Squid3-dev mitm configuration



  • I got marcelloc's squid3-dev package working….wooohooo.  Now I have questions.

    So if you have http/https going through squid3 proxy, I have transparent for both and mitm.  Then how does dansguardian check traffic?  It seems that once squid3 breaks into http/https it would need to send the hacked traffic to then be scanned by dansguardian...  not sure how that works.  sorry, proxy setups still mystify me.

    I ask because my assumption is that if I make 2 nat rules to send traffic to dansguardian. it would then be responsible for mitm, is that correct?  I think that would be setup like this: 
    client->fireNAT->dansguardian->squid3->internet. 
    I think I want:
    client->transparent http/s squid->dansguardian->Havp->internet. 
    wont that all have to happen somehow within some squid integration?  My understanding is that when squid does mitm, it handles both sides communication, so it can't really hand off hacked stuff...can it?



  • @iodaddio:

    So if you have http/https going through squid3 proxy, I have transparent for both and mitm.  Then how does dansguardian check traffic?  It seems that once squid3 breaks into http/https it would need to send the hacked traffic to then be scanned by dansguardian…  not sure how that works.  sorry, proxy setups still mystify me.

    It will not, only icap/redirector calls will work as it's a ssl connection.
    Try squidguard or enable mitm on dansguardian(alpha code for mitm)

    @iodaddio:

    I ask because my assumption is that if I make 2 nat rules to send traffic to dansguardian. it would then be responsible for mitm, is that correct?  I think that would be setup like this:

    No need to do nat rules while using squid3-dev(The package will do that for you).