[KLUG Members] passing https through a "firewall"
Phillip Hofmeister
plhofmei at antiochcomputerconsulting.com
Mon Jul 26 10:30:52 EDT 2004
On Thu, 22 Jul 2004 at 10:31:35PM -0400, Bruce Smith wrote:
> > I would be curious to see the details of your implementation. Recording information
> > about encrypted traffic (the transmission of the URL is
> > encrypted)....should be interesting.
>
> I checked my squid logs, and only the base URL is logged for https
> sites. i.e.: CONNECT www.membershipme.com:443 usr DIRECT/65.218.28.36
These logs can be obtained with IPTABLES rules as well without involving
the user-space (except the logger daemon). The IPTABLES method would
probably be more efficient.
But, if it is not broke, don't fix it.
--
Phillip Hofmeister
More information about the Members
mailing list