Hi, I have a proxy squid on which i redirect all http, https traffic. But i have a destination where i should go through squid. My actual redirect in rules is: REDIREC LAN 3128 tcp http,https How can i add a rule so all connexion to address IP1 isn t redirected? thx laurent ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
Tzacos wrote:> Hi, > > I have a proxy squid on which i redirect all http, https traffic. > But i have a destination where i should go through squid. > > My actual redirect in rules is: > > REDIREC LAN 3128 tcp http,https > > How can i add a rule so all connexion to address IP1 isn t redirected? >I recommend that you carefully read http://www.shorewall.net/Shorewall_Squid_Usage.html. There you will: a) learn that HTTPS cannot be proxied transparently; and b) find instructions for doing what you are asking about. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
Shorewall Guy a écrit :> Tzacos wrote: > >> Hi, >> >> I have a proxy squid on which i redirect all http, https traffic. >> But i have a destination where i should go through squid. >> >> My actual redirect in rules is: >> >> REDIREC LAN 3128 tcp http,https >> >> How can i add a rule so all connexion to address IP1 isn t redirected? >> >> > > I recommend that you carefully read > http://www.shorewall.net/Shorewall_Squid_Usage.html. > > There you will: > > a) learn that HTTPS cannot be proxied transparently; and >Yes i didn t see that at first glance. using just for HTTP work fine. My problem is that i would have needed it for HTTPS. And i can''t have fixed conf in browser as user is administrator and thus can change the configuration.> b) find instructions for doing what you are asking about. > > >No need now. I have to change my point of view on the problem. thx anyway :) Laurent ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
Tzacos wrote:> Shorewall Guy a écrit : >> Tzacos wrote: >> >>> Hi, >>> >>> I have a proxy squid on which i redirect all http, https traffic. >>> But i have a destination where i should go through squid. >>> >>> My actual redirect in rules is: >>> >>> REDIREC LAN 3128 tcp http,https >>> >>> How can i add a rule so all connexion to address IP1 isn t redirected? >>> >>> >> I recommend that you carefully read >> http://www.shorewall.net/Shorewall_Squid_Usage.html. >> >> There you will: >> >> a) learn that HTTPS cannot be proxied transparently; and >> > Yes i didn t see that at first glance. using just for HTTP work fine. > My problem is that i would have needed it for HTTPS. And i can''t have > fixed conf in browser as user is administrator and thus can change the > configuration.Then prevent loc->net HTTPS with this rule. REJECT loc net tcp https If the user changes his/her config, they still can''t get to the net via HTTPS. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword