What are the iptables rules for that?
Also look at:
http://wiki.squid-cache.org/EliezerCroitoru/Drafts/SSLBUMP
Eliezer
On 08/14/2014 09:32 AM, agent_js03 wrote:
> This doesn't work for me either. Here is my updated squid conf:
>
> /http_port 3128
> http_port 3129 intercept
> https_port 3130 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB key=/etc/squid3/ssl/private.pem
> cert=/etc/squid3/ssl/public.pem
> always_direct allow all
> ssl_bump deny allowed_sites
> ssl_bump allow all
> sslproxy_cert_error allow all
> sslproxy_flags DONT_VERIFY_PEER
> sslcrtd_program /usr/lib/squid3/ssl_crtd -s /var/lib/ssl_db -M 4MB
> sslcrtd_children 5/
>
>
> When I try to access the web, I get the following error:
>
> The following error was encountered while trying to retrieve the URL: /
> Invalid URL
> Some aspect of the requested URL is incorrect.
> Some possible problems are:
> Missing or incorrect access protocol (should be "http://" or similar)
> Missing hostname
> Illegal double-escape in the URL-Path
> Illegal character in hostname; underscores are not allowed.
> Your cache administrator is webmaster.
>
> There is no error being output in cache.log. What am I missing here? I
> should mention, the proxy works perfectly if I configure my browser to point
> to it. However, that completely defeats the purpose: remember, I am trying
> to set up a /transparent/ proxy, meaning all web traffic should be
> transparently routed to the proxy server. I did as you said and all traffic
> should be going to port 3128.
>
>
>
> --
> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/HTTP-HTTPS-transparent-proxy-doesn-t-work-tp4667193p4667210.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
>
Received on Fri Aug 15 2014 - 00:47:46 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 19 2014 - 12:00:05 MDT