on https_port requires tproxy/intercept which is missing.
>
> Using "tproxy" does not help me either - I also end up with 403.
Thank you for your reply.
If I drop the keyword "intercept" I get this error message when starting
squid:
FATAL: ssl-bump on https_port requires tproxy/intercept which is missing.
Using "tproxy" does not help me either - I also end up with 403.
What I want to achieve with my scenario is just ca
On 3/09/19 8:46 pm, fansari wrote:
> I have to setup a TLS proxy connection between client and squid. My config is
> working with http_port (without TLS) but as soon as I try https_port it does
> not work (squid 3.5.23 compiled with --enable-ssl' '--enable-ssl-crtd'
> '--with-openssl').
>
> What I
I have to setup a TLS proxy connection between client and squid. My config is
working with http_port (without TLS) but as soon as I try https_port it does
not work (squid 3.5.23 compiled with --enable-ssl' '--enable-ssl-crtd'
'--with-openssl').
What I am trying to achieve is a proxy for https cont
10 matches
Mail list logo
