[ufdbGuard] Fwd: Squid SNI configuration with ufdbguard redirection issue
URL filter to block unwanted content on the internet
Brought to you by:
ufdb
Menu
▾
▴
[ufdbGuard] Fwd: Squid SNI configuration with ufdbguard redirection issue
|
From: Krishnadass K. <kri...@gm...> - 2018-10-09 07:10:32
|
---------- Forwarded message ---------
From: Krishnadass Kalidoss <kri...@gm...>
Date: Tue, Oct 9, 2018 at 12:36 PM
Subject: Squid SNI configuration with ufdbguard redirection issue
To: <ufd...@li...>
Hi,
I have configured squid3.5.26 in ssl bump+peek+splice in
squid.conf.
url_rewrite_program /usr/local/bin/ufdbgclient -l /var/log/squid
url_rewrite_children 4
url_rewrite_extras "%>a/%>A %un %>rm bump_mode=%ssl::bump_mode
sni=\"%ssl::>sni\" referer=\"%{Referer}>h\""
url_rewrite_access allow all
url_rewrite_bypass off
In udfbGuard.conf
ufdb-debug-filter 3
squid-uses-active-bumping on
redirect-bumped-https "
https://blockedhttps.urlfilterdb.com/cgi-bin/URLblocked.cgi?clientgroup=%s&category=%t&url=%u
"
category adv {
domainlist "BL/adv/domains"
option block-bumped-connect off
redirect "
https://blockedhttps.urlfilterdb.com/cgi-bin/URLblocked.cgi?clientgroup=%s&category=%t&url=%u
"
}
In ufdbguardd.log file I can see the redirection to
https://blockedhttps.urlfilterdb.com/cgi-bin/URLblocked.cgi?clientgroup=%s&category=%t&url=%u
but in Browser it does not redirection happen.
when I import clean certificate in client browser and also
squid.conf I changed to sslbump+peek then the redirection happened
properly. But i want to do with out client side CA imports. Give me any
suggestion please.
--
Regards,
Krishnadass.K,
--
Regards,
Krishnadass.K,
|
