Last month, I decided to apply a network policy in order to point the web traffic on differents links based on the domain url.After compiling the last version of Squid (3.2.5), I made my dstdomain ACLs and tested some sites. Great ! it works… until I check https browsing.
It seems there is missing code in tunnel.cc to handle the tcp_outgoing_mark directive in tunneling context. I opened the bug 3723 on bugs.squid-cache.org, but after a while, I took some time to manage this myself.
You will find a patch below which corrects this issue:
root@host:/usr/src/squid/squid-3.2.5/src# patch < tunnel.cc_3.2.5.patch
[wpdm_file id=11 title=”true” ]