Re: Question transparent WWW-proxy

From: Henrik Nordstrom <>
Date: Fri, 19 Jun 1998 23:40:45 +0200

I don't fully understand your question, but I think you ask if it is
possible to configure ipfilter to bypass the transparent proxy for
certain addresses?

I don't know but I think it is. I know for a fact that it is possible
using Linux ipfwadm. Read the documentation on ipfilter.

What you probably have to add is some rule that tells ipfilter that
these addresses should be routed throught instead of redirected to the
proxy, much like the two first rules you have allowing local traffic

A note: I saw that you redirect port 21 (FTP) to Squid. I am sorry but
FTP can't be transparently proxied in this way. Squid is only a HTTP
proxy, and as such it can act as a gateway for HTTP clients to FTP
servers, but not as a proxy for FTP clients. A direct FTP connection is
very different from a FTP request sent to a HTTP proxy. The same applies
to the other protocols supported by Squid (FTP, Gopher and WAIS).

Henrik Nordström
Sparetime Squid Hacker
Daniil Piontkovskiy wrote:
> It`s working O.K.
> But some from machines do not need to be passed(missed) through proxy and
> to direct on direct, as it can be made ?
> It is possible to make with IP filter ? .... or proxy Squid-1.1.21 ?
> Thanks in advance
>  -----
>  Daniil
Received on Fri Jun 19 1998 - 15:24:02 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:45 MST