Re: TRANSPARENT PROXY from Dave Zarzycki on 1997-12-21 (squid-users)

From: Dave Zarzycki <zarzycki@dont-contact.us>
Date: Sat, 20 Dec 97 23:08:00 -0800

On 12/20/97 10:09 PM, Patrick (indigo@trancenet.ml.org) wrote:

>> There is no reason to transmit the same bytes more than once over a slow
>> link, when it can be used for something else.
>dont you have to transfer from proxy->client ????

It is generally assumed that the link to the internet is slow, and the
local area network is 10-100Mbps. In other words, the data transfer from
the proxy to the client is very fast, and costs practically nothing at
all. But, the link to the internet is just the opposite, slow and costly.

>> >> What version of squid are you using?
>> >1.1.9
>>
>> Err... You might want to update...
>why is that?

Bug fixes, new features, greater stability...

>> >> What distribution of Linux are you using? version?
>> >2.0.32
>slackware, but it doesnt have a slack respective v now because it is a
>very new kernel (newest stable)

Ah, I would venture to say that you are running some derivative a
slackware version, but that isn't very important at this point. I can run
RedHat Linux 5.0 with the 2.1.73 kernel, and it's still a RedHat 5.0
system with a different kernel...

You mentioned in another message that you have no firewall setup. That's
your problem. Transparent Proxy only works if your machine acts as a
router.

Your firewalling rules need to be like so (in the following order):

allow connections from x to the local machine at port 80.
redirect connections from x to y at port 80 to port 3128.
allow all other packets to be forwarded.

this is very conceptual, and assumes that you run squid at port 3128.

If you want really ugly details, e-mail directly and I'll point to the
the numerous FAQ and HOWTOs.

davez

----------------------------------------------------------------------
Dave Zarzycki Student
Intern San Jose State University
Apple Computer, Inc. dzarzyck@email.sjsu.edu
zarzycki@apple.com zarzycki@ricochet.net
----------------------------------------------------------------------
PGP Fingerprints (RSA): 8AF2 1040 8A9C D025 47BE 70DD A51C C887
DSS/Diffie-Hellman: CB9E 2621 B4BA 3F96 3516 B312 15B4 D842 3809 EF99
Contact pgpkeys.mit.edu for my public keys.
Received on Sat Dec 20 1997 - 23:09:26 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:01 MST