SSL Bump Multiple Interfaces

Bigdaddy168 · Apr 4, 2017, 4:43 PM

Hey guys,

is it somehow possible to configure the "Custom SSL MITM Mode" so that the behavior on one interface is "Splice All" and on other interface "Splice Whitelist, Bump Otherwise."?

Thanks in advance.

marcelloc · Apr 5, 2017, 10:00 AM

With custom acls for your networks yes

http://wiki.squid-cache.org/Features/SslPeekAndSplice

doktornotor · Apr 5, 2017, 1:11 PM

There are even configuration examples when you click the i

Bigdaddy168 · Apr 5, 2017, 7:19 PM

Ok thanks for your reply! But for me it is not clear which part of configuration i have to add in the custom field. Is it enough to insert the following lines:

acl networkx src 172.16.0.0/16

ssl_bump splice network 1
ssl_bump bump all

Or is it necessary to insert something like "ssl_bump splice whitelist" somewhere between? (to get default behaviour)

Thanks!