{"id":71,"date":"2024-04-25T15:49:13","date_gmt":"2024-04-25T06:49:13","guid":{"rendered":"http:\/\/na385cd835352"},"modified":"2025-12-08T19:34:59","modified_gmt":"2025-12-08T10:34:59","slug":"squid%e3%81%aeforwardproxy%e3%81%a7%e3%80%81%e3%82%b3%e3%83%b3%e3%83%86%e3%82%ad%e3%82%b9%e3%83%88%e3%83%91%e3%82%b9%e3%81%aewhitelist%e3%82%a2%e3%82%af%e3%82%bb%e3%82%b9%e5%88%b6%e9%99%90%e3%82%92e","status":"publish","type":"post","link":"https:\/\/ranamicus.com\/?p=71","title":{"rendered":"Squid\u306eForward Proxy\u3067\u3001\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306eWhitelist\u30a2\u30af\u30bb\u30b9\u5236\u9650\u3092\u3059\u308b"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"157\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_5b8ee7ba1bc729f35c31692a64c79073-300x157.png\" alt=\"\" class=\"wp-image-74\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_5b8ee7ba1bc729f35c31692a64c79073-300x157.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_5b8ee7ba1bc729f35c31692a64c79073-1024x536.png 1024w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_5b8ee7ba1bc729f35c31692a64c79073-768x402.png 768w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_5b8ee7ba1bc729f35c31692a64c79073-1536x804.png 1536w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_5b8ee7ba1bc729f35c31692a64c79073.png 1792w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/figure>\n\n\n\n<p id=\"25d957e8-9941-4f01-9d62-7a21f0dbcd53\">\u6700\u8fd1\u306e\u30c8\u30ec\u30f3\u30c9\u306fSASE\u3067\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u78ba\u4fdd\u3067\u3059\u304c\u3001\u65e2\u5b58\u306eEnterprise\u30b7\u30b9\u30c6\u30e0\u306a\u3069\u3067\u306f\u3001\u307e\u3060\u307e\u3060\u9589\u9396\u7db2\u306e\u30b7\u30b9\u30c6\u30e0\u3082\u591a\u3044\u3067\u3059\u3002<br>\u4e45\u3057\u3076\u308a\u306bSquid\u3067Forward Proxy\u30b5\u30fc\u30d0\u3092\u69cb\u7bc9\u3057\u3001\u30c9\u30e1\u30a4\u30f3\u3060\u3051\u3067\u306a\u304f\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u3067\u3082\u30a2\u30af\u30bb\u30b9\u5148URL\u3092Whitelist\u3067\u5236\u9650\u3057\u305f\u3044\u3001\u3068\u3044\u3046\u6848\u4ef6\u3092\u6271\u3044\u307e\u3057\u305f\u3002<br>\u300chttps\u901a\u4fe1\u3067\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306eWhitelist\u5236\u9650\u300d\u3068\u3044\u3046\u7d44\u307f\u5408\u308f\u305b\u306f\u3001Web\u4e0a\u3067\u3001\u65ad\u7247\u7684\u306a\u60c5\u5831\u3057\u304b\u898b\u3064\u3051\u3089\u308c\u305f\u306a\u304b\u3063\u305f\u306e\u3067\u3001\u3053\u3053\u3067\u307e\u3068\u3081\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<div class=\"wp-block-vk-blocks-alert alert alert-info\"><p>\u306a\u304a\u3001\u3053\u306e\u8a18\u4e8b\u306b\u95a2\u3059\u308b<a href=\"#disclaimer\" data-type=\"internal\" data-id=\"#disclaimer\">\u514d\u8cac\u4e8b\u9805<\/a>\u306f\u3001\u672b\u5c3e\u306b\u63b2\u8f09\u3055\u308c\u3066\u3044\u308b\u30ea\u30f3\u30af\u5148\u306b\u8a18\u8f09\u3055\u308c\u3066\u3044\u307e\u3059\u306e\u3067\u3001\u3054\u78ba\u8a8d\u304f\u3060\u3055\u3044\u3002<\/p><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/ranamicus.com\/?p=71\/#%E3%81%BE%E3%81%A8%E3%82%81\" title=\"\u307e\u3068\u3081\">\u307e\u3068\u3081<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/ranamicus.com\/?p=71\/#%E7%92%B0%E5%A2%83%E6%A7%8B%E6%88%90\" title=\"\u74b0\u5883\u69cb\u6210\">\u74b0\u5883\u69cb\u6210<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/ranamicus.com\/?p=71\/#SSL%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%82%BB%E3%83%97%E3%83%88%E3%81%AE%E8%A8%AD%E5%AE%9A\" title=\"SSL\u30a4\u30f3\u30bf\u30fc\u30bb\u30d7\u30c8\u306e\u8a2d\u5b9a\">SSL\u30a4\u30f3\u30bf\u30fc\u30bb\u30d7\u30c8\u306e\u8a2d\u5b9a<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/ranamicus.com\/?p=71\/#squidconf%E3%81%AE%E8%A8%AD%E5%AE%9A\" title=\"squid.conf\u306e\u8a2d\u5b9a\">squid.conf\u306e\u8a2d\u5b9a<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/ranamicus.com\/?p=71\/#%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E4%BD%9C%E6%88%90\" title=\"\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u4f5c\u6210\">\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u4f5c\u6210<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/ranamicus.com\/?p=71\/#%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E3%82%A4%E3%83%B3%E3%83%9D%E3%83%BC%E3%83%88\" title=\"\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u30a4\u30f3\u30dd\u30fc\u30c8\">\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u30a4\u30f3\u30dd\u30fc\u30c8<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/ranamicus.com\/?p=71\/#CONNECT%E3%83%A1%E3%82%BD%E3%83%83%E3%83%89%E3%81%AE%E8%A8%B1%E5%8F%AF%E3%81%A8%E3%82%B3%E3%83%B3%E3%83%86%E3%82%AD%E3%82%B9%E3%83%88%E3%83%91%E3%82%B9%E3%81%AE%E8%A8%B1%E5%8F%AF\" title=\"CONNECT\u30e1\u30bd\u30c3\u30c9\u306e\u8a31\u53ef\u3068\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306e\u8a31\u53ef\">CONNECT\u30e1\u30bd\u30c3\u30c9\u306e\u8a31\u53ef\u3068\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306e\u8a31\u53ef<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/ranamicus.com\/?p=71\/#%E3%81%8A%E3%81%BE%E3%81%91\" title=\"\u304a\u307e\u3051\">\u304a\u307e\u3051<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/ranamicus.com\/?p=71\/#squidconf%E5%85%A8%E6%96%87\" title=\"squid.conf\u5168\u6587\">squid.conf\u5168\u6587<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\" id=\"8e92dca4-ef59-4419-b390-97deb8ac84a1\"><span