LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
Reload this Page Transparent Slackware proxy using Squid and SquidGuard : HTTPS Facebook?
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 08-26-2013, 05:35 AM   #1
kikinovak
MLED Founder
 
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: CentOS, OpenSUSE
Posts: 3,453

Rep: Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154Reputation: 2154
Transparent Slackware proxy using Squid and SquidGuard : HTTPS Facebook?

Hi,

I'm running Squid and SquidGuard on a Slackware64 14.0 server to filter Internet content for two local schools. The proxy works in "transparent" mode, e. g. all HTTP requests are redirected by an iptables rule to port 3128, to be handled by Squid. Thus, no one escapes the filtering proxy.

Unfortunately, Squid isn't well suited for handling HTTPS connections. And of course, the students have already figured out how to connect to https://www.facebook.com.

I've done quite some googling, read a load of articles about the subject, but my conclusion is that no one seems to have found a really satisfying conclusion here.

One more detail: some users should be allowed to still use Facebook in the network. I've created different subnets for students and staff.

Ah yes... I wonder if it's still possible in theory to connect to Facebook in plain HTTP. I couldn't manage it, since I always get redirected to https://www.facebook.com.

Any suggestions for this?
 
Old 08-26-2013, 07:48 AM   #2
santaslilslacker
Member
 
Registered: Nov 2007
Distribution: Slackware64_current
Posts: 45

Rep: Reputation: 27
Hi,

If I remember correctly, you should use something like this:
acl SSL_ports 443
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
acl facebook dstdomain .facebook.com
http_access deny facebook
http_access deny CONNECT facebook

A+
Last edited by santaslilslacker; 08-26-2013 at 07:49 AM. Reason: forgot SSL_ports...
 
  


Reply

Tags
facebook, https, proxy



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid: transparent proxy + ssl_bump causing problem in accessing https pages auny87 Linux - Server 0 04-11-2012 07:08 AM
Should/Shoudn't proxy https while transparent proxy roopakl Linux - Newbie 1 03-12-2012 09:33 AM
transparent proxy squid: problem with the HTTPS pnguwe Linux - Networking 7 11-22-2011 08:00 AM
Transparent proxy for LAN works, except HTTPS Ulysses_ Linux - Security 1 06-17-2011 10:22 PM
https in transparent proxy DeepY0X Linux - Networking 14 03-09-2009 01:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:31 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration