Squid is an ICAP client, not an ICAP server!, and does not repond on port 1344. Marcus
On 02/03/2019 22:29, steven wrote:
Hi, i would like todo modifications on https connections and therefore enabled ssl bump in squid 4.4, now i would like to see the real traffic and icap looks like a way to watch and change that traffic. but squid is not answering to icap://127.0.0.1:1344 when using pyicap or telnet. the telnet error is: telnet 127.0.0.1 1344 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused which is imho good because it tells me that something is answering on that port after all. did i misconfigure something? config: debug_options 28,9 #icap icap_enable on icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/reqmod adaptation_access service_req allow all icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/respmod adaptation_access service_resp allow all acl localnet src 127.0.0.1/32 192.168.10.0/24 http_access allow localnet acl SSL_ports port 443 acl CONNECT method CONNECT #http_access deny !Safe_ports #http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager include /etc/squid/conf.d/* http_access allow localhost coredump_dir /var/spool/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 # default end # my config http_port 3128 accel ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/myCA.pem https_port 3129 ssl-bump intercept generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/myCA.pem sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB acl step1 at_step SslBump1 ssl_bump peek step1 ssl_bump bump all _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
