Thanks for the reply, Speaking strictly about TPROXY, are there any limitations compared to regular transparent intercept?
We have full control of the network and TCP routing. We have done regular https intercept in the past and is working fine, but now we would like to try TPROXY in bridging mode instead of routing mode. Thanks, On Sat, Feb 15, 2020 at 3:17 AM Amos Jeffries <squ...@treenet.co.nz> wrote: > On 15/02/20 10:28 am, Felipe Polanco wrote: > > Hi, > > > > Can squid running in TPROXY mode intercept and decrypt HTTPS payload > > with sslBump? > > > > Maybe. It can do so about as well as NAT intercept mode can. > > Wherther TPROXY works depends on what level of access you have to > control the TCP packet routing. > > Whether SSL-Bump can decrypt depends on what TLS features are being used > by the HTTPS traffic - and whether it is HTTPS at all. > > These things are only loosely related. > > > Amos > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
