Hi Amos! Resolved: in squid.conf i have to write ip:port instead of :port. As example, 192.168.10.254:3129 works with interception.
Only with :3129 it does not works! Francesco ________________________________________ Da: squid-users [squid-users-boun...@lists.squid-cache.org] per conto di Job [j...@colliniconsulting.it] Inviato: lunedì 5 ottobre 2015 14.06 A: Amos Jeffries; squid-users@lists.squid-cache.org Oggetto: [squid-users] R: SSL Bump and NF getsockopt failed Hello Amos! >The connection arriving at Squid does not have any NAT records in the >Squid machine kernel. >It is mandatory that NAT be done on the Squid machine. Not on some >remote router (aka CPE "port-forwarding"). The iptables gateway is in the same machine where Squid+SSL bump run. Our transparent proxy for 80/HTTP works perfectly, but users cannot access do https pages. By consolle, if i telnet localhost 3129 (https intecept port), i have no connections, even though in netstat -avn | grep 3129 i have active and listening connections. Please note i use the REDIRECT --to-port command in iptables. Where am i wrong? Thank you! Francesco _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
