Re: [squid-users] Transparent proxy without using accelerator?

Please do not use HTML mail.

A transparent proxy is NOT an accelerator, even if the httpd_accel_*
directives must be used in suqid.conf to enable transparent proxying.
The reasons why the same directives is used is code technical, as at the
protocol level the actions performed by a transparent proxy has a
striking resemblance to that of an accelerator.

  A accelerator needs to reconstruct the requested URL from the pieces
it has.

  A transparent proxy needs to reconstruct the requested URL from the
pieces it has.

The difference in Squid between the two is some minor details of how
this is done, what pieces to use, and a major difference in how the
thing is deployed and access control rules.

Note: a Squid purely used as a transparent proxy do not even need
"httpd_accel_with_proxy on", but I always recommend to have this on in
transparent proxies to allow the user to configure their proxy settings
to avoid inherent problems in transparently intercepting port 80.

How do you plan on telling Squirm that in no longer needs to redirect
the user to the login page?

I would strongly advice you to ditch the idea on transparent proxying
with login requirements, and instead go for a standard proxy
installation with authentication. If you problem is how to get the users
to change their proxy settings then the same technique as used for
transparent proxying can be used to intercept all requests for port 80
and redirect them to an HTTP server (for example Apache) returning a
small instruction page on how to reconfigure the browser.

Regards
Henrik

--- original messge ---

 Hi, Henrik. I'll try to explain it again.
I am setting up a private network and I want every user who logs on to
the network to be forced to a login page when they open their browser on
their client machine. They should not be able to surf anywhere until
they have logged in. They should not need to configure anything on
their browser.
To force all users to the login page, I thought of using a transparent
proxy with redirector. I have my ipchains set to direct all http
requests from port 80 to port 3128 (Squid), and my Squirm redirector
rewrites all URLs to the login page.
Maybe I'm mistaken, but the stuff that I have read seem to tell me that
to do transparent proxying using Squid, I need to configure it for
proxying as well as enable the accelerator. Is there a way of running a
transparent proxy without using the accelerator? If there is, how can I
do it?
Thanks for your help. (I hope this is clearer)
Favian
  "Squid Support (Henrik Nordstrom)" <hno@marasystems.com> wrote: On
Thursday 04 April 2002 03:29, favian ee wrote:

> I need to use Squid as a transparent proxy with URL redirection but
> the FAQ and squid.conf tell me that to do so, I have to enable
> Squid proxy as well as the accelerator. Unfortunately Squid gets
> confused when they're used concurrently.

????

The confusion only occurs if you run Squid as an accelerator and as a
proxy at the same time, not due to transparent proxying.

transparent proxying is not accceleration, even if the directives in
squid.conf happens to be the same as used in accelleration from code
technical reasons.

> Is there any way I can get around this without using option (b)
> (see previous mail below)?

Please explain your problem again. If you are runnign a transparent
proxy, not being an accelerator for your own servers, then the
problem is different.

-- 
MARA Systems AB, Giving you basic free Squid support
Customized solutions, packaged solutions and priority support
available on request
---------------------------------
Do You Yahoo!?
Get personalised at My Yahoo!.