class=\"ez-toc-section\" id=\"%E3%81%BE%E3%81%A8%E3%82%81\"><\/span>\u307e\u3068\u3081<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"1f5422e5-9a41-4be4-ac47-cdbe5a450035\">\u7d50\u8ad6\u304b\u3089\u8a00\u3046\u3068\u3001\u300chttps\u901a\u4fe1\u3067\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306eWhitelist\u5236\u9650\u300d\u3092\u5b9f\u73fe\u3059\u308b\u306b\u306f\u3001\u4ee5\u4e0b\u306e\u5bfe\u5fdc\u304c\u5fc5\u8981\u3067\u3059\u3002<\/p>\n\n\n\n<ol id=\"4fdb9b4a-7ce3-4a8c-bb4c-dffafc6e06a9\" class=\"wp-block-list\">\n<li><p id=\"e6f9fc47-07c4-4650-8cbe-6f36cb34548b\">SSL\u30a4\u30f3\u30bf\u30fc\u30bb\u30d7\u30c8\u306e\u8a2d\u5b9a\uff08\u30b5\u30fc\u30d0\u5074\uff09<\/p><\/li>\n\n\n\n<li><p id=\"7f5b15d5-af3b-43c5-964a-dc3f882adb31\">\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u30a4\u30f3\u30dd\u30fc\u30c8\uff08\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\uff09<\/p><\/li>\n\n\n\n<li><p id=\"84dcb201-e86b-4694-b488-c28018cd435f\">CONNECT\u30e1\u30bd\u30c3\u30c9\u306e\u8a31\u53ef\u3068\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306e\u8a31\u53ef\uff08\u30b5\u30fc\u30d0\u5074\uff09<\/p><\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"72501ed7-e06d-4312-aa06-81b07ab5033f\"><span class=\"ez-toc-section\" id=\"%E7%92%B0%E5%A2%83%E6%A7%8B%E6%88%90\"><\/span>\u74b0\u5883\u69cb\u6210<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul id=\"c3878273-2888-4770-8ccf-d85533dcaf7b\" class=\"wp-block-list\">\n<li><p id=\"989670ac-5806-4f30-959e-5d744da80073\">Redhat Enterprise Linux 8.6<\/p><\/li>\n\n\n\n<li><p id=\"281006a3-f1e8-42a7-8257-eed7f5663caa\">Squid 4.15<\/p><\/li>\n<\/ul>\n\n\n\n<div style=\"height:45px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"fde8d53a-09ac-4b8e-a668-caaa0353c9d9\"><span class=\"ez-toc-section\" id=\"SSL%E3%82%A4%E3%83%B3%E3%82%BF%E3%83%BC%E3%82%BB%E3%83%97%E3%83%88%E3%81%AE%E8%A8%AD%E5%AE%9A\"><\/span>SSL\u30a4\u30f3\u30bf\u30fc\u30bb\u30d7\u30c8\u306e\u8a2d\u5b9a<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"637a8b99-5dd9-4f4d-ba9e-605eaf61004a\">Squid\u306b\u306f\u3001dstdomain\u3084url_regex\u3001urlpath_regex\u306a\u3069\u3067\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u6761\u4ef6\u3092\u6307\u5b9a\u3067\u304d\u307e\u3059\u304c\u3001\u5192\u982d\u306e\u300chttps\u901a\u4fe1\u3067\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306eWhitelist\u5236\u9650\u300d\u3068\u3044\u3046\u8981\u4ef6\u306b\u5bfe\u3057\u3066\u306f\u3001\u52d5\u4f5c\u3057\u307e\u305b\u3093\u3002<br>https\u901a\u4fe1\u3067\u306f\u3001\u901a\u4fe1\u5185\u5bb9\u304c\u6697\u53f7\u5316\u3055\u308c\u3066\u304a\u308a\u3001\u901a\u4fe1\u5143\u306eIP\u30a2\u30c9\u30ec\u30b9\u3001\u901a\u4fe1\u5148\u306e\u30c9\u30e1\u30a4\u30f3\u306f\u6697\u53f7\u5316\u3055\u308c\u3066\u3044\u306a\u3044\u30d8\u30c3\u30c0\u306b\u542b\u307e\u308c\u3066\u3044\u308b\u306e\u3067\u3001\u3053\u306e\u60c5\u5831\u3092\u4f7f\u3063\u305f\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u306f\u53ef\u80fd\u3067\u3059\u3002\u3057\u304b\u3057\u3001\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u3084\u30ea\u30af\u30a8\u30b9\u30c8\u30d1\u30e9\u30e1\u30fc\u30bf\u306a\u3069\u306e\u60c5\u5831\u306f\u6697\u53f7\u5316\u3055\u308c\u3066\u304a\u308a\u3001\u901a\u4fe1\u3092\u4e2d\u7d99\u3059\u308bProxy\u30b5\u30fc\u30d0\u3067\u306f\u6697\u53f7\u5316\u3055\u308c\u305f\u4e2d\u8eab\u3092\u898b\u308b\u3053\u3068\u304c\u3067\u304d\u306a\u3044\u305f\u3081\u3067\u3059\u3002<\/p>\n\n\n\n<p id=\"a1a8ddac-70e8-4c3b-be2e-5b1fb27e6022\">\u3058\u3083\u3042\u3069\u3046\u3059\u308b\u306e\u304b\u3068\u3044\u3046\u3068\u3001\u300cProxy\u30b5\u30fc\u30d0\u3067\u3001\u4e00\u5ea6\u3001\u6697\u53f7\u901a\u4fe1\u3092\u8907\u5408\u5316\u3057\u3066\u3001\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3057\u305f\u5f8c\u3001\u8a31\u53ef\u3057\u305f\u901a\u4fe1\u3060\u3051\u3001\u518d\u5ea6\u6697\u53f7\u5316\u3057\u3066\u5b9b\u5148\u306b\u9001\u4fe1\u3059\u308b\u300d\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<br>\u306a\u304a\u3001\u304a\u6c17\u3065\u304d\u306e\u901a\u308a\u3001\u3053\u308c\u306f\u901a\u4fe1\u76d7\u8074\u3063\u307d\u3044\u8a71\u306a\u306e\u3067\u3001\u9589\u9396\u7db2\u306e\u4e2d\u3067\u3084\u3063\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"735e2636-8115-4aa4-9c5d-41b19ba55453\"><span class=\"ez-toc-section\" id=\"squidconf%E3%81%AE%E8%A8%AD%E5%AE%9A\"><\/span>squid.conf\u306e\u8a2d\u5b9a<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p id=\"659e02ab-85f3-4ed2-943d-9e8409bb4e3b\">\u307e\u305a\u306f\u3001Squid\u306esquid.conf\u3067\u4ee5\u4e0b\u306e\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>### squid.conf\n\n# 1. SSL Intercept\nacl intermediate_fetching transaction_initiator certificate-fetching\nhttp_access allow intermediate_fetching\n\n\n# \u3053\u3053\u306b\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u6761\u4ef6\u7b49\u306e\u8a2d\u5b9a\u3092\u5f8c\u3067\u8a18\u8f09\n# \u66ab\u5b9a\u7684\u306b\u5168\u901a\u4fe1\u8a31\u53ef\nhttp_access allow all\n# \u3053\u3053\u306b\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u6761\u4ef6\u7b49\u306e\u8a2d\u5b9a\u3092\u5f8c\u3067\u8a18\u8f09\n\n\n# 2. Squid listens to port\nhttp_port 8888 tcpkeepalive=60,30,3 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB tls-cert=\/etc\/squid\/bump.crt tls-key=\/etc\/squid\/bump.key cipher=HIGH:MEDIUM:!LOW:!RC4:!SEED:!IDEA:!MD5:!EXP:!PSK:!DSS options=NO_TLSv1,NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE tls-dh=prime256v1:\/etc\/squid\/bump_dhparam.pem\n\n# 3. access log format\nlogformat jcombined &quot;%{%Y\/%m\/%d %H:%M:%S}tl.%03tu&quot; %&gt;a %&gt;st %&lt;a %&lt;st %&gt;rP %mt &quot;%rm %&gt;ru HTTP\/%rv&quot; %&gt;Hs &quot;%{Referer}&gt;h&quot; &quot;%Ss:%Sh&quot;\naccess_log daemon:\/var\/log\/squid\/access.log jcombined\n\n# 4. SSL Intercept\nsslcrtd_program \/usr\/lib64\/squid\/security_file_certgen -s \/var\/lib\/squid\/ssl_db -M 20MB\nsslproxy_cert_error allow all\nalways_direct allow all\nssl_bump stare all<\/code><\/pre><\/div>\n\n\n\n<figure class=\"wp-block-table is-style-regular\"><table><tbody><tr><td><span class=\"text-nowrap\">1. SSL Intercept<\/span><\/td><td>acl intermediate_fetching transaction_initiator certificate-fetching<br>http_access allow intermediate_fetching<\/td><td>\"\u4e2d\u9593TLS\u8a3c\u660e\u66f8\u3092Fetch\u3059\u308b\u30c8\u30e9\u30f3\u30b6\u30af\u30b7\u30e7\u30f3\"\u3068\u3044\u3046\u6761\u4ef6\u306b\"intermediate_fetching\"\u3068\u3044\u3046\u540d\u524d\u3092\u4ed8\u3051\u308b<br>\"intermediate_fetching\"\u306e\u30a2\u30af\u30bb\u30b9\u3092\u8a31\u53ef(\u3064\u307e\u308a\u8a3c\u660e\u66f8\u306e\u4e2d\u9593Intercept\u3092\u8a31\u53ef\u3059\u308b)<\/td><\/tr><tr><td><span class=\"text-nowrap\">2. Squid listens to port<\/span><\/td><td>http_port 8888 tcpkeepalive=60,30,3 ssl\u2212bump \u2026<\/td><td>Proxy\u304cListen\u3059\u308b\u30dd\u30fc\u30c8\u30928888\u3067\u6307\u5b9a\u3001\u304b\u3064\u3001\u901a\u4fe1\u306e\u6697\u53f7\u5316\u3092Decrypt\u3057\u3066Fetch\u3057\u3001Proxy\u306e\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u3067\u518dEncrypt<\/td><\/tr><tr><td><span class=\"text-nowrap\">3. access log format<\/span><\/td><td>logformat jcombined \u2026<br>access_log daemon \u2026<\/td><td>access.log\u306e\u51fa\u529bformat\u3092\u6307\u5b9a(8\u8981\u7d20\u76ee\u306e%rm:RequestMethod\u3068\u30019\u8981\u7d20\u76ee\u306e%&gt;ru:fullRequestURL\u304c\u30dd\u30a4\u30f3\u30c8)<br>access.log\u306e\u51fa\u529b\u30d1\u30b9\u3068\u4e0a\u8a18format\u3067\u306e\u51fa\u529b\u3092\u6307\u5b9a<\/td><\/tr><tr><td><span class=\"text-nowrap\">4. SSL Intercept<\/span><\/td><td>sslcrtd_program \u2026<br>sslproxy_cert_error allow all<br>ssl_bump stare all<\/td><td>Proxy\u306e\u52d5\u7684\u8a3c\u660e\u66f8\u3092\u751f\u6210\u3059\u308bProgram\u3068\u3057\u3066\u4ed8\u5c5e\u306esecurity_file_certgen\u3092\u4f7f\u7528\u3057\u3001\u8a3c\u660e\u66f8\u3092ssl_db\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u30ad\u30e3\u30c3\u30b7\u30e5\u3059\u308b<br>\u5168\u3066\u306e\u8a3c\u660e\u66f8\u691c\u8a3c\u30a8\u30e9\u30fc\u3092\u8a31\u5bb9\u3059\u308b(\u5143\u30b5\u30a4\u30c8\u306e\u8a3c\u660e\u66f8\u3092\u5dee\u3057\u66ff\u3048\u3066\u3044\u308b\u306e\u3067\u3001\u691c\u8a3c\u30a8\u30e9\u30fc\u306b\u306a\u308b\u305f\u3081)<br>\"2. Squid listens to port\"\u3067\u6307\u5b9a\u3057\u305f\"ssl\u2212bump\"\u306e\u52d5\u4f5c\u6307\u5b9a(stare\u306fDecrypt\u3059\u308b)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"94428625-7889-4727-b9fe-ac82dd26fc9f\"><span class=\"ez-toc-section\" id=\"%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E4%BD%9C%E6%88%90\"><\/span>\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u4f5c\u6210<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p id=\"ffe4262a-da9a-4210-897c-c2222a3b4077\">\u3055\u3066\u3001\u3053\u3053\u307e\u3067\u306e\u8a2d\u5b9a\u3067\u3001squid.conf\u306b\u306f\"http_access allow all\"\uff08\u66ab\u5b9a\u7684\u306b\u5168\u901a\u4fe1\u3092\u8a31\u53ef\uff09\u3092\u8a2d\u5b9a\u3057\u3066\u3044\u307e\u3059\u306e\u3067\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u304b\u3089\u5916\u90e8Internet\u306b\u5bfe\u3057\u3066\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u306e\u3067\u3059\u304c\u3001Web\u30d6\u30e9\u30a6\u30b6\u3067\u300c\u8a3c\u660e\u66f8\u306e\u60c5\u5831\u304c\u5408\u308f\u306a\u3044\u3088\u300d\u3068\u3044\u3046\u8b66\u544a\u304c\u51fa\u307e\u3059\uff08\u306a\u3093\u3060\u3063\u305f\u3089\u6700\u8fd1\u306eWeb\u30d6\u30e9\u30a6\u30b6\u3067\u306f\u3001\u8b66\u544a\u306e\u5148\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u306a\u3063\u3066\u3044\u305f\u308a\u3082\u3057\u307e\u3059\uff09\u3002\u9014\u4e2d\u306ePROXY\u30b5\u30fc\u30d0\u3067SSL\u30a4\u30f3\u30bf\u30fc\u30bb\u30d7\u30c8\u306a\u3093\u3066\u901a\u4fe1\u76d7\u8074\u3063\u307d\u3044\u3053\u3068\u3092\u3084\u3063\u3066\u3044\u308b\u306e\u3067\u5f53\u7136\u3067\u3059\u3002<br>\u3057\u304b\u3057\u3001\u300c\u3053\u306eSSL\u30a4\u30f3\u30bf\u30fc\u30bb\u30d7\u30c8\u306f\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u3082\u5408\u610f\u306e\u5143\u3067\u3084\u3063\u3066\u308b\u3093\u3067\u3059\u3088\u300d\u3068\u3044\u3046\u8a2d\u5b9a\u3092\u3057\u3066\u3084\u308b\u3053\u3068\u3067\u3001Web\u30d6\u30e9\u30a6\u30b6\u3067\u8b66\u544a\u306a\u304f\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<br>\u307e\u305a\u3001\u3053\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u3067PROXY\u30b5\u30fc\u30d0\u306e\u8a3c\u660e\u66f8\uff08\u81ea\u5df1\u7f72\u540d\u8a3c\u660e\u66f8\uff09\u3092\u767a\u884c\u3057\u3001\u305d\u306e\u8a3c\u660e\u66f8\u3092\u6b21\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u306b\u30a4\u30f3\u30dd\u30fc\u30c8\u3057\u3066\u3084\u308c\u3070\u3088\u3044\u3067\u3059\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">SELinux\u304cOFF\u3067\u3042\u308b\u3053\u3068\u3092\u78ba\u8a8d<\/h4>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>[root@servers ~]$ getenforce\nDisabled<\/code><\/pre><\/div>\n\n\n\n<h4 class=\"wp-block-heading\">\u8a3c\u660e\u66f8\u3068\u9375\u30d5\u30a1\u30a4\u30eb\u306e\u4f5c\u6210<\/h4>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>[root@server ~]$ cd \/etc\/squid\n[root@server squid]$ openssl genrsa -out bump.key 4096\n.................++++\n...............................................++++\ne is 65537 (0x010001)\n[root@server squid]$\n[root@server squid]$ openssl req -new -key bump.key -out bump.csr\nYou are about to be asked to enter information that will be incorporated\ninto your certificate request.\nWhat you are about to enter is what is called a Distinguished Name or a DN.\nThere are quite a few fields but you can leave some blank\nFor some fields there will be a default value,\nIf you enter &#39;.&#39;, the field will be left blank.\n-----\nCountry Name (2 letter code) [XX]:JP\nState or Province Name (full name) []:\nLocality Name (eg, city) [Default City]:\nOrganization Name (eg, company) [Default Company Ltd]:RANAMICUS\nOrganizational Unit Name (eg, section) []:\nCommon Name (eg, your name or your server&#39;&#39;s hostname) []:SQUID\nEmail Address []:\n\nPlease enter the following &#39;extra&#39; attributes\nto be sent with your certificate request\nA challenge password []:\nAn optional company name []:\n[root@server squid]$\n[root@server squid]$ openssl x509 -req -days 365 -in bump.csr -signkey bump.key -out bump.crt\nSignature ok\nsubject=C = JP, L = Default City, O = RANAMICUS, CN = SQUID\nGetting Private key\n[root@server squid]$ \n[root@server squid]$ chown squid:squid \/etc\/squid\/bump.*\n[root@server squid]$ chmod 400 \/etc\/squid\/bump.*\n[root@server squid]$ openssl dhparam -outform PEM -out \/etc\/squid\/bump_dhparam.pem 2048\nGenerating DH parameters, 2048 bit long safe prime, generator 2\nThis is going to take a long time\n..................\n[root@server squid]$ <\/code><\/pre><\/div>\n\n\n\n<p>\u3053\u308c\u3067\u3001\"\/etc\/squid\"\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4e0b\u306b\u3001\"bump.crt\"\u3001\"bump.csr\"\u3001\"bump.key\"\u3001\"bump_dhparam.pem\"\u306e4\u3064\u306e\u30d5\u30a1\u30a4\u30eb\u304c\u4f5c\u6210\u3055\u308c\u307e\u3059\u3002<br>\u3053\u306e\u5185\u3001\"bump.crt\"\u306f\u6b21\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u306b\u30a4\u30f3\u30dd\u30fc\u30c8\u3059\u308b\u8a3c\u660e\u66f8\u30d5\u30a1\u30a4\u30eb\u306a\u306e\u3067\u3001\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u306b\u3082\u914d\u7f6e\u3057\u3066\u304a\u304d\u307e\u3057\u3087\u3046\u3002<br>\u306a\u304a\u3001\u3053\u3053\u3067\u4f5c\u6210\u3057\u305f\u8a3c\u660e\u66f8\u306f\u6709\u52b9\u671f\u9593365\u65e5\u3067\u3059\u3002\u5909\u3048\u305f\u3044\u5834\u5408\u306f\u3001\"openssl x509 -req -days\"\u306e\u3068\u3053\u308d\u306e\u5024\u3092365\u304b\u3089\u5909\u66f4\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">\u8a3c\u660e\u66f8\u30ad\u30e3\u30c3\u30b7\u30e5DB\u306e\u4f5c\u6210<\/h4>\n\n\n\n<p>\u4e0a\u8a18\u3067\u4f5c\u6210\u3057\u305f\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u3092\u30eb\u30fc\u30c8\u8a3c\u660e\u3068\u3057\u3066\u3001\u4e00\u7dd2\u306b\u4f5c\u6210\u3055\u308c\u305f\u9375\u30d5\u30a1\u30a4\u30eb\u3092\u4f7f\u3063\u3066\u3001\u524d\u30bb\u30af\u30b7\u30e7\u30f3\u300csquid.conf\u306e\u8a2d\u5b9a\u300d\u306e\"2. Squid listens to port\"\u306e\u3068\u3053\u308d\u306e\u8a2d\u5b9a\u3067\u3001\u30a2\u30af\u30bb\u30b9\u5148\u30b5\u30a4\u30c8\u3054\u3068\u306e\u52d5\u7684\u306a\u8a3c\u660e\u66f8\u3092\u4f5c\u6210\u3057\u3001\u518d\u6697\u53f7\u5316\u3092\u3057\u3066\u3044\u307e\u3059\u3002<br>\u305d\u3057\u3066\u3001\"4. SSL Intercept\"\u306e\u3068\u3053\u308d\u306e\u8a2d\u5b9a\u3067\u3001\u52d5\u7684\u306a\u8a3c\u660e\u66f8\u3092\u30ad\u30e3\u30c3\u30b7\u30e5\u3057\u3066\u3044\u308b\u306e\u3067\u3059\u304c\u3001\u305d\u306e\u30ad\u30e3\u30c3\u30b7\u30e5\u5148\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>[root@server squid]$ mkdir -p \/var\/lib\/squid\n[root@server squid]$ \/usr\/lib64\/squid\/security_file_certgen -c -s \/var\/lib\/squid\/ssl_db -M 20MB\nInitialization SSL db...\nDone\n[root@server squid]$ chown -R squid:squid \/var\/lib\/squid<\/code><\/pre><\/div>\n\n\n\n<p id=\"dfcad2ba-4d60-45c6-a542-61a822f2c258\">squid.conf\u306e\u7de8\u96c6\u3068\u3001\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u4f5c\u6210\u304c\u7d42\u308f\u3063\u305f\u3089\u3001\u6700\u5f8c\u306b\u30b5\u30fc\u30d3\u30b9\u3092\u518d\u8d77\u52d5\u3057\u307e\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>[root@server ~]$ systemctl stop squid\n[root@server ~]$ systemctl start squid<\/code><\/pre><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<div style=\"height:44px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"fed65d51-c07a-4399-8065-31b2d57f5f54\"><span class=\"ez-toc-section\" id=\"%E3%82%B5%E3%83%BC%E3%83%90%E3%83%BC%E8%A8%BC%E6%98%8E%E6%9B%B8%E3%81%AE%E3%82%A4%E3%83%B3%E3%83%9D%E3%83%BC%E3%83%88\"><\/span>\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u30a4\u30f3\u30dd\u30fc\u30c8<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"0875de44-bcf4-410b-81c1-0baec3c0c189\">\u524d\u30bb\u30af\u30b7\u30e7\u30f3\u300c\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u4f5c\u6210\u300d\u3067\u4f5c\u6210\u3057\u305f\"bump.crt\"\u30d5\u30a1\u30a4\u30eb\u3092\u3001\u4fe1\u983c\u3055\u308c\u305f\u8a3c\u660e\u66f8\u3068\u3057\u3066\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u5074\u306b\u30a4\u30f3\u30dd\u30fc\u30c8\u3057\u307e\u3057\u3087\u3046\u3002<br>Windows11\u306e\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3092\u524d\u63d0\u3068\u3057\u307e\u3059\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\" id=\"e3ffdd12-4445-4231-bc98-f8259ed1736a\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"957\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024258138-zuFe0C5u8L-1024x957.png\" alt=\"\" class=\"wp-image-75\" style=\"width:728px;height:auto\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024258138-zuFe0C5u8L-1024x957.png 1024w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024258138-zuFe0C5u8L-300x280.