Expand description
External proxy passthrough handler (Mode 3 — Enterprise).
Chains CONNECT requests to an upstream enterprise proxy (Squid, Cisco WSA, Zscaler, etc.). Cloud metadata endpoints are still denied before forwarding. The enterprise proxy makes the final allow/deny decision.
The CONNECT-handshake-against-the-enterprise-proxy logic is extracted into
connect_via_proxy so the TLS-intercept upstream leg can reuse it.
Structs§
- Bypass
Matcher - Matcher for hosts that should bypass the external proxy.
Functions§
- connect_
via_ proxy - TCP-connect to an enterprise proxy and CONNECT through it to
target_host:target_port. - handle_
external_ proxy - Handle a CONNECT request by chaining it to an external proxy.