Re: [SQU] IBM Host On Demand

The proxy only setup will break all applications that do not know how to
talk to proxys.... A transparent proxy setup is one where all the traffic
is directed throught squid reguardless of the client configuration. You
can find more information about this type of setup here:
http://www.linuxdoc.org/HOWTO/mini/TransparentProxy-2.html

The reason your application is failing is probably because it was not
desinged to work with any http proxy that is not transparent.

On Fri, 9 Feb 2001, Adam Lang wrote:

> So you are saying that the current way I have users access the internet will
> break this type of application?
>
> what do you mean by "transparent"?
>
> Can I alter other options in the config to allow this? I think I understand
> what you are saying.
>
> Squid is listening on port 8080 (the http_port I desginated in squid.conf)
> for requests, right? I have Interent Explorer configured to use a proxy on
> port 8080 at the squid's ip address.
>
> (By the way, Squid has two NICs. One on the Internet and one internal).
>
> But does the java app care about the Internet Explorer proxy settings? When
> the applet starts running, does it just try to go right to the address it
> needs?
>
> Am I just going to have to detup something to allow ip forwarding?
>
> Adam Lang
> Systems Engineer
> Rutgers Casualty Insurance Company
> http://www.rutgersinsurance.com
> ----- Original Message -----
> From: "Kieran Skinner" <kieran.skinner@xal.co.uk>
> To: "Adam Lang" <aalang@rutgersinsurance.com>; <squid-users@ircache.net>
> Sent: Friday, February 09, 2001 12:26 PM
> Subject: RE: [SQU] IBM Host On Demand
>
>
> > I'm not sure here but I would have thouth that the users browser only
> sends
> > http requestes to the proxy. I would guess that the aplet will not try to
> > use the proxy (unless it is transparent). Because your firewall does not
> > allow them any direct outbound internet access, the applet fails because
> it
> > cannot open the desired port on the remote server.
> >
> > close?
> >
> > -----Original Message-----
> > From: Adam Lang [mailto:aalang@rutgersinsurance.com]
> > Sent: 09 February 2001 17:14
> > To: squid-users@ircache.net
> > Subject: [SQU] IBM Host On Demand
> >
> >
> > I have some users that need to access a webpage that has an applet
> embedded
> > on it. They can get to the page ok, but the applet doesn't load.
> >
> > http://www.isotel.iso.com/isow-3270.shtml
> >
> > On the link above, it mentions the ports that need to be open on the
> > firewall to allow the applet to communicate. I spoke to their help desk
> and
> > they said it should be able to run through an HTTP proxy (which squid is,
> > correct?).
> >
> > No users have direct access to the internet. All internet related stuff
> > goes through sendmail or squid.
> >
> > Below is my acl list (currently) after I tried adding the ports to SSL
> safe
> > ports or to safe ports. I did squid reload after the changes each time.
> > Any input would be appreciated.
> >
> > The ports needed are 80 443 8989 8999 501
> >
> > acl all src 0.0.0.0/0.0.0.0
> > acl manager proto cache_object
> > acl localhost src 127.0.0.1/255.255.255.255
> > acl SSL_ports port 443 563 1138 8989 8999 501
> > acl Safe_ports port 80 21 443 563 70 210 1025-65535
> > acl Safe-ports port 8989 8999 501 # ISOTEL Host On Demand
> > acl Safe_ports port 280 # http-mgmt
> > acl Safe_ports port 488 # gss-http
> > acl Safe_ports port 591 # filemaker
> > acl Safe_ports port 777 # multiling http
> > acl Safe_ports port 901 # SWAT
> > acl CONNECT method CONNECT
> > #Added by Adam Lang###############################
> > acl rutgersinsurance src 10.10.10.0/255.255.0.0
> > ##################################################
> >
> > Adam Lang
> > Systems Engineer
> > Rutgers Casualty Insurance Company
> > http://www.rutgersinsurance.com
> >
> > --
> > To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>

Nick Austin
Digitalpipe

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html