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024258138-zuFe0C5u8L-768x718.png 768w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024258138-zuFe0C5u8L.png 1161w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Windows\u30ad\u30fc\u306e\u691c\u7d22\u6b04\u306b\u3001\"certmgr.msc\"\u3068\u5165\u529b<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\" id=\"b90cb799-2964-4a3d-9695-e1a762fbb9e0\"><img loading=\"lazy\" decoding=\"async\" width=\"936\" height=\"667\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024310389-6Vnzk6nOFl.png\" alt=\"\" class=\"wp-image-76\" style=\"width:734px;height:auto\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024310389-6Vnzk6nOFl.png 936w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024310389-6Vnzk6nOFl-300x214.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024310389-6Vnzk6nOFl-768x547.png 768w\" sizes=\"auto, (max-width: 936px) 100vw, 936px\" \/><figcaption class=\"wp-element-caption\">certmgr\u753b\u9762\u306e\"\u4fe1\u983c\u3055\u308c\u305f\u30eb\u30fc\u30c8\u8a3c\u660e\u6a5f\u95a2\"&gt;\"\u8a3c\u660e\u66f8\"\u3092\u53f3\u30af\u30ea\u30c3\u30af\u3057\u3001\"\u3059\u3079\u3066\u306e\u30bf\u30b9\u30af\"&gt;\"\u30a4\u30f3\u30dd\u30fc\u30c8\"\u3092\u9078\u629e<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\" id=\"398e4b45-8787-410f-bc20-c9f1668fdb8c\"><img loading=\"lazy\" decoding=\"async\" width=\"920\" height=\"904\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024430063-vlRAGYgDpT.png\" alt=\"\" class=\"wp-image-77\" style=\"width:732px;height:auto\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024430063-vlRAGYgDpT.png 920w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024430063-vlRAGYgDpT-300x295.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024430063-vlRAGYgDpT-768x755.png 768w\" sizes=\"auto, (max-width: 920px) 100vw, 920px\" \/><figcaption class=\"wp-element-caption\">\u8a3c\u660e\u66f8\u30a4\u30f3\u30dd\u30fc\u30c8\u30a6\u30a3\u30b6\u30fc\u30c9\u3067\"\u6b21\u3078\"<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\" id=\"645809d0-f9c6-416d-a412-86c10c3d5be0\"><img loading=\"lazy\" decoding=\"async\" width=\"917\" height=\"896\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024469518-rv5M3qE023.png\" alt=\"\" class=\"wp-image-78\" style=\"width:722px;height:auto\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024469518-rv5M3qE023.png 917w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024469518-rv5M3qE023-300x293.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024469518-rv5M3qE023-768x750.png 768w\" sizes=\"auto, (max-width: 917px) 100vw, 917px\" \/><figcaption class=\"wp-element-caption\">\u30d5\u30a1\u30a4\u30eb\u540d\u306b\u8a3c\u660e\u66f8\u30d5\u30a1\u30a4\u30eb\uff08bump.crt\uff09\u306e\u30d1\u30b9\u3092\u5165\u529b<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\" id=\"7fc71eba-8ad5-4900-bf13-2c18458857d6\"><img loading=\"lazy\" decoding=\"async\" width=\"614\" height=\"522\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024773083-BugzE3FKCN.png\" alt=\"\" class=\"wp-image-79\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024773083-BugzE3FKCN.png 614w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024773083-BugzE3FKCN-300x255.png 300w\" sizes=\"auto, (max-width: 614px) 100vw, 614px\" \/><figcaption class=\"wp-element-caption\">\u78ba\u8a8d\u753b\u9762\u3067\"\u5b8c\u4e86\"\u3092\u9078\u629e<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\" id=\"93360b5b-7b01-4fad-9e06-9cf0d1001524\"><img loading=\"lazy\" decoding=\"async\" width=\"917\" height=\"907\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024889747-38M6MwKxMu.png\" alt=\"\" class=\"wp-image-81\" style=\"width:697px;height:auto\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024889747-38M6MwKxMu.png 917w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024889747-38M6MwKxMu-300x297.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024889747-38M6MwKxMu-768x760.png 768w\" sizes=\"auto, (max-width: 917px) 100vw, 917px\" \/><figcaption class=\"wp-element-caption\">\u300c\u81ea\u5df1\u8a3c\u660e\u66f8\u3060\u3051\u3069\u5927\u4e08\u592b\u3067\u3059\u304b\uff1f\u300d\u3068\u8b66\u544a\u304c\u51fa\u307e\u3059\u304c\u300c\u306f\u3044\u300d\u3092\u9078\u629e<\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\" id=\"f54f84a0-e5db-457e-bb9a-4b9684256f0a\"><img loading=\"lazy\" decoding=\"async\" width=\"930\" height=\"660\" src=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024808945-DiyaiBV1UO.png\" alt=\"\" class=\"wp-image-80\" style=\"width:710px;height:auto\" srcset=\"https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024808945-DiyaiBV1UO.png 930w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024808945-DiyaiBV1UO-300x213.png 300w, https:\/\/ranamicus.com\/wp\/wp-content\/uploads\/2024\/05\/na385cd835352_1714024808945-DiyaiBV1UO-768x545.png 768w\" sizes=\"auto, (max-width: 930px) 100vw, 930px\" \/><figcaption class=\"wp-element-caption\">certmgr\u753b\u9762\u306e\u8a3c\u660e\u66f8\u306e\u4e00\u89a7\u306b\u3001\"SQUID\"\u306e\u8a3c\u660e\u66f8\u304c\u8ffd\u52a0\u3055\u308c\u307e\u3059<\/figcaption><\/figure>\n\n\n\n<div style=\"height:41px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"53ebdff5-fbd8-431a-b1c7-ed3500523c42\"><span