Changes between Initial Version and Version 1 of TransparentProxy


Ignore:
Timestamp:
09/03/07 20:55:17 (13 years ago)
Author:
Victor Julien
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • TransparentProxy

    v1 v1  
     1= Transparent Proxy =
     2
     3Creating a transparent proxy with Squid.
     4
     5With Vuurmuur it is possible to redirect certain connections to a port on the local host (the firewall). This is especially useful for transparent proxies:
     6  A transparent proxy needs no setup on the client side; the firewall does it all for you. So all of your clients use a proxy for their internet connections without even noticing.
     7
     8First you need to set up Squid on your firewall. Check that Squid is serving for your internal network the way you want it by configuring your browser to use it. The usual port for Squid is 3128.
     9
     10Then you need some modifications in your configuration to allow squid to be "transparent" in /etc/squid/squid.conf (or whereever your configuration resides):
     11{{{
     12httpd_accel_host virtual
     13httpd_accel_port 80
     14httpd_accel_with_proxy on
     15httpd_accel_uses_host_header on
     16}}}
     17Update: with Squid 2.6 and up there is only one option required:
     18{{{
     19http_port IP:3128 transparent
     20}}}
     21where IP is the ip of the interface Squid is listening on. (Thanks to Martin Bruckbauer for pointing me at this!)
     22
     23With those settings create a rule in Vuurmuur redirecting requests from your lan to "any" at port 80 to port 3128 (on localhost):
     24{{{
     25RULE="Redirect service http from my.lan to any options redirectport="3128""
     26}}}
     27et voilá! You have a transparent proxy!