- Original Message -
From: Amos Jeffries squ...@treenet.co.nz
To: squid-users@squid-cache.org
Cc:
Sent: Thursday, 7 March 2013 1:11 PM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 7/03/2013 7:22 p.m., Amm wrote:
snip
For testing, URL was accessed
On 7/03/2013 10:54 p.m., Amm wrote:
- Original Message -
From: Amos Jeffries squ...@treenet.co.nz
To: squid-users@squid-cache.org
Cc:
Sent: Thursday, 7 March 2013 1:11 PM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 7/03/2013 7:22 p.m., Amm wrote:
snip
- Original Message -
From: Amos Jeffries squ...@treenet.co.nz
To: squid-users@squid-cache.org
Cc:
Sent: Friday, 8 March 2013 2:47 AM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 7/03/2013 10:54 p.m., Amm wrote:
- Original Message -
[%h{Host
- Original Message -
From: Amos Jeffries squ...@treenet.co.nz
To: squid-users@squid-cache.org
Cc:
Sent: Wednesday, 6 March 2013 11:36 AM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 6/03/2013 1:40 p.m., Alex Rousskov wrote:
On 03/05/2013 03:09 AM, Amos
On 03/06/2013 06:15 AM, Amm wrote:
On 03/04/2013 10:11 PM, Amm wrote:
# Let user specify domains to avoid decrypting, such as internet
banking
acl bump-bypass dstdomain .commbank.com.au
ssl_bump none bump-bypass
ssl_bump server-first all
This will not work for intercepting
On 7/03/2013 2:03 a.m., Amm wrote:
- Original Message -
From: Amos Jeffries
On 6/03/2013 1:40 p.m., Alex Rousskov wrote:
On 03/05/2013 03:09 AM, Amos Jeffries wrote:
Squid tunnel functionality requires a CONNECT wrapper to generate
outgoing connections.
It is not yet setup
- Original Message -
From: Amos Jeffries squ...@treenet.co.nz
To: squid-users@squid-cache.org
Cc:
Sent: Thursday, 7 March 2013 4:11 AM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 7/03/2013 2:03 a.m., Amm wrote:
I just tried 443 port interception
On 7/03/2013 5:30 p.m., Amm wrote:
- Original Message -
From: Amos Jeffries
On 7/03/2013 2:03 a.m., Amm wrote:
I just tried 443 port interception with sslbump and is working perfectly.
If sslbump none applies for request then it passes requests as is:
Log shows something like
- Original Message -
From: Amos Jeffries squ...@treenet.co.nz
To: squid-users@squid-cache.org
Cc:
Sent: Thursday, 7 March 2013 11:19 AM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 7/03/2013 5:30 p.m., Amm wrote:
- Original Message -
From: Amos
On 7/03/2013 7:22 p.m., Amm wrote:
- Original Message -
From: Amos Jeffries
On 7/03/2013 5:30 p.m., Amm wrote:
- Original Message -
From: Amos Jeffries
On 7/03/2013 2:03 a.m., Amm wrote:
I just tried 443 port interception with sslbump and is working
perfectly.
On 5/03/2013 6:11 p.m., Amm wrote:
From: Dan Charlesworth d...@getbusi.com
To: squid-users@squid-cache.org
Sent: Tuesday, 5 March 2013 10:21 AM
Subject: [squid-users] Bypassing SSL Bump for dstdomain
Hi
I've recently set up a very simple Squid 3.3.1 deployment
To: squid-users@squid-cache.org
Sent: Tuesday, 5 March 2013 10:21 AM
Subject: [squid-users] Bypassing SSL Bump for dstdomain
Hi
I've recently set up a very simple Squid 3.3.1 deployment to test out
Server First bumping and Mimicking in a REDIRECT type intercept
configuration.
It's
On 03/05/2013 03:09 AM, Amos Jeffries wrote:
Squid tunnel functionality requires a CONNECT wrapper to generate
outgoing connections.
It is not yet setup to do the raw-TCP type of bypass the intercepted
traffic would require.
Are you sure? IIRC, ssl_bump none tunneling code works for
On 03/04/2013 10:11 PM, Amm wrote:
# Let user specify domains to avoid decrypting, such as internet banking
acl bump-bypass dstdomain .commbank.com.au
ssl_bump none bump-bypass
ssl_bump server-first all
This will not work for intercepting traffic. Because domain is known
only after SSL
- Original Message -
From: Alex Rousskov rouss...@measurement-factory.com
To: squid-users@squid-cache.org squid-users@squid-cache.org
Cc:
Sent: Wednesday, 6 March 2013 6:20 AM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 03/04/2013 10:11 PM, Amm wrote
On 6/03/2013 1:40 p.m., Alex Rousskov wrote:
On 03/05/2013 03:09 AM, Amos Jeffries wrote:
Squid tunnel functionality requires a CONNECT wrapper to generate
outgoing connections.
It is not yet setup to do the raw-TCP type of bypass the intercepted
traffic would require.
Are you sure? IIRC,
On 03/05/2013 09:15 PM, Amm wrote:
- Original Message -
From: Alex Rousskov rouss...@measurement-factory.com
To: squid-users@squid-cache.org squid-users@squid-cache.org
Cc:
Sent: Wednesday, 6 March 2013 6:20 AM
Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
On 03/04
Hi
I've recently set up a very simple Squid 3.3.1 deployment to test out Server
First bumping and Mimicking in a REDIRECT type intercept configuration.
It's working quite nicely, but I'm trying to accommodate a scenario where an
admin would like to disable bumping for certain webistes, for
From: Dan Charlesworth d...@getbusi.com
To: squid-users@squid-cache.org
Sent: Tuesday, 5 March 2013 10:21 AM
Subject: [squid-users] Bypassing SSL Bump for dstdomain
Hi
I've recently set up a very simple Squid 3.3.1 deployment to test out Server
First bumping
19 matches
Mail list logo