[squid-users] Totally transparent proxy with Squid

From: <Simon.Green@dont-contact.us>
Date: Tue, 15 Oct 2002 12:50:01 +1200

Hi,

I've been using Squid for some time, so I know how to setup a normal
transparent proxy. However, for my current project, I need to go one step
further. I need to setup a proxy that is completely invisible: no addition,
deletion or modification of *any* headers, no rewriting whatsoever. I
simply want to receive an HTTP connection, and send it somewhere else.

I have these tight requirements as this is part of a messaging system. The
clients are not capable of understanding messages that are even slightly
modified from what they would get if connected directly to the server. Some
sort of proxy is required, as some of our clients will be behind a firewall
in another country and cannot access the server directly. In addition, it
needs to be a transparent proxy as the gateway connecting the clients
through the firewall to the web are not proxy-capable.

For clarification, the setup is:

CLIENT protocol --> GATEWAY (xlate to HTTP) --> FIREWALL + SNAT --> (IP
networks) --> TRANSPARENT PROXY --> FIREWALL --> WEB SERVER

We've just been testing... and although the messages are being passed to
and from the server and client, the results are corrupt. We suspect that
some of the rewriting that Squid is doing is the problem. The Host: header
is moved to the end of the request, and a few other things like a
Forwarded-For: header and some other Squid identifiers are tacked on too.
I'd like to get rid of this.

Can I make Squid into a total stealth proxy, or am I barking up the wrong
tree?

Cheers
Simon

--
http://www.linux.org
-----------------------------------------------------------------------------------------------
Have you seen our website?.... http://www.vodafone.co.nz
CAUTION: This correspondence is confidential and intended for the named recipient(s) only.
If you are not the named recipient and receive this correspondence in error, you must not copy,
distribute or take any action in reliance on it and you should delete it from your system and
notify the sender immediately.  Thank you.
Unless otherwise stated, any views or opinions expressed are solely those of the author and do
not represent those of Vodafone New Zealand Limited.
Vodafone New Zealand Limited
21 Pitt Street, Private Bag 92161, Auckland, 1020, New Zealand
Telephone + 64 9 357 5100
Facsimile + 64 9 377 0962
Received on Mon Oct 14 2002 - 17:51:07 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:41 MST