Re: [squid-users] Squid SSL Bump transparently CONNECT for another proxy

From: Jatin Bhasin <>
Date: Sat, 7 Jun 2014 23:33:48 +1000


1) PROXY2 is not configured to bump the traffic and I cannot remove it
from the set up.
2) PROXY2 is listening on port 3128. I have to intercept proxy port
because all the requests are going to PROXY2 on port 3128 and I have
to bump it.

Currently Client is connecting to PROXY2 and I cannot change
configuration on PROXY2 to bump the traffic neither I can remove it
from the netwrok setup.

So is this all possible?


On Sat, Jun 7, 2014 at 11:24 PM, Antony Stone
<> wrote:
> On Saturday 07 June 2014 at 14:16, Jatin Bhasin wrote:
>> Hello,
>> We have a test set up as below:
>> Client <----> SQUID(PROXY1) <----> PROXY2 <-----> SERVER
>> In the above set up Client browser is configured to point to PROXY2.
>> So client sends the CONNECT request to PROXY2.
>> PROXY1 which is running SQUID is transparently detecting this CONNECTION.
> 1. Why are you using transparent intercept when the client is configured to
> connect to Proxy2? Why not just let the client connect, and have Proxy1
> ignore it?
> 2. What port number/s are you intercepting? You would normally use
> transparent intercept on ports 80/443, for example, whereas a client-proxy
> connection would be on 3128. Why intercept the proxy port, instead of just
> the HTTP port?
>> The goal is that PROXY1 should bump the SSL connection between client
>> and the PROXY2.
> What's the purpose of this? Why not just connect from the client to proxy2?
>> Hence, I believe that PROXY1 should send the CONNECT request to PROXY2
>> and then all the data transfers occurs between PROXY1 and PROXY2.
>> PROXY1 should then bump the traffic and send it to client.
>> Is this possible? Please suggest the SQUID(PROXY1) configuration
>> settings to achieve this.
> Regards,
> Antony.
> --
> "Black holes are where God divided by zero."
> - Steven Wright
> Please reply to the list;
> please don't CC me.
Received on Sat Jun 07 2014 - 13:33:54 MDT

This archive was generated by hypermail 2.2.0 : Sat Jun 07 2014 - 12:00:04 MDT