SQUID Transparent SSL proxy (no intercept)
Posted
by
user974896
on Server Fault
See other posts from Server Fault
or by user974896
Published on 2012-10-18T20:17:40Z
Indexed on
2012/10/18
23:04 UTC
Read the original article
Hit count: 248
I know how to have squid work as a transparent proxy. You put it into transparent mode then use your router or IPTABLES to forward port 80 to the squid port. I would like to do the same for SSL. Every guide I see mentions setting up keys on the squid server. I do not want squid to actually decrypt the SSL traffic then establish a connection with the server, rather I would like squid to simply forward the SSL traffic as is. The only thing I would like to do is be able to check the SSL request for any offending IPs and drop the packets if the destination is one of them.
© Server Fault or respective owner