+ Post New Thread
Results 1 to 2 of 2
*nix Thread, Squid - Transparent - HTTPS Issue in Technical; Hi All, Quick query, as I've used all resources trying to resolve this error. Can't seem to find the fix. ...
  1. #1
    ahuxham's Avatar
    Join Date
    Apr 2008
    Posts
    1,122
    Thank Post
    76
    Thanked 138 Times in 109 Posts
    Rep Power
    30

    Squid - Transparent - HTTPS Issue

    Hi All,

    Quick query, as I've used all resources trying to resolve this error. Can't seem to find the fix.

    Vigor 3300 (192.168.0.59 Strict BIND on Squids MAC no other traffic allowed through) > Squid (Debian Etch - 192.168.0.54) > LAN.

    So, I've set the box up, made some sneaky delay pools, create a 70GB caching location across a few drives blaah-de-blaah. However users cannot access HTTPS traffic. I also read you cant have the proxy transparent and have HTTPS traffic. Does this mean we can only use proxy settings within Internet Explorer, and turn transparency off?

    Iptables rules using the Transparent settings.
    Code:
    iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.54:3128
    Would doing the above, changing --dport 80 to --dport 443 work. I've not seen this documented anywhere, and to be honest its driving me nuts. 443 is on the ACL as SafeSSLPorts.

    I read the following from a previous post:
    Code:
    iptables -t filter -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT
    but my Iptables knowledge is very limited.

    Anyone have any ideas?
    Last edited by ahuxham; 24th May 2008 at 03:03 PM. Reason: I can't spell!

  2. #2

    Join Date
    Jan 2007
    Location
    Durham, UK
    Posts
    328
    Thank Post
    33
    Thanked 17 Times in 12 Posts
    Rep Power
    20
    Yeah you cant transparently proxy https, its a man-in-the-middle attack.

    Do you have IP Forwarding turned on because thats what i needed to enable for mine to allow https to pass straight through

SHARE:
+ Post New Thread

Similar Threads

  1. Squid transparent proxying
    By MK-2 in forum *nix
    Replies: 46
    Last Post: 4th June 2008, 11:26 AM
  2. VPN with Transparent Proxy
    By Jackd in forum Wireless Networks
    Replies: 6
    Last Post: 14th February 2008, 04:18 PM
  3. Transparent squid + local IP addresses
    By jonathan.lees in forum *nix
    Replies: 1
    Last Post: 2nd December 2007, 01:20 AM
  4. Squid Transparent
    By Jackd in forum *nix
    Replies: 5
    Last Post: 10th October 2007, 02:12 PM
  5. Squid Transparent Proxy.
    By Jackd in forum Network and Classroom Management
    Replies: 2
    Last Post: 25th July 2007, 06:54 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •