Hello,
Squid can not filter the content of a HTTPS connection or the URL but it can still act as a proxy for HTTPS connections
using the CONNECT method. Using squid for this will provide logging information on who is connecting to what IP /
domain.
This can be use full because there are a lot of tunnel software on the web designed to bypass proxy servers using this
method. For example some people may want to run MSN messenger on the network which is blocked ... so they install this
simple tunnelling software allowing them to to have the MSN client make a connection over the tunnel to a socks proxy
externally for MSN.
We only allow HTTPS connections to a list of domains.
Michael.
On Thu, 16 Sep 2004 16:54:48 -0300 (ART)
Giancarlo Boaron <gboaron@yahoo.com.br> wrote:
> Hello!
> I'm planning to use squid as a transparent proxy for
> my LAN.
> I now squid can't act as a transparent proxy when
> using the HTTPS protocol and it even registers this
> kind of access in my access.log file.
> So, can I register this kind of access in my
> access.log file or I just have to let this protocol go
> in and out on my iptables script (using FORWARD).
>
> Besides, what are the advantages and disadvantages of
> using transparent proxy when concerning about
> security, configuration facilities, network
> performances, etc ??
>
> Thank you.
> Giancarlo
>
>
>
>
>
> _______________________________________________________
> Yahoo! Messenger 6.0 - jogos, emoticons sonoros e muita diversão. Instale agora!
> http://br.download.yahoo.com/messenger/
>
>
>
>
-- Michael Gale Network Administrator Utilitran CorporationReceived on Thu Sep 16 2004 - 14:10:07 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT