On 12/14/2011 10:46 PM, Amos Jeffries wrote:
> On 15/12/2011 3:29 p.m., Elvar wrote:
>> Hello,
>>
>> I'm running Squid & Dansguardian in several environments and the
>> environment using transparent proxy mode is suffering from a severe
>> delay in loading a page. Once the page starts to load it is quick but
>> the initial load is severely delayed. When I switched from
>> transparent to NTLM auth, surprisingly the delay is completely gone.
>> I'd think it would be the other way around honestly. I'm not sure how
>> to resolve this but any suggestions would be greatly appreciated.
>
> "transparent" is a confusing word. Particularly more so since you say
> you changed from "transparent proxy" to one of the forms of
> "transparent authentication".
>
> To clarify what you were meaning:
>
> Was your "transarent proxy" setup using?
> NAT intercept?
> TPROXY intercept?
> WPAD?
> Basic auth SSO?
> Digest auth SSO?
> Negotiate/Kerberos auth SSO?
> OAuth?
> or an external ACL helper doing out-of-band auth tests?
>
> Amos
By transparent, I mean I'm using iptables to redirect outbound HTTP
through Dansguardian. My iptables rule is below
'#$IPT -t nat -A PREROUTING -i $LAN_IF -p tcp -s $LAN --dport 80 -j
REDIRECT --to-port 8080'
When I'm using this there seems to be more of a delay loading sites vs.
configuring web browsers to connect to the proxy directly and
authenticate using NTLM & winbind. When I use the iptables redirect rule
I have authentication off. In general, what are some things I should
check as to why / what may be causing the sites to load slow?
Thanks!
Received on Thu Dec 15 2011 - 04:53:49 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 15 2011 - 12:00:03 MST