> On Thu, May 14, 1998 at 03:16:57PM +0000, Markus Sabadello wrote:
> : I am interested in the experimental 'transparent proxy' feature of
> : newer Linux kernels, and I wondered if this could be used to make
> : browsers go through proxys without knowing it. I configured my
> : intranet gateway to redirect every port 80 connections to local port
> : 8080 (squid port) and I told my browser NOT to use a proxy. It worked
> : well; when I tried to connect to home.netscape.com:80, the connection
> : was redirected to my local intranet gateway at port 8080, but the
> : problem was that my browser sent the following lines:
> :
> : GET / HTTP/1.0
>
> Yes, it's not enough to redirect the request. You must rewrite the
> request to the complete url. There exists a little daemon `trproxyd' or
> `transproxy' doing that.
>
> 0/0 80 redirect -> 81 -> tproxyd -> 8080
Linux does not require such a daemon (and for the life of me I can't figure
out why people keep bringing it up). All that is required to setup
transparent proxies under Linux is to compile it into the kernel and use:
ifpwadm -a accept -P tcp -S 0/0 -D 0/0 80 -r 3128
to redirect the requests. You will also need to setup squid to do it (read
the FAQ). I would recommend getting Squid 1.NOVM 21 and using the -V
parameter with it as well, so you can get resolved hostnames in your logs.
Jordan
-- Jordan Mendelson : http://jordy.wserv.com Web Services, Inc. : http://www.wserv.comReceived on Thu May 14 1998 - 08:06:21 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:11 MST