LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 08-26-2013, 05:35 AM   #1
kikinovak
Senior Member
 
Registered: Jun 2011
Location: Montpezat (South France)
Distribution: Slackware, Slackware64
Posts: 1,489

Rep: Reputation: 662Reputation: 662Reputation: 662Reputation: 662Reputation: 662Reputation: 662
Transparent Slackware proxy using Squid and SquidGuard : HTTPS Facebook?


Hi,

I'm running Squid and SquidGuard on a Slackware64 14.0 server to filter Internet content for two local schools. The proxy works in "transparent" mode, e. g. all HTTP requests are redirected by an iptables rule to port 3128, to be handled by Squid. Thus, no one escapes the filtering proxy.

Unfortunately, Squid isn't well suited for handling HTTPS connections. And of course, the students have already figured out how to connect to https://www.facebook.com.

I've done quite some googling, read a load of articles about the subject, but my conclusion is that no one seems to have found a really satisfying conclusion here.

One more detail: some users should be allowed to still use Facebook in the network. I've created different subnets for students and staff.

Ah yes... I wonder if it's still possible in theory to connect to Facebook in plain HTTP. I couldn't manage it, since I always get redirected to https://www.facebook.com.

Any suggestions for this?
 
Old 08-26-2013, 07:48 AM   #2
santaslilslacker
LQ Newbie
 
Registered: Nov 2007
Distribution: Slackware64_current
Posts: 28

Rep: Reputation: 4
Hi,

If I remember correctly, you should use something like this:
acl SSL_ports 443
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
acl facebook dstdomain .facebook.com
http_access deny facebook
http_access deny CONNECT facebook

A+

Last edited by santaslilslacker; 08-26-2013 at 07:49 AM. Reason: forgot SSL_ports...
 
  


Reply

Tags
facebook, https, proxy


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid: transparent proxy + ssl_bump causing problem in accessing https pages auny87 Linux - Server 0 04-11-2012 07:08 AM
Should/Shoudn't proxy https while transparent proxy roopakl Linux - Newbie 1 03-12-2012 09:33 AM
transparent proxy squid: problem with the HTTPS pnguwe Linux - Networking 7 11-22-2011 08:00 AM
Transparent proxy for LAN works, except HTTPS Ulysses_ Linux - Security 1 06-17-2011 10:22 PM
https in transparent proxy DeepY0X Linux - Networking 14 03-09-2009 01:49 PM


All times are GMT -5. The time now is 12:41 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration