OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: ruggerio on January 27, 2021, 11:19:17 am

Title: Squid SSL [Solved]
Post by: ruggerio on January 27, 2021, 11:19:17 am

Hi,

I tried for an old tablet having Squid using SSL Bump (without transparent proxy) - default listening is on port 3129.

On the tablet i get a reduced connection. Strange. On the sense, i see also not listening anything to port 3129 (which perhaps causes this).

And even more strange, the traffic gets - as it seems - inspected, as https://-download from eicar is recognized in c-icap...

usually i expected no inspection of traffic, as it is not listening on 3129 (SNI, btw. is disabled...)

Are there perhaps changes in squid, that could cause this?

Title: Re: Squid SSL [Solved]
Post by: ruggerio on January 27, 2021, 04:27:02 pm

was just a problem on the tablet itself. had to delete the wlan-connection on the tablet and redo. No more problems since then.

Strange still, port 3129 is not in use. But inspection works.