Wiki

User Tools

Site Tools

Trace: start ssl_man_in_the_middle_filtering
pfsense:squid:ssl_man_in_the_middle_filtering

Table of Contents

PFSense - Squid - SSL Man In the Middle Filtering

SSL Man In the Middle Filtering

  • HTTPS/SSL Interception : Tick - Enable SSL Filtering.
  • SSL/MITM Mode : Custom.
  • SSL Intercept Interface(s) : LAN.
  • SSL Proxy Port : <blank>.
  • SSL Proxy Compatibility Mode : Modern.
  • DHParams Key Size : 2048 (default).
  • CA : Select your CA. See [todo] here for how to setup a CA.
  • SSL Certificate Deamon Children : <blank>
  • Remote Cert Checks : Select all items.
  • Certificate Adapt : Select all items.

Logging Settings

  • Enable Access Logging : Tick
  • Log Store Directory : /var/squid/logs
  • Rotate Logs : 3650
  • Log Pages Denied by SquidGuard : Unticked

Advanced Features

Due to the Custom setting above, the following is needed to specify how to handle traffic.

YouTube uses the ytimg.com, which causes issues that without this setting images are not shown.

  • Custom Options (SSL/MITM) : 
# YouTube
acl serverIsYoutube ssl::server_name .ytimg.com
#acl serverIsYoutube ssl::server_name .youtube.com

# splice all the rest
ssl_bump splice all

References

https://wiki.squid-cache.org/Features/SslPeekAndSplice

pfsense/squid/ssl_man_in_the_middle_filtering.txt · Last modified: 2020/07/15 10:30 by 127.0.0.1
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki