On 27/09/18 8:43 PM, Ralf Hildebrandt wrote: > I recompiled my squid-5 with openssl and added > > ssl_bump peek all > ssl_bump splice all > > to my squid.conf. What logging should I expect to verify it's actually > working? >
Depends on what you mean by 'working'. Splicing will show up as access.log CONNECT messages to raw-IP on port 443 with 0ms duration and probably TCP_NONE status. Followed by CONNECT from same client IP with either raw-IP or a domain, TCP_TUNNEL status and non-0 duration. These pairs may only be identifiable by using the duration to find that they started at identical time from the same client. The log entries will be separated by that duration. 'working' can also mean detecting TLS errors and rejecting them. Which shows up as https:// requests being bumped and denied with a 5xx error status. Amos _______________________________________________ squid-users mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-users
