[squid-users] enabling https 443 on vanilla squid -debian squeeze-

From: someone <mrnicholsb_at_gmail.com>
Date: Tue, 27 Dec 2011 15:44:46 -0800

Allright, many of you know me here from some of my previous posts, and
Im sure if I went a googling Id find answers to my questions but hey,
why, when im subscribed to the squid-cache users mailing list~ hehe.

Well anyway, ive never used squid for ssl/https:443 before and noticed
one of my clients playing a lot of that farmville crap on facebook,
sometimes uses ssl, and farmville uses a considerable ammount of
bandwidth. I wanna intercept all of that wasted redownloads so, since
farmville seems to be using https more, my clients arent getting the
benefit of my squid cache :(, welp now its time to enable ssl "bump" or
w/e they call it in squid.

ok, as I understand squid must be compiled to cache ssl http content?
Because im using a vanilla version that ships with debian squeeze. see

I dont see any --enable ssl below :(

deviant:/home/devadmin# squid3 -v
Squid Cache: Version 3.1.6
configure options: '--build=i486-linux-gnu' '--prefix=/usr'
'--includedir=${prefix}/include' '--mandir=${prefix}/share/man'
'--infodir=${prefix}/share/info' '--sysconfdir=/etc'
'--localstatedir=/var' '--libexecdir=${prefix}/lib/squid3'
'--disable-maintainer-mode' '--disable-dependency-tracking'
'--disable-silent-rules' '--srcdir=.' '--datadir=/usr/share/squid3'
'--sysconfdir=/etc/squid3' '--mandir=/usr/share/man'
'--with-cppunit-basedir=/usr' '--enable-inline' '--enable-async-io=8'
'--enable-storeio=ufs,aufs,diskd' '--enable-removal-policies=lru,heap'
'--enable-delay-pools' '--enable-cache-digests' '--enable-underscores'
'--enable-icap-client' '--enable-follow-x-forwarded-for'
'--enable-basic-auth-helpers=LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM' '--enable-ntlm-auth-helpers=smb_lm,' '--enable-digest-auth-helpers=ldap,password' '--enable-negotiate-auth-helpers=squid_kerb_auth' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group' '--enable-arp-acl' '--enable-esi' '--disable-translation' '--with-logdir=/var/log/squid3' '--with-pidfile=/var/run/squid3.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--enable-linux-netfilter' 'build_alias=i486-linux-gnu' 'CFLAGS=-g -O2 -g -Wall -O2' 'LDFLAGS=' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -g -Wall -O2' --with-squid=/build/buildd-squid3_3.1.6-1.2+squeeze1-i386-_y3HlV/squid3-3.1.6

Why wouldnt they ship the vanilla binarie with ssl enabled??

Received on Tue Dec 27 2011 - 23:45:04 MST

This archive was generated by hypermail 2.2.0 : Wed Dec 28 2011 - 12:00:03 MST