Quick query, as I've used all resources trying to resolve this error. Can't seem to find the fix.
Vigor 3300 (192.168.0.59 Strict BIND on Squids MAC no other traffic allowed through) > Squid (Debian Etch - 192.168.0.54) > LAN.
So, I've set the box up, made some sneaky delay pools, create a 70GB caching location across a few drives blaah-de-blaah. However users cannot access HTTPS traffic. I also read you cant have the proxy transparent and have HTTPS traffic. Does this mean we can only use proxy settings within Internet Explorer, and turn transparency off?
Iptables rules using the Transparent settings.Would doing the above, changing --dport 80 to --dport 443 work. I've not seen this documented anywhere, and to be honest its driving me nuts. 443 is on the ACL as SafeSSLPorts.Code:iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.54:3128
I read the following from a previous post:but my Iptables knowledge is very limited.Code:iptables -t filter -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT
Anyone have any ideas?
Last edited by ahuxham; 24th May 2008 at 03:03 PM. Reason: I can't spell!
Yeah you cant transparently proxy https, its a man-in-the-middle attack.
Do you have IP Forwarding turned on because thats what i needed to enable for mine to allow https to pass straight through
There are currently 1 users browsing this thread. (0 members and 1 guests)