Squidguard HTTPS non-T

  • From my knowledge I thought it was possible to use https filtering when you use a non-transparant proxy and put the proxy details in the browser of the user.

    This doesn't work for me. Websites blocked with http protocol are accessible with https.

    Squid 2.7.9 pkg v.4.3.3
    Squidguard 1.4_4 pkg v.1.9.5

    Proxy interface LAN - Allow users on interface - Transparant proxy UNTICKED

  • you should also use a firewall rule to block direct acces to port 443 besides port 80

  • I did some basic testing:

    https gives an error: Errorcode: ERR_TUNNEL_CONNECTION_FAILED <– is this the normal behaviour?

  • with proxy set on clients ssl sites are blocked/filtered on on domain lists as squid can't analyse url after ssl handshake is done.

    with squid3-dev you can intercept ssl and filter https the same way you do with http.

Log in to reply