Control Downloaded Traffic

Asked by sam on 2016-08-06

Dear Friends Hi.
    Is there any way to monitor downloaded traffic by ECAP ?

Question information

Language:
English Edit question
Status:
Answered
For:
eCAP Edit question
Assignee:
No assignee Edit question
Last query:
2016-08-15
Last reply:
2018-06-27
Alex Rousskov (rousskov) said : #1

Yes, of course. For example, the free eCAP ClamAV adapter does monitor (and may block) traffic:
http://www.e-cap.org/Downloads

sam (sadegh-sal) said : #2

Is it possible to support HTTPS traffic ?

Alex Rousskov (rousskov) said : #3

Yes, provided the host application decrypts HTTPS into HTTP.

Without decryption it is only possible to control HTTP CONNECT requests, provided the host application sends those to the eCAP service.

Viacheslav Yakushev (kelewind) said : #4

Good afternoon,
those I correctly understand that if
1) For example, a module will be configured on the SQUID
2) To the squid come requests from CONNECT the frontend with termanate SSL
3) the squid itself works without ssl

I can get statistics on incoming / outgoing traffic ?

Alex Rousskov (rousskov) said : #5

If you are plugging in your adapter into a proxy that handles unencrypted/plain traffic, then your adapter will have access to incoming (i.e., received by the proxy) and/or outgoing (i.e., sent by the proxy) HTTP messages. In Squid case, your adapter will have access to incoming requests and incoming responses.

The proxy itself also collects statistics. An adapter is only needed if you want to collect statistics that the proxy does not _and_ it is easier to write/support an adapter than to enhance the proxy.

If you need Squid-specific support, please post your questions to the squid-users mailing list:
http://www.squid-cache.org/Support/mailing-lists.html#squid-users

Can you help with this problem?

Provide an answer of your own, or ask sam for more information if necessary.

To post a message you must log in.