Squid3 0.3.9.2 with SSL-Man-In-the-Middle-Filtering not working
-
I am using pfSense 2.2.4-RELEASE (amd64) with Squid3 ver. 0.3.9.2 and squidGuard ver. 1.9.15.
But when i enable SSL Man in the middle filtering, squid service is stopped and does not work.
Please suggest.
Thanks in advance.
-
Considering I did go through the hops of putting a descriptive log_error() message just about on every damned step that happens on Squid reconfiguration that's shown in System Logs - General, I find the immense amount of information posted here absolutely amazing.
Your suggestion can be found here.
-
I am getting the following in the system log:
–-------------------------------------------------
php-fpm[32201]: /rc.start_packages: The command '/usr/pbi/squid-amd64/sbin/squid -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was '2015/10/17 15:28:30| FATAL: tproxy/intercept on https_port requires ssl-bump which is missing. FATAL: Bungled /usr/pbi/squid-amd64/local/etc/squid/squid.conf line 6: https_port 127.0.0.1:3127 intercept Squid Cache (Version 3.4.10): Terminated abnormally. CPU Usage: 0.016 seconds = 0.016 user + 0.000 sys Maximum Resident Size: 46528 KB Page faults with physical i/o: 0'
–-------------------------------------------------
-
Kindly make sure you select "
localhost" your LAN(s) on the "SSL Intercept Interface(s)". -
In SSL Intercept Interfaces, its LAN, WAN and Loopback options. I selected Loopback but still does not work.
-
You have to select lan.
-
My suggestion is uninstall the package and download it again (latest version of squid)
-
You have to select lan.
Thanks, fixed above…
@OP: The interfaces MUST match. You have some wild mixture of Proxy Interface(s) vs. Transparent Proxy Interface(s) vs. SSL Intercept Interface(s). Make sure the thing match each other.