I've been using SQUID for years to terminate inbound client connections to externally facing web sites. With SQUID 2.6, I specified transparent in the https_port, setup some acls, and it worked seamlessly.
I have been trying to get a similar configuration working with SQUID 3.3. Changing the 'transparent' to intercept, adding ssl-bump, and then setting ssl_bump client-first to the appropriate domains. Unfortunately, I'm receiving these errors:
2013/05/10 18:33:11 kid1| NF getsockopt(SO_ORIGINAL_DST) failed on local=192.168.123.123:443 remote=4.4.4.4:11034 FD 12 flags=33: (92) Protocol not available
Will this configuration still work with modern SQUID or must a different approach be taken? I appreciate any help, this is starting to frustrate me.
Thanks,
Warner
CONFIDENTIALITY STATEMENT: All information included in this Communication, including attachment(s), is intended solely for delivery and authorized use by the intended recipient(s), and may contained privileged, confidential, proprietary and/or trade secret information entitled to protection and/or exempt from disclosure under applicable law. If you are not the intended recipient, please note that any use, distribution or copying of this Communication is unauthorized and may be unlawful. If you have received this Communication in error, please notify the sender and delete this Communication from your computer.
Received on Fri May 10 2013 - 23:35:46 MDT
This archive was generated by hypermail 2.2.0 : Sat May 11 2013 - 12:00:05 MDT