class=\"ez-toc-section\" id=\"CONNECT%E3%83%A1%E3%82%BD%E3%83%83%E3%83%89%E3%81%AE%E8%A8%B1%E5%8F%AF%E3%81%A8%E3%82%B3%E3%83%B3%E3%83%86%E3%82%AD%E3%82%B9%E3%83%88%E3%83%91%E3%82%B9%E3%81%AE%E8%A8%B1%E5%8F%AF\"><\/span>CONNECT\u30e1\u30bd\u30c3\u30c9\u306e\u8a31\u53ef\u3068\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306e\u8a31\u53ef<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"f602cbab-155c-4b25-a5f6-a8fd1e8f6eb7\">\u3053\u3053\u307e\u3067\u306e\u8a2d\u5b9a\u3092\u884c\u3046\u3068\u3001Squid\u306e\u30a2\u30af\u30bb\u30b9\u30ed\u30b0\uff08squid.conf\u306e\"3. access log format\"\u3067\u8a2d\u5b9a\u3057\u305f\/var\/log\/access.log\uff09\u306b\u306f\u3001CONNECT\u4ee5\u5916\u306bGET\u3084PUT\u306e\u901a\u4fe1\u30ed\u30b0\u3082\u51fa\u529b\u3055\u308c\u3066\u3044\u308b\u3068\u601d\u3044\u307e\u3059\u3002<br>\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u3067\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u3092\u3059\u308b\u306b\u306f\u3001\u30ed\u30b0\u306b\u51fa\u529b\u3055\u308c\u3066\u3044\u308b\u30ea\u30af\u30a8\u30b9\u30c8URL\u306e\u30d1\u30b9\u3067\u30d5\u30a3\u30eb\u30bf\u6761\u4ef6\u3092\u8a2d\u5b9a\u3057\u3066\u3044\u304f\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<br>\u305f\u3060\u3057\u3001https\u901a\u4fe1\u306e\u4ed5\u69d8\u3092\u8003\u616e\u3057\u305f\u8a2d\u5b9a\u304c\u5fc5\u8981\u306b\u306a\u308a\u307e\u3059\u306e\u3067\u3001access.log\u3092\u898b\u3066\u307f\u307e\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-plain\"><code>&quot;2024\/04\/01 10:35:37.771&quot; xx.xx.xx.1 258 yy.yy.yy.222 0 443 - &quot;CONNECT sub1.sample_site.com:443 HTTP\/1.1&quot; 200 &quot;-&quot; &quot;NONE:HIER_DIRECT&quot;\n&quot;2024\/04\/01 10:35:37.944&quot; xx.xx.xx.1 722 yy.yy.yy.222 1359 443 text\/html &quot;GET https:\/\/sub1.sample_site.com\/functionA\/home HTTP\/1.1&quot; 200 &quot;-&quot; &quot;TCP_MISS:HIER_DIRECT&quot;<\/code><\/pre><\/div>\n\n\n\n<p id=\"3c951f5a-34fa-4d5d-b930-4fc6b21c9af4\">\u30ed\u30b0\u3092\u898b\u308b\u3068\u308f\u304b\u308a\u307e\u3059\u304c\u3001https\u306e\u901a\u4fe1\u306f\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306b2\u6bb5\u968e\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<ol id=\"b0bd3fd7-311b-45dd-bb91-b3c035ceb63b\" class=\"wp-block-list\">\n<li><p id=\"6ef7ef98-02d6-4f5e-8eb9-63594c044cc0\">\u307e\u305a\u3001\u5b9b\u5148\u30c9\u30e1\u30a4\u30f3\u306b\u5bfe\u3057\u3066CONNECT<\/p><\/li>\n\n\n\n<li><p id=\"c46f9911-729f-4c83-99f8-38186bb8732c\">\u6b21\u306b\u3001\u30ea\u30af\u30a8\u30b9\u30c8URL\u306b\u5bfe\u3057\u3066GET\u3084PUT<\/p><\/li>\n<\/ol>\n\n\n\n<p id=\"503d9465-394b-4c63-accb-7c07353e8b50\">\u4e0a\u8a181\u306eCONNECT\u306f\u3001\u30c9\u30e1\u30a4\u30f3\u306b\u5bfe\u3057\u3066\u884c\u308f\u308c\u308b\u306e\u3067\u3001\u30d1\u30b9\u306f\u3042\u308a\u307e\u305b\u3093\uff08access.log\u3067\u3082\u3001\u30ea\u30af\u30a8\u30b9\u30c8URL\u306e\u90e8\u5206\u304c\u30c9\u30e1\u30a4\u30f3\u306e\u307f\u306e\u8868\u793a\u306b\u306a\u3063\u3066\u3044\u307e\u3059\uff09\u3002<br>\u3088\u3063\u3066\u3001\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u306eWhitelist\u3060\u3051\u3092\u8a31\u53ef\u3057\u3066\u3044\u308b\u3068\u3001<br>\uff08\u30d1\u30b9\u304c \/AAA or \/BBB \u3092\u542b\u3093\u3067\u3044\u305f\u3089\uff09vs \uff08\u30d1\u30b9\u306a\u3057\uff09<br>\u3068\u3044\u3046\u3088\u3046\u306a\u6bd4\u8f03\u306b\u306a\u308a\u3001\u6761\u4ef6\u306b\u5408\u308f\u306a\u3044\u305f\u3081\u3001\u6700\u521d\u306eCONNECT\u304c\u62d2\u5426\u3055\u308c\u307e\u3059\u3002\u305d\u3057\u3066\u3001\u7d9a\u304fGET\u3084PUT\u306e\u64cd\u4f5c\u3082\u884c\u308f\u308c\u307e\u305b\u3093\u3002<br>\u3068\u8a00\u3046\u3053\u3068\u3067\u3001\u6b21\u306e\u3088\u3046\u306b\u30d5\u30a3\u30eb\u30bf\u6761\u4ef6\u3092\u8a2d\u5b9a\u3057\u307e\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code>### squid.conf\n\n## \u6761\u4ef6\u9805\u76ee\n# \u901a\u4fe1\u5143IP CIDR\u6761\u4ef6\nacl source_ip src xx.xx.xx.0\/24\n\n# \u901a\u4fe1\u30dd\u30fc\u30c8\u6761\u4ef6\uff08\u3053\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u306f\u65e2\u5b9a\u3068\u601d\u3063\u3066\u304f\u3060\u3055\u3044\uff09\nacl SSL_ports port 443\nacl Safe_ports port 80          # http\nacl Safe_ports port 443         # https\n\n# http\u30e1\u30bd\u30c3\u30c9\u6761\u4ef6\nacl CONNECT method CONNECT      # CONNECT\u30e1\u30bd\u30c3\u30c9\n\n# \u30c9\u30e1\u30a4\u30f3\u6761\u4ef6\nacl Safe_domains dstdomain .sub1.sample_site.com\n\n# \u30d1\u30b9\u6761\u4ef6\nacl Safe_path_samplesite urlpath_regex -i \/functionA\/\nacl Safe_path_samplesite urlpath_regex -i \/functionB\/\n\n\n## \u8a31\u53ef\u8a2d\u5b9a\n# \u5229\u7528\u30dd\u30fc\u30c8\u306e\u5236\u9650\uff08\u3053\u306e\u30bb\u30af\u30b7\u30e7\u30f3\u306f\u65e2\u5b9a\u3068\u601d\u3063\u3066\u304f\u3060\u3055\u3044\uff09\nhttp_access deny !Safe_ports           # Safe_ports(443 or 80)\u4ee5\u5916\u306e\u901a\u4fe1\u3092\u62d2\u5426\nhttp_access deny CONNECT !SSL_ports    # SSL_ports(443)\u4ee5\u5916\u306eCONNECT\u64cd\u4f5c\u3092\u62d2\u5426\n\n# CONNECT\u8a31\u53ef\nhttp_access allow Safe_domains CONNECT source_ip   # [1]\u30c9\u30e1\u30a4\u30f3\u304cSafe_domains AND CONNECT\u30e1\u30bd\u30c3\u30c9 AND \u901a\u4fe1\u5143IP\u304csource_ip\u306b\u542b\u307e\u308c\u308b\n\n# \u30d1\u30b9\u306e\u5236\u9650\nhttp_access allow Safe_domains Safe_path_samplesite source_ip   # [2]\u30c9\u30e1\u30a4\u30f3\u304cSafe_domains AND Safe_path_samplesite\u306e\u3069\u308c\u304b\u304c\u30d1\u30b9\u306b\u542b\u307e\u308c\u308b AND \u901a\u4fe1\u5143IP\u304csource_ip\u306b\u542b\u307e\u308c\u308b\n\n# \u305d\u306e\u4ed6\nhttp_access deny all   # \u4e0a\u8a18\u8a31\u53ef\u8a2d\u5b9a\u306b\u5408\u81f4\u3057\u306a\u304b\u3063\u305f\u3001\u305d\u306e\u4ed6\u3059\u3079\u3066\u306e\u901a\u4fe1\u3092\u62d2\u5426<\/code><\/pre><\/div>\n\n\n\n<p id=\"7823c3c0-ea4c-4b0b-a90e-a95c4b9650cb\">\u4e0a\u8a18squid.conf\u306e[1]\u306e\u3068\u3053\u308d\u3067\u3001\u30a2\u30af\u30bb\u30b9\u5148\u30c9\u30e1\u30a4\u30f3\u3078\u306eCONNECT\u3092\u8a31\u53ef\u3057\u3066\u304a\u308a\u3001\u305d\u306e\u5f8c\u306e[2]\u306e\u3068\u3053\u308d\u3067\u3001Whitelist\u306e\u30b3\u30f3\u30c6\u30ad\u30b9\u30c8\u30d1\u30b9\u3078\u306eGET\u3084PUT\u64cd\u4f5c\u3092\u8a31\u53ef\u3057\u3066\u3044\u307e\u3059\u3002<br>\uff08\u3061\u306a\u307f\u306b\u4e0a\u306econf\u3067\u306f\u3001source_ip\u3068\u3044\u3046\u6761\u4ef6\u3082\u52a0\u3048\u3066\u3001\u901a\u4fe1\u5143IP CIDR\u3082\u5236\u9650\u3057\u3066\u3044\u307e\u3059\uff09<\/p>\n\n\n\n<p id=\"126d42c3-aa14-480a-b52a-bcfc5efd137f\">\u3053\u306e\u8a2d\u5b9a\u3067\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30b5\u30a4\u30c8\u306b\u30a2\u30af\u30bb\u30b9\u3057\u305f\u5834\u5408\u306e\u30a2\u30af\u30bb\u30b9\u53ef\u5426\u3092\u793a\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<div class=\"wp-block-group is-layout-constrained wp-block-group-is-layout-constrained\">\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-28f84493 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p><span class=\"text-nowrap\">sample_site.com<br>\u2523 sub1.sample_site.com<br>\u2503  \u2523 sub1.sample_site.com\/functionA\/home<br>\u2503  \u2523 sub1.sample_site.com\/functionA\/list<br>\u2503  \u2523 sub1.sample_site.com\/functionB\/home<br><\/span><span class=\"text-nowrap\">\u2503  \u2523 sub1.sample_site.com\/functionC\/home<br>\u2503  \u2523 sub1.sample_site.com\/functionC\/functionA\/home<br>\u2517 sub2.sample_site.com<br>\u3000 \u2517 sub2.sample_site.com\/functionA\/home<\/span><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p class=\"has-text-align-center\">NG<br>OK<br>OK<br>OK<br>OK<br>NG<br>OK<br>NG<br>NG<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>\u30fc<br>Safe_domains\u3067\u8a31\u53ef<br>Safe_path_samplesite\u3067\u8a31\u53ef<br>Safe_path_samplesite\u3067\u8a31\u53ef<br>Safe_path_samplesite\u3067\u8a31\u53ef<br>\u30fc<br>Safe_path_samplesite\u3067\u8a31\u53ef<br>\u30fc<br>\u30fc<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<div style=\"height:37px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p id=\"60ba967a-7934-4947-a47d-703a09fd429f\">\u3061\u306a\u307f\u306b\u3001\u30d1\u30b9\u6761\u4ef6\u306eurlpath_regex\u306e\u6307\u5b9a\u306f\u6b63\u898f\u8868\u73fe\u306a\u306e\u3067\u3001\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u30d1\u30bf\u30fc\u30f3\u8868\u73fe\u3082\u53ef\u80fd\u3067\u3059<\/p>\n\n\n\n<ul id=\"0ad1c6a4-cc7f-40ee-97f3-de3cd1bfa75b\" class=\"wp-block-list\">\n<li>\"\/functionA\/\"\u304b\u3089\u59cb\u307e\u308b\u30d1\u30b9\u3060\u3063\u305f\u3089 \u2192&nbsp;<strong>^<\/strong>\/functionA\/<\/li>\n\n\n\n<li><p id=\"71050af5-19a7-429f-8685-31e31f541f36\">\"\/list\"\u3067\u7d42\u308f\u308b\u30d1\u30b9\u3060\u3063\u305f\u3089 \u2192 \/list<strong>$<\/strong><\/p><\/li>\n\n\n\n<li><p id=\"7857781a-5001-4023-8317-397cf65bba2f\">\"\/functionA\/list\"\u306b\u5b8c\u5168\u4e00\u81f4\u3059\u308b\u30d1\u30b9\u3060\u3063\u305f\u3089 \u2192&nbsp;<strong>^<\/strong>\/functionA\/list<strong>$<\/strong><\/p><\/li>\n<\/ul>\n\n\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"323cf25c-b88a-4973-98dc-3e58f00e1acd\"><span class=\"ez-toc-section\" id=\"%E3%81%8A%E3%81%BE%E3%81%91\"><\/span>\u304a\u307e\u3051<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p id=\"51710f1e-fd5f-4b36-8b59-acf5bead6319\">\u500b\u4eba\u60c5\u5831\u3084\u91d1\u878d\u60c5\u5831\u306a\u3069\u306e\u6a5f\u5bc6\u60c5\u5831\u3092\u6271\u3046\u30b7\u30b9\u30c6\u30e0\u3067\u3082\u3001AWS\u306a\u3069\u306ePublic Cloud\u306b\u79fb\u884c\u3059\u308b\u6d41\u308c\u306b\u306a\u3063\u3066\u3044\u307e\u3059\u3002<br>\u305d\u3093\u306a\u6d41\u308c\u306e\u4e2d\u3001\u6a5f\u80fd\u4e0a\u3001\u307e\u305f\u306f\u3001\u904b\u7528\u4e0a\u306e\u90fd\u5408\u3067\u3001Cloud\u306e\u30c9\u30e1\u30a4\u30f3\u3092\u5185\u90e8\u304b\u3089\u901a\u4fe1\u8a31\u53ef\u3057\u3066\u3044\u308b\u3053\u3068\u3082\u3042\u308b\u304b\u3068\u601d\u3044\u307e\u3059\u304c\u3001\u30b7\u30b9\u30c6\u30e0\u69cb\u6210\u3084Cloud\u5074\u306e\u4ed5\u69d8\u306b\u3088\u3063\u3066\u306f\u2026<br>\u826f\u304b\u3089\u306c\u3053\u3068\u3092\u8003\u3048\u308b\u5185\u90e8\u306e\u4eba\u304c\u3001\u30b7\u30b9\u30c6\u30e0\u5185\u3067\u500b\u4eba\u60c5\u5831\u3092\u53ce\u96c6\u3057\u3001\u540c\u3058Public Cloud\u3092\u81ea\u5206\u3067\u5951\u7d04\u3057\u3066\u3001\u81ea\u5206\u306eCloud\u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u30a2\u30af\u30bb\u30b9\u3057\u3066\u3001\u53ce\u96c6\u3057\u305f\u60c5\u5831\u3092\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3001\u306a\u3093\u3066\u3053\u3068\u3082\u3042\u308b\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<br>\u5185\u90e8\u7d71\u5236\u306e\u30d5\u30a3\u30eb\u30bf\u306e1\u3064\u3068\u3057\u3066\u3001\u4eca\u3057\u3070\u3089\u304f\u306f\u4f7f\u3046\u3053\u3068\u3082\u3042\u308b\u3067\u3057\u3087\u3046\u3002<\/p>\n\n\n\n<p id=\"7a014bb0-ac3a-4726-b850-ef375b41e5ac\">\u304a\u307e\u3051\u3067squid.conf\u306e\u5168\u6587\u3082\u63b2\u8f09\u3057\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"6d924d11-46f7-47b5-9124-88b30d6b2cd2\"><span class=\"ez-toc-section\" id=\"squidconf%E5%85%A8%E6%96%87\"><\/span>squid.conf\u5168\u6587<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<div class=\"hcb_wrap\"><pre class=\"prism line-numbers lang-bash\" data-lang=\"Bash\"><code># SSL Intercept\nacl intermediate_fetching transaction_initiator certificate-fetching\nhttp_access allow intermediate_fetching\n\n\n#\n# Recommended minimum configuration:\n#\n\n# Example rule allowing access from your local networks.