[squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump

Jonathan Lee jonathanlee571 at gmail.com
Mon Oct 20 17:59:30 UTC 2025

Previous message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Next message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

There is also a setting called t-proxy I tried it seems to work well when compared to intercept and transparent. I read about it in pfSense you have to adapt the config to make it work.
Sent from my iPhone

> On Oct 20, 2025, at 09:41, Alex Rousskov <rousskov at measurement-factory.com> wrote:
> 
> On 2025-10-20 05:29, Gonzalo Vázquez Enjamio wrote:
> 
>> My question is if it would be possible to log HTTPS traffic, in a Squid in transparent mode, without intercepting the traffic?
>> I know it's possible with a proxy in explicit mode, but in transparent mode?
> 
> Your earlier question had "without using an SSL Bump" condition. I assume your revised question uses that condition as well.
> 
> I believe I have answered your earlier question, but since you are asking a similar question again, I assume that my earlier response was problematic. I do not know what that problem was, and you have not told me why that earlier answer was not satisfactory, but perhaps there is a conflict in terminology:
> 
> * How do you define "transparent mode"?
> 
> * How do you define "intercepting the traffic"?
> 
> * Do you want to log individual HTTP(S) transaction details (e.g., request URLs) or just TCP-level connection details (e.g., IP addresses and ports)?
> 
> Alex.
> 
> 
>> El vie, 17 oct 2025 a las 15:24, Alex Rousskov escribió:
>>    On 2025-10-17 05:57, Gonzalo Vázquez Enjamio wrote:
>>     > Is it possible to handle HTTPS requests and log them in a
>>    transparent
>>     > proxy with Squid without using an SSL Bump?
>>    If you are asking about intercepted TLS connections (i.e. https_port),
>>    then all Squid can do with them (without SslBump) is to log TCP-level
>>    details of each connection. No individual HTTP requests are visible to
>>    Squid in this setup.
>>    If you are asking about plain text HTTP requests for "https://..."
>>    targets/URLs arriving on an intercepted plain TCP connection (i.e.
>>    http_port), then Squid should be able to handle (e.g., deny, forward,
>>    cache, and log) those requests individually.
>>    If you do not know which case applies to you, it is most likely the
>>    first case because plain "GET https://..." requests are rare and are
>>    usually seen in non-intercepting setups.
>>    HTH,
>>    Alex.
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> https://lists.squid-cache.org/listinfo/squid-users

Previous message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Next message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the squid-users mailing list