Eliezer & Amos,
Thank you for your input & assistance.
The iptables rules are on the same machine in which I'm running squid.
Amos, just for my understanding changing the below given directive
should do the trick ?
ssl_bump client-first all
to
ssl_bump server-first all
On Tue, Jan 1, 2013 at 11:21 AM, Eliezer Croitoru <eliezer_at_ngtech.co.il> wrote:
>
> Sorry my bad,
>
> If it's on the same machine then it should be fine.
> if on other it's another story.
> on what machine is it? these rules?
>
> Thanks,
> Eliezer
>
>
> On 1/1/2013 7:14 AM, Amos Jeffries wrote:
> > No. DNAT and REDIRECT do the same thing and both are valid for Squid
> > with NAT intercept.
> >
> > REDIRECT just assumes the DNAT IP is to be the machines primary IP and
> > works when IPs are dynamically assigned to the box.
> >
> >
> > The main problem appears to be configuring "server-first" bumping with
> > the directive:
> >
> > ssl_bump client-first all
> >
> >
> > Amos
Received on Tue Jan 01 2013 - 06:19:35 MST
This archive was generated by hypermail 2.2.0 : Tue Jan 01 2013 - 12:00:10 MST