----- Original Message -----
> From: Amos Jeffries <squ...@treenet.co.nz>
> To: squid-users@squid-cache.org
> Cc:
> Sent: Wednesday, 6 March 2013 11:36 AM
> Subject: Re: [squid-users] Bypassing SSL Bump for dstdomain
>
> On 6/03/2013 1:40 p.m., Alex Rousskov wrote:
>> On 03/05/2013 03:09 AM, Amos Jeffries wrote:
>>
>>
>>> Squid tunnel functionality requires a CONNECT wrapper to generate
>>> outgoing connections.
>>> It is not yet setup to do the raw-TCP type of bypass the intercepted
>>> traffic would require.
>> Are you sure? IIRC, "ssl_bump none" tunneling code works for
> intercepted
>> connections, and that is what we claim in squid.conf:
>
> Hmm. Yes I see the code now.
>
> Looks like it should work form IPv4 but IPv6 intercepted HTTPS might be
> missing the [] around the IP.
>
> Amos
>
I just tried 443 port interception with sslbump and is working perfectly.
If sslbump none applies for request then it passes requests as is:
Log shows something like this:
1362574305.069 90590 192.168.1.1 TCP_MISS/200 3600 CONNECT 23.63.101.48:443 -
HIER_DIRECT/23.63.101.48 -
if sslbump server-first applied for request then log shows:
1362574001.569 294 192.168.1.1 TCP_MISS/200 515 GET
https://mail.google.com/mail/images/c.gif? - PINNED/2404:6800:4009:801::1015
image/gif
(Note: URL may not be same in both cases, these are just example)
I dont have IPv6, why is it showing IPv6 address, in 2nd case?
Using squid 3.3.2.
Regards
Amm
