Re: [squid-users] [Fwd: ssl-bump and tunneling] from James Lay on 2014-04-26 (squid-users)

From: James Lay <jlay_at_slave-tothe-box.net>
Date: Sat, 26 Apr 2014 13:10:02 -0600

On Sat, 2014-04-26 at 21:38 +0300, Eliezer Croitoru wrote:
> you can apply these rules only and only on CONNECT request which
> explicitly use domain name at the request.
> Intercepted requests will always use IP address acls.
> So you will need either to use iptables rules to bypass for these
> domains IPs or something else which is creative enough for it to work.
>
> Eliezer
>
> On 04/26/2014 06:29 PM, James Lay wrote:
> > acl broken_sites dstdomain .textnow.me
> > acl broken_sites dstdomain .akamaiedge.net
> > acl broken_sites dstdomain .akamaihd.net
> > acl broken_sites dstdomain .apple.com

Well there it is then...I've done the iptables thing to bypass these for
now...is there any way to see exactly why these aren't functioning
through as Intercepted? In any case thanks for the response..that does
help me.

James

application/pgp-signature attachment: This is a digitally signed message part

Received on Sat Apr 26 2014 - 19:10:11 MDT

This archive was generated by hypermail 2.2.0 : Sun Apr 27 2014 - 12:00:05 MDT