Re: Transparent Proxy

From: Eric Stern <estern@dont-contact.us>
Date: Thu, 14 May 1998 16:08:25 -0400 (EDT)

On Fri, 15 May 1998, Dancer wrote:

> Jordan Mendelson wrote:
> >
> > > On Thu, May 14, 1998 at 03:16:57PM +0000, Markus Sabadello wrote:
> > > : I am interested in the experimental 'transparent proxy' feature of
> > > : newer Linux kernels, and I wondered if this could be used to make
> > > : browsers go through proxys without knowing it. I configured my
> > > : intranet gateway to redirect every port 80 connections to local port
> > > : 8080 (squid port) and I told my browser NOT to use a proxy. It worked
> > > : well; when I tried to connect to home.netscape.com:80, the connection
> > > : was redirected to my local intranet gateway at port 8080, but the
> > > : problem was that my browser sent the following lines:
> > > :
> > > : GET / HTTP/1.0
> > >
> > > Yes, it's not enough to redirect the request. You must rewrite the
> > > request to the complete url. There exists a little daemon `trproxyd' or
> > > `transproxy' doing that.
> > >
> > > 0/0 80 redirect -> 81 -> tproxyd -> 8080
> >
> > Linux does not require such a daemon (and for the life of me I can't figure
> > out why people keep bringing it up). All that is required to setup
> > transparent proxies under Linux is to compile it into the kernel and use:
>
> No, linux doesn't require it. But HTTP does, because a proxy-aware
> request and a non-proxy-aware request follow two different syntaxes.
> Transparent proxying is something altogether different (although not
> incompatible with, and often quite useful with) HTTP proxying.
>
> tproxyd is an http request reformatter designed to make use of linux's
> transparent proxying featureset.

No, squid manages just fine on its own. Trust me, I run transparent squids
on Linux, and I don't use tproxyd. Everything works just great.

Its covered pretty well in the FAQ
(http://squid.nlanr.net/Squid/FAQ/FAQ-16.html#ss16.2) although it IS a bit
out of date now. ie it says that the cache will contain only IP address,
which is not true now that squid supports the Host: header.

/-----------------------------------------------------------------------/
/ Eric Stern - PacketStorm Technologies - (519) 837-0824 /
/ http://www.packetstorm.on.ca /
/ WebSpeed - a transparent web caching server - available now! /
/-----------------------------------------------------------------------/
Received on Thu May 14 1998 - 13:26:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:11 MST