SQUID Transparent SSL proxy (no intercept)

Posted by user974896 on Server Fault See other posts from Server Fault or by user974896
Published on 2012-10-18T20:17:40Z Indexed on 2012/10/18 23:04 UTC
Read the original article Hit count: 241

Filed under:
|
|
|
|

I know how to have squid work as a transparent proxy. You put it into transparent mode then use your router or IPTABLES to forward port 80 to the squid port. I would like to do the same for SSL. Every guide I see mentions setting up keys on the squid server. I do not want squid to actually decrypt the SSL traffic then establish a connection with the server, rather I would like squid to simply forward the SSL traffic as is. The only thing I would like to do is be able to check the SSL request for any offending IPs and drop the packets if the destination is one of them.

© Server Fault or respective owner

Related posts about linux

Related posts about networking