How to forward HTTPS traffic through squid transparently?
but all the ones I found describe the creation of a certificate pair to decrypt/re-encrypt the traffic - something I do not want to do.
What you are asking for simply isn't possible because of how the https protocol works. Your options are:
- Permit outgoing https through your firewall, and don't attempt to use any proxies
- Configure clients to use your proxy/filter, and they will use HTTP CONNECT calls to the proxy.
- Setup your proxy to be a man in the middle, and do sslbump.
I would just eventually block when some time rules are met
You can with the correct iptables modules filter based on the time of day. Perhaps you should just handle the time of day filtering in your firewall?