You are not logged in.
I have these env variables:
no_proxy=0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,localhost,myco.net
https_proxy=http://10.51.40.128:3128
http_proxy=http://10.51.40.128:3128
Then I can run
curl -L -o amm https://github.com/com-lihaoyi/Ammonite/releases/download/2.5.4/3.1-2.5.4
Now I'd like to not set those proxy env vars (as some applications don't seem to read them, e.g. scala-cli). So, I run this
# iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j DNAT --to 10.51.40.128:3128
Then I can access http links, e.g.
curl -v -X GET http://pie.dev/get
But https links still don't work. Does anybody know how to make https work? I don't mind making my system less secure, e.g. running something like
openssl s_client -proxy 10.51.40.129:3128 -connect github.com:443 -showcerts
and then installing some corporate-generated certificates, as long as I don't have to use those proxy env vars.
Offline
Please don't cross-post, report your thread to be moved to another board (or right now, the one in the NC for deletion)
I assume 3128 means this is a squid proxy, do you control it?
Seen https://wiki.archlinux.org/title/Squid# … _web_proxy & https://wiki.archlinux.org/title/Squid#SSL_Bumping ?
https://www.tectut.com/2015/08/configur … ent-proxy/ seems to have a walk-through (don't rely on that exclusively, I've also not read it)
Offline
don't cross-post
I just posted a reply to my post in the NC asking for that post to be deleted as I don't see any option to move it to here or to delete it.
3128 means this is a squid proxy, do you control it?
No, I don't control it. But if I really need a proxy that I have the control on, I can create one and my new squid will use the existing squid as a parent proxy.
Offline
I just posted a reply to my post in the NC asking for that post to be deleted as I don't see any option to move it to here or to delete it.
Next time please use the Report link to ask Staff to move your topic.
How to post. A sincere effort to use modest and proper language and grammar is a sign of respect toward the community.
Offline
You're gonna need some help from the proxy to make a transparent https proxy happen, what does nmap say about open ports?
Can you inquire its configuration?
Offline