Squidguard HTTPS non-T



  • From my knowledge I thought it was possible to use https filtering when you use a non-transparant proxy and put the proxy details in the browser of the user.

    This doesn't work for me. Websites blocked with http protocol are accessible with https.

    2.1-RELEASE
    Squid 2.7.9 pkg v.4.3.3
    Squidguard 1.4_4 pkg v.1.9.5

    Proxy interface LAN - Allow users on interface - Transparant proxy UNTICKED



  • you should also use a firewall rule to block direct acces to port 443 besides port 80



  • I did some basic testing:

    https gives an error: Errorcode: ERR_TUNNEL_CONNECTION_FAILED <– is this the normal behaviour?



  • with proxy set on clients ssl sites are blocked/filtered on on domain lists as squid can't analyse url after ssl handshake is done.

    with squid3-dev you can intercept ssl and filter https the same way you do with http.


Log in to reply