RE: [squid-users] Squid + Firewall + non std ports

tranparent proxying is a often overloaded term.

Basically there are two methods of getting a browser talking to a proxy.

1) Configure the browser. This includes autoconfiguration scripts,
registry tweaking, whatever.
2) Have the network intercept the traffic from the browser to the web
server, and feed it into a proxy.

A proxy doing 2) is most accurately called an intercepting proxy.
However, for some reason the term "transparent proxy" [which actually
(according to HTTP/1.1) means one that does not alter the semantics of
the HTTP content passing through it] become the common term for that.

So seeing "transparent" in a squid configuration raises alarm bells. The
FAQ is referring to traffic intercepting proxies.

Ok, back to the point, even for a normally configured squid, it will
treat authenticated requests as being uncacheable, and will by default
send them directly.

Rob

-----Original Message-----
From: Barry Darnton [mailto:BarryD@chw.edu.au]
Sent: Tuesday, September 18, 2001 4:03 PM
To: Robert Collins; Barry Darnton; Colin Campbell
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Squid + Firewall + non std ports

I am a little confused by the term "transparent proxying", I saw in the
faq that this does not work but I am unsure what they mean by the term.
Transparent proxying to me means that no authentication is required. If
this is the case then perhaps I am breaking the rules here by putting in
an acl for the chw.edu.au site. Currently if an internal user goes to
chw.edu.au they do not need to authenticate, if they go anywhere else on
the net then they do. It seems to be working (but the FAQ said that "it
appears to work"). Have I got a mixture going here and it should not be
working as per the faq or is it referring to you cant authenticate one
network but make another network transparent.
Barry
Received on Tue Sep 18 2001 - 00:14:12 MDT