On 7/03/2013 2:03 a.m., Amm wrote:
----- Original Message -----
From: Amos Jeffries
On 6/03/2013 1:40 p.m., Alex Rousskov wrote:
On 03/05/2013 03:09 AM, Amos Jeffries wrote:
Squid tunnel functionality requires a CONNECT wrapper to generate
outgoing connections.
It is not yet setup to do the raw-TCP type of bypass the intercepted
traffic would require.
Are you sure? IIRC, "ssl_bump none" tunneling code works for
intercepted
connections, and that is what we claim in squid.conf:
Hmm. Yes I see the code now.
Looks like it should work form IPv4 but IPv6 intercepted HTTPS might be
missing the [] around the IP.
Amos
I just tried 443 port interception with sslbump and is working perfectly.
If sslbump none applies for request then it passes requests as is:
Log shows something like this:
1362574305.069 90590 192.168.1.1 TCP_MISS/200 3600 CONNECT 23.63.101.48:443 -
HIER_DIRECT/23.63.101.48 -
if sslbump server-first applied for request then log shows:
1362574001.569 294 192.168.1.1 TCP_MISS/200 515 GET
https://mail.google.com/mail/images/c.gif? - PINNED/2404:6800:4009:801::1015
image/gif
(Note: URL may not be same in both cases, these are just example)
I dont have IPv6, why is it showing IPv6 address, in 2nd case?
Because you *do* have IPv6, or at least the Squid box does. And Squid is
using it successfully to contact the upstream web server.
Amos
