Soner Tari

The listening program listens on the port specified in the proxyspec. **So when your listening program accepts a connection on that port, the packets are coming from the client side**....

Yes, that's true.

The listening program (squid or e2guardian) gives the packets back to sslproxy, which re-encrypts and sends them to the server (the original destination). So sslproxy opens (must open) the sockets...

The srvdst connection end sees all the packets of a connection. So I think you can use the connection handling functions for srvdst. I see two possibilities: 1. You can...

The multithreading issues I mention in my last comment has been solved with SSLproxy 0.8.0. So sslproxy shouldn't crash with the option 1 there.

Thanks @piolug93, it looks good, I bet it fixes the issue, but I have to try it myself before merging it. But I am a bit busy, so it is...

I cannot reproduce this, sslproxy 0.8.3 works fine with the url you have provided above. It goes to a Russian wiki page, right? (I have tried on UTMFW 6.8.1.) Btw,...

You can find an https proxyspec for E2Guardian in [sslproxy.conf for UTMFW](https://github.com/sonertari/UTMFW/blob/master/config/etc/sslproxy/sslproxy.conf). You basically need a proxyspec like that, and use Squid as the listening program on port 8080 (you...

If your NIDS is a passive IDS, then you can use the mirroring options in SSLproxy. So you can send decrypted (emulated) packets to an IDS. See the documentation for...

Short answer: I don't think SSLproxy can help you do that, at least as you describe it. As described in its README, SSLproxy can decrypt and divert packets to other...