Re: Transparent Proxy

From: Henrik Nordstrom <>
Date: Fri, 15 May 1998 00:13:04 +0200

Dancer wrote:

> No, linux doesn't require it. But HTTP does, because a proxy-aware
> request and a non-proxy-aware request follow two different syntaxes.

Squid does NOT need a additional daemon to run as a transparent proxy on
Linux. All the rewriting code is already there (the accelerator code).

  httpd_accel virtual 80
  httpd_accel_uses_host_header on
(use 1.1.21 or later, the previous versions is a bit restricted in

You only need a additional daemon if you want to run Squid on a separate
machine as ipfwadm can only redirect to a local port.

Be sure to read up on MTU problems and the like (search in the
squid-users archives) as transparent proxying has some important
networking limitations.

ipfilter needs some additional modifications to Squid to run as a
transparent proxy without a transproxy daemon. I know that a couple of
people have implemented this, but I haven't seen a patch submitted for

Henrik Nordström
Sparetime Squid Hacker
Received on Thu May 14 1998 - 16:00:48 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:11 MST