How to forward HTTPS traffic through squid transparently?

https squid transparent-proxy

but all the ones I found describe the creation of a certificate pair to decrypt/re-encrypt the traffic - something I do not want to do.

What you are asking for simply isn't possible because of how the https protocol works. Your options are:

  • Permit outgoing https through your firewall, and don't attempt to use any proxies
  • Configure clients to use your proxy/filter, and they will use HTTP CONNECT calls to the proxy.
  • Setup your proxy to be a man in the middle, and do sslbump.

I would just eventually block when some time rules are met

You can with the correct iptables modules filter based on the time of day. Perhaps you should just handle the time of day filtering in your firewall?


Two steps:

  1. install redsocks and make configuration to redirect any TCP connection (https connection is based tcp) from the listen port to HTTPS proxy port(HTTP/CONNECT eg. your squid http proxy port)
  2. build iptables with NAT,and redirect all connections to the listen port of redsocks you've set above(you could find examples in redsocks docs)

However, for udp connections, redsocks has poor performance,you could try ss-redir as an alternative(TPROXY kernel module is needed).

Related

SSH random connect timeout
Intune device not in Endpoint Manager
ssh remote command parsing gone wrong
nginx TCP forwarding with GeoIP
Receiving notifications from a remote machine as a local event
GCP metadata Transferring to SSH Keys - Permission Denied
Apache2 Server Huge response time
Server Time Keeps Changing to 2 Hours in the Future
How can I pass a variable in a decorator to function's argument in a decorated function?
How do I test a WHOLE string against regex in ruby?
Is it possible to include inline assembly in Go code?
MSBuild on CI Server can't find AL.exe