\n# Adapt to list your (internal) IP networks from where browsing\n# should be allowed\nacl source_ip src xx.xx.xx.0\/24\n\n# port rule\nacl SSL_ports port 443\nacl Safe_ports port 80          # http\nacl Safe_ports port 443         # https\n\n# http method rule\nacl CONNECT method CONNECT\n\n\n#\n# Recommended minimum Access Permission configuration:\n#\n# Deny requests to certain unsafe ports\nhttp_access deny !Safe_ports\n\n# Deny CONNECT to other than secure SSL ports\nhttp_access deny CONNECT !SSL_ports\n\n# Only allow cachemgr access from localhost\n# http_access allow localhost manager\nhttp_access deny manager\n\n# We strongly recommend the following be uncommented to protect innocent\n# web applications running on the proxy server who think the only\n# one who can access services on &quot;localhost&quot; is a local user\n#http_access deny to_localhost\n\n#\n# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS\n#\n\n# URL Filtering rule\nacl Safe_domains dstdomain .sub1.sample_site.com\nacl Safe_path_samplesite urlpath_regex -i \/functionA\/\nacl Safe_path_samplesite urlpath_regex -i \/functionB\/\n\n# Example rule allowing access from your local networks.\n# Adapt localnet in the ACL section to list your (internal) IP networks\n# from where browsing should be allowed\nhttp_access allow Safe_domains CONNECT source_ip\nhttp_access allow Safe_domains Safe_path_samplesite source_ip\n\n# And finally deny all other access to this proxy\nhttp_access deny all\n\n\n# Squid normally listens to port 3128\nhttp_port 8888 tcpkeepalive=60,30,3 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB tls-cert=\/etc\/squid\/bump.crt tls-key=\/etc\/squid\/bump.key cipher=HIGH:MEDIUM:!LOW:!RC4:!SEED:!IDEA:!MD5:!EXP:!PSK:!DSS options=NO_TLSv1,NO_SSLv3,SINGLE_DH_USE,SINGLE_ECDH_USE tls-dh=prime256v1:\/etc\/squid\/bump_dhparam.pem\n\n# Uncomment and adjust the following to add a disk cache directory.\n#cache_dir ufs \/var\/spool\/squid 100 16 256\nacl NOCACHE src all    # Disable Cache\ncache deny NOCACHE     # Disable Cache\n\n# Leave coredumps in the first cache dir\ncoredump_dir \/var\/spool\/squid\n\n#\n# Add any of your own refresh_pattern entries above these.\n#\n# refresh_pattern ^ftp:           1440    20%     10080\n# refresh_pattern -i (\/cgi-bin\/|\\?) 0     0%      0\n# refresh_pattern .               0       20%     4320\n\n\n# Minimizing information returned to clients\nacl errors http_status 400-599\ndeny_info TCP_RESET errors\nhttp_reply_access deny errors\n\nreply_header_access X-Squid-Error deny all\nreply_header_access X-Cache deny all\nreply_header_access X-Cache-Lookup deny all\nreply_header_access Server deny all\nreply_header_access Via deny all\nreply_header_access Vary deny all\nreply_header_access Mime-Version deny all\nreply_header_access Content-Language deny all\n\n\n# access log format\nlogformat jcombined &quot;%{%Y\/%m\/%d %H:%M:%S}tl.%03tu&quot; %&gt;a %&gt;st %&lt;a %&lt;st %&gt;rP %mt &quot;%rm %&gt;ru HTTP\/%rv&quot; %&gt;Hs &quot;%{Referer}&gt;h&quot; &quot;%Ss:%Sh&quot;\naccess_log daemon:\/var\/log\/squid\/access.log jcombined\n\n\n# SSL Intercept\nsslcrtd_program \/usr\/lib64\/squid\/security_file_certgen -s \/var\/lib\/squid\/ssl_db -M 20MB\nsslproxy_cert_error allow all\n# sslproxy_flags DONT_VERIFY_PEER\nalways_direct allow all\nssl_bump stare all<\/code><\/pre><\/div>\n\n\n\n<h4 class=\"wp-block-heading vk_block-margin-md--margin-top\" id=\"disclaimer\"><a href=\"https:\/\/ranamicus.com\/?page_id=109\">\u514d\u8cac\u4e8b\u9805<\/a><\/h4>\n","protected":false},"excerpt":{"rendered":"<p>\u6700\u8fd1\u306e\u30c8\u30ec\u30f3\u30c9\u306fSASE\u3067\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u78ba\u4fdd\u3067\u3059\u304c\u3001\u65e2\u5b58\u306eEnterprise\u30b7\u30b9\u30c6\u30e0\u306a\u3069\u3067\u306f\u3001\u307e\u3060\u307e\u3060\u9589\u9396\u7db2\u306e\u30b7\u30b9\u30c6\u30e0\u3082\u591a\u3044\u3067\u3059\u3002\u4e45\u3057\u3076\u308a\u306bSquid\u3067Forward Proxy\u30b5\u30fc\u30d0\u3092\u69cb\u7bc9\u3057\u3001\u30c9\u30e1\u30a4\u30f3\u3060\u3051\u3067\u306a\u304f\u30b3\u30f3\u30c6 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":74,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"vkexunit_cta_each_option":"","footnotes":""},"categories":[6,7],"tags":[],"class_list":["post-71","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech","category-7"],"_links":{"self":[{"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/posts\/71","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ranamicus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=71"}],"version-history":[{"count":15,"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/posts\/71\/revisions"}],"predecessor-version":[{"id":262,"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/posts\/71\/revisions\/262"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ranamicus.com\/index.php?rest_route=\/wp\/v2\/media\/74"}],"wp:attachment":[{"href":"https:\/\/ranamicus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=71"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ranamicus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=71"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ranamicus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=71"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}