Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SquidGuard: How to redirect HTTPS to HTTP wile keeping the rest of the URL

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Pistolero
      last edited by

      Hi All,

      This is driving me batsh*it! For the life of me, I cannot figure out how to redirect HTTPS to HTTP while keeping the rest of the URL intact. For example:

      As I am filtering SSL via Squid, some pics of my favorite news site (https://news.google.com) do not display. So I want to redirect the image URL from

      https://t2.gstatic.com/images?q=tbn:ANd9GcQT1vbGwFBBDnUsOxhVChUIpjB_kZM278iw7ryOED_GY8QjBb3dISj5T4Xc-flTGGKha2HfoYPow1M

      to

      http://t2.gstatic.com/images?q=tbn:ANd9GcQT1vbGwFBBDnUsOxhVChUIpjB_kZM278iw7ryOED_GY8QjBb3dISj5T4Xc-flTGGKha2HfoYPow1M

      Now, the t(number).gstatic.com always seems to be different (load balancing, probably)

      I have a regx that matches the URL perfectly:

      https://t[0-9].gstatic.com/images?q=tbn:

      but, how do I replace the https part with http while keeping the rest of the URL intact?

      Any help greatly appreciated!

      1 Reply Last reply Reply Quote 0
      • P
        peruvichito2014
        last edited by

        Hi Gurus
        Let me explain my scenario (Network Diagram)
        Router (ISP)  <===>  Firewall PFsense <===> My Lan Segment
        In the PFsense I installed the the squid (Version 2.7.9 pkg v.4.3.4).
        The problem that I am finding is that This Proxy (Squid) only block web that use ports 80 (Like www.youtube.com) but not ports 443 (like www.facebook.com).
        The problem to filter all port 443 I am solved by apply a rule Like this:
        ![](http://Filter 443 by IP's)

        Well, let me know if exit an alternative to filter in base to group.
        For example Group 1 (permit traffic 80 and 443 to the following pages - Like banks, facebook, emails, www.youtube, etc the rest are blocks)
        Group 2 (permit traffic 80 and 443 to the pages of banks)
        Group 3 (some policy That I would considered)
        Also I would create some different another different

        Profile of user 1 ( User VIPs, acccess to all pages)
        Profile of user 2 (User which belong to Group 1)
        Profile of user 3 (User which belong to Group 2)
        ….............
        Profile of user n (User which belong to Group n)

        My version of firewall is:

        ![](http://Firewall Version)
        Also, exit any type the report where I can review (an extrat this data) and elaborate a Report to inform the top of Traffic that the user consume.

        I appreciate your comment /suggestion

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.