Re: [squid-users] Will transparent proxying with SSL work?

From: Kenneth Stephen <kstephen@dont-contact.us>
Date: Sat, 28 Apr 2001 13:52:41 -0500

Henrik Nordstrom wrote:
>
> Most people use masquerade/NAT for this. If your OS is capable of
> transparent proxying then it is most likely also capable of
> masquerade/NAT.
>
> Squid cannot be used for "transparent SSL" proxying.
>
> --
> Henrik Nordstrom
> Squid Hacker
>
> Kenneth Stephen wrote:
>
>

Henrik,

        Thanks for the quick response. I am using Linux - so there is no
question that it is capable of doing Masquerading or NAT. However, my
understanding is that it is not possible to run servers on masqueraded
machines. Clients yes, but not servers. Correct me if I am wrong.

        Also, for NAT, I beleive there is a requirement that there be a one to
one mapping from private ips to real ips. Unfortunately, a shortage of
real ips is what drove us to using private ips in the first place. So
its not possible for us to use NAT.

        Might I enquire as to the reason that Squid does not support
transparent proxying of SSL? Is this technically impossible, or is it
that the code hasnt been written yet? Does Squid support forward
(normal) proxying of SSL?

Thanks,
Received on Sat Apr 28 2001 - 12:37:37 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:39 MST