Redirector for HTTP traffic, wrongly prepended with HTTPS:// - squid

This is a discussion on Redirector for HTTP traffic, wrongly prepended with HTTPS:// - squid ; Please can you help, in my environment the clients make HTTP calls only, with TLS/SSL offloaded onto hardware cards on the outbound network infrastrucure. My current squid.conf ACL's will not direct HTTP traffic incorrectly pre-prended with HTTPS:// to the redirector ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Redirector for HTTP traffic, wrongly prepended with HTTPS://

  1. Redirector for HTTP traffic, wrongly prepended with HTTPS://


    Please can you help, in my environment the clients make HTTP calls
    only, with TLS/SSL offloaded onto hardware cards on the outbound
    network infrastrucure.

    My current squid.conf ACL's will not direct HTTP traffic incorrectly
    pre-prended with HTTPS:// to the redirector programme.

    All traffic generated from the client applications is HTTP, only the
    GET request in incorrectly formed as HTTP://some.domain.com.

    Can somebody help with the ACL i need to capture traffic for a known
    list of dstdomains and direct to the redirector. I can get this to
    work when the dstdomain is HTTP but not HTTPS. As said above the HTTPS
    dst url will actually be HTTP malformed GET request.

    - Danny

  2. Re: Redirector for HTTP traffic, wrongly prepended with HTTPS://

    On 6 Mar, 10:40, dannyh wrote:
    > Please can you help, in my environment the clients make HTTP calls
    > only, with TLS/SSL offloaded onto hardware cards on the outbound
    > network infrastrucure.
    >
    > My current squid.conf ACL's will not direct HTTP traffic incorrectly
    > pre-prended with HTTPS:// to the redirector programme.
    >
    > All traffic generated from the client applications is HTTP, only the
    > GET request in incorrectly formed as HTTP://some.domain.com.
    >
    > Can somebody help with the ACL i need to capture traffic for a known
    > list of dstdomains and direct to the redirector. I can get this to
    > work when the dstdomain is HTTP but not HTTPS. As said above the HTTPS
    > dst url will actually be HTTP malformed GET request.
    >
    > - Danny

    More info, I've debugged the ACL's at verbosity 9. This shows making
    an HTTPS and HTTP get request matches the same ACLs perfectly. Its not
    clear why HTTP is being forwarded to the redirector program and HTTPS
    is not.

    Can anybody help?

    - Danny

  3. Re: Redirector for HTTP traffic, wrongly prepended with HTTPS://

    On 6 Mar, 13:43, dannyh wrote:
    > On 6 Mar, 10:40, dannyh wrote:
    >
    >
    >
    > > Please can you help, in my environment the clients make HTTP calls
    > > only, with TLS/SSL offloaded onto hardware cards on the outbound
    > > network infrastrucure.
    >
    > > My current squid.conf ACL's will not direct HTTP traffic incorrectly
    > > pre-prended with HTTPS:// to the redirector programme.
    >
    > > All traffic generated from the client applications is HTTP, only the
    > > GET request in incorrectly formed as HTTP://some.domain.com.
    >
    > > Can somebody help with the ACL i need to capture traffic for a known
    > > list of dstdomains and direct to the redirector. I can get this to
    > > work when the dstdomain is HTTP but not HTTPS. As said above the HTTPS
    > > dst url will actually be HTTP malformed GET request.
    >
    > > - Danny
    >
    > More info, I've debugged the ACL's at verbosity 9. This shows making
    > an HTTPS and HTTP get request matches the same ACLs perfectly. Its not
    > clear why HTTP is being forwarded to the redirector program and HTTPS
    > is not.
    >
    > Can anybody help?
    >
    > - Danny

    Fixed, adding acl on never direct for clients I want to funnel through
    the redirector external program worked.

    - Danny
+ Reply to Thread
« Blocking an existing session | Removing squid version from squid error footer »