Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-30 Thread Amm
- Original Message - From: csn233 csn...@gmail.com To: Amm ammdispose-sq...@yahoo.com Cc: Sent: Tuesday, 30 July 2013 2:03 PM Subject: Re: [squid-users] Basic questions on transparent/intercept proxy Thanks to all who replied. Looks like the ssl_bump none all is required

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-30 Thread csn233
Please use reply all instead of reply! For intercepted proxy, you only use HTTP/HTTPS interception. So browser will access FTP site directly. (Unless you have blocked/redirected FTP port) Amm. Clicked wrong button... It's to do with the requirement to log all traffic, including FTP, as well

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-30 Thread Amos Jeffries
On 30/07/2013 9:28 p.m., csn233 wrote: Please use reply all instead of reply! For intercepted proxy, you only use HTTP/HTTPS interception. So browser will access FTP site directly. (Unless you have blocked/redirected FTP port) Amm. Clicked wrong button... It's to do with the requirement to

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-29 Thread Amm
- Original Message - From: csn233 csn...@gmail.com To: squid-users@squid-cache.org squid-users@squid-cache.org To intercept HTTPS traffic, is SSL-bump a must? Even when I only want to record the CONNECT traffic in access.log just like a normal forward proxy without decrypting

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-29 Thread csn233
On Sun, Jul 28, 2013 at 9:11 PM, Amm ammdispose-sq...@yahoo.com wrote: - Original Message - From: csn233 csn...@gmail.com To: squid-users@squid-cache.org squid-users@squid-cache.org To intercept HTTPS traffic, is SSL-bump a must? Even when I only want to record the CONNECT traffic in

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-29 Thread Amm
From: csn233 csn...@gmail.com Sent: Monday, 29 July 2013 10:40 PM Subject: Re: [squid-users] Basic questions on transparent/intercept proxy On Sun, Jul 28, 2013 at 9:11 PM, Amm ammdispose-sq...@yahoo.com wrote: - Original Message - From: csn233 csn...@gmail.com To: squid-users

[squid-users] Basic questions on transparent/intercept proxy

2013-07-28 Thread csn233
To intercept HTTPS traffic, is SSL-bump a must? Even when I only want to record the CONNECT traffic in access.log just like a normal forward proxy without decrypting anything? Is this any different with TPROXY?

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-28 Thread Eliezer Croitoru
On 07/28/2013 03:37 PM, csn233 wrote: To intercept HTTPS traffic, is SSL-bump a must? Even when I only want to record the CONNECT traffic in access.log just like a normal forward proxy without decrypting anything? Is this any different with TPROXY? Indeed SSL-bump is a must.. You will be

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-28 Thread Amos Jeffries
On 29/07/2013 2:30 a.m., Eliezer Croitoru wrote: On 07/28/2013 03:37 PM, csn233 wrote: To intercept HTTPS traffic, is SSL-bump a must? Even when I only want to record the CONNECT traffic in access.log just like a normal forward proxy without decrypting anything? Is this any different with

Re: [squid-users] Basic questions on transparent/intercept proxy

2013-07-28 Thread Alex Rousskov
On 07/28/2013 05:21 PM, Amos Jeffries wrote: On 29/07/2013 2:30 a.m., Eliezer Croitoru wrote: On 07/28/2013 03:37 PM, csn233 wrote: To intercept HTTPS traffic, is SSL-bump a must? Even when I only want to record the CONNECT traffic in access.log just like a normal forward proxy without