HTTPS is not working in transparent proxy with Squid

iptables squid transparent-proxy
8,760

HTTPS traffic can not be redirected transparently to a proxy. You need to find a way to configure the proxy settings on your devices. If it is not feasible, you have to forward HTTPS traffic directly to the Internet.

Share:
8,760

Related videos on Youtube

Supratik
Author by

Supratik

Updated on September 17, 2022

Comments

  • Supratik
    Supratik over 1 year

    I am using Squid proxy 3.1, all systems in the LAN connects to the internet through proxy. Direct connection is blocked using the iptables from the gateway server.

    There are some devices which does not have options for auto proxy or manual proxy and can only connect to the internet directly. So I enabled transparent proxy in Squid and redirected packets for port 80 and 443 to Squid proxy using iptables.

    Now the problem is it is working fine for HTTP port but HTTPS is not working. It is throwing "ssl_error_rx_record_too_long" error.

    If it is not possible through transparent proxy can you please suggest me another solution.

    Warm Regards

    Supratik

  • Supratik
    Supratik over 13 years
    If I allow direct connection to those devices I need to restrict their bandwidth also. Is there any way to limit bandwidth through iptables?
  • Javier
    Javier over 13 years
    @Supratik: to handle bandwidth you use tc. it's all explained in lartc.org (linux advanced routing and traffic control). set aside a couple of days to read it all.
  • Khaled
    Khaled over 13 years
    Yes, of course. Have a look at tc. tldp.org/HOWTO/Adv-Routing-HOWTO.
  • Supratik
    Supratik over 13 years
    Thanks guys for all the information. I googled on this topic for some more time and found a link (rahulpahade.com/content/squid-transparent-proxy-over-ssl-ht‌​tps), this explains how you can allow HTTPS through transparent proxy and it really works. Only the issue here is if you use the normal openssl certificate it will always prompt you to add it to your certification exception list. Since I don't want to purchase a certificate now I decided to go with tc.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

iptables doesn't redirect http traffic to my Squid proxy!
Squid running in intercept mode on same machine as browser keeps giving access denied
How to configure squid4 as transparent proxy?
How To Route All HTTP Traffic from eth1 to the Squid Proxy? The Iptable rules?
Local transparent proxy
How to redirect to my squid proxy using iptables since DNAT target: only valid in nat table
Route outgoing VPN traffic through local transparent proxy
iptables configuration for Transparent squid proxy
iptables for transparent NAT
"Invalid URL" Squid 3.3.8 transparent proxy w/ SSL Bump