Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] invalid request

From: mustafa <mustafarajimusa@xxxxxxxxx>
Date: Wed, 14 Mar 2012 11:22:31 +0300
On 3/14/2012 10:11 AM, Guy Harris wrote:
On Mar 13, 2012, at 11:42 PM, mustafa wrote:

it might be the problem is sending ssl over http because i configure squid in the intercept mode, but squid know how to deal with ssl,
Yes, it knows how to deal with SSL being sent directly to port 80 - it rejects it, as it should, just as a regular Web server will!

Either HTTP-over-SSL/TLS traffic should go to port 443:

	http://tools.ietf.org/html/rfc2818

or should start out as plain HTTP to, say, port 80, and upgrade to HTTP-over-SSL/TLS:

	http://tools.ietf.org/html/rfc2817

i want to know what is the cause to block it , or find solution to it using squid
If the problem is that some browser or other client is sending SSL to port 80, the solution to it is to fix the browser or other client to stop doing so.

If the problem is that some device between the browser or client and the Squid proxy is sending SSL to port 80, the solution to it is to fix that device.

If the problem is that Squid is deciding to send SSL to port 80 in response to a properly-formed client request, the solution to it is to fix Squid.  How to do that is a question that should be asked on a mailing list for Squid, not for Wireshark; you're far more likely to find the people who know the answer to your question there (I don't know what the answer is, having never configured Squid in my life).
okay thank you, now i know how to solve the problem, really what i want to know is, what this traffic is, and you give me the answer ssl traffic, i think now i can solve the problem
thanks, Best regards
___________________________________________________________________________
Sent via:    Wireshark-users mailing list<wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
              mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe