Re: [squid-users] Transparent proxy

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 28 Aug 2012 21:43:11 +1200

On 27/08/2012 10:38 a.m., Roman Gelfand wrote:
> Assuming that configuring client browsers' proxy is not a problem, is
> there a good (where good overweighs bad) reason to use squid
> transparent proxy feature?

The only other usefulness is to catch unconfigured clients and redirect
them at a "how to configure your browser correctly" page (ie
ERR_AGENT_CONFIGURE or ERR_AGENT_WPAD in the templates langpack).

I would argue that this is the best way to use it regardless of the
circumstances. But some admin consider even that too much of a hassle to
their users.

>
> The reason why I am asking is I just skimmed through squid book and
> they are not painting a rosy picture around transparent proxy.
>
> Thanks in advance

Right. The NAT way is convenient for some, but MITM is not a rosy
picture at the best of times. You will notice that many of those issues
are not limited to HTTP, they or variantions can occur when any protocol
is MITM'd.

Amos
Received on Tue Aug 28 2012 - 09:43:23 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 28 2012 - 12:00:18 MDT