[squid-users] Workstation IP on SSLBUMP

From: Dave <dave_at_thinkwelldesigns.com>
Date: Mon, 22 Jul 2013 13:08:48 -0400

Hello everyone,

I'm running squid 3.3.8 and I just got sslbump working. I noticed in the
squid logs, however, than for https connections, the IP is 127.0.0.1
instead of the LAN IP.

Is that the price of sslbump or did I do something wrong? Relevant
config lines included below...

Thanks,

Dave

http_port 3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/thinkwell.pem

always_direct allow all
ssl_bump server-first all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 5

follow_x_forwarded_for allow localhost
Received on Mon Jul 22 2013 - 17:08:55 MDT

This archive was generated by hypermail 2.2.0 : Tue Jul 23 2013 - 12:00:40 MDT