Hi,
I'm using privoxy in transparent/intercepting mode to filter tracking
sites. Because many sites switched to https I want to block https sites,
too (only by hostnames, I don't want to decrypt the SSL connections).
My idea was to use squid to intercept https connections and peek/splice
to
Am 2015-06-05 00:22, schrieb Amos Jeffries:
You can block by SNI in the ssl_bump checks without having bumped the
connection.
Like so:
# get the public TLS metadata (includes SNI)
ssl_bump peek all
# block based on SNI matching (or server cert matching)
acl blocked ssl::server_name .examp
