Re: transperant proxy using Cisco?

From: Amos Shapira <>
Date: Wed, 07 Jan 1998 21:03:35 +0200

In message <> you write:
|You forgot ICMP "Host Unreachable, Need Fragmentation". Of course, if
|the network subject to transparent proxying has a PMTU >= MTU
|of the proxy box's interface, that is not needed.
|But if it is not the case, you must take care of the ICMP messages,
|or the remote www-servers' TCP stacks would not be able to determine
|the correct PMTU.

[ deleted ]

|The only thing we made is a slight hacking of natd package for FreeBSD.
|We use it instead of ipfilter or smth. because it's user-land and is
|quite easy to hack, e.g. for the handling of the ICMPs.

Does anyone know how to achieve the same effect with a Linux box?
(i.e. the main router of my network is a Cisco, which I hope to teach
to redirect HTTP requests to a Linux box running Squid 1.1.18).



--Amos Shapira | "Of course Australia was marked for
133 Shlomo Ben-Yosef st. | glory, for its people had been chosen
Jerusalem 93 805 | by the finest judges in England."
ISRAEL | -- Anonymous
Received on Wed Jan 07 1998 - 11:08:06 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:20 MST