HPE Community
Operating System - Linux
1830241 Members
5103 Online
109999 Solutions
New Discussion

Re: configuring squid

 
iinfi1
Super Advisor

‎05-23-2009 01:37 PM

‎05-23-2009 01:37 PM

configuring squid

hi all,
i am running RHEL 5.3
i am practicing squid in my test environment. i am able to configure squid alright and with another machine i am able to access the internet through firefox.
to access the internet i had configure the browser so that it fetches the connections from the proxy.
this means i can access the net only through firefox and i need to do the same for all web based applications chat clients etc in my LAN.

is there a way to configure the client machine to access the net in such a way that i do not need to configure each web based application to use the proxy?
to the client machine (be it windows or linux) it should look like it is directly connected to the internet while it is using the proxy.
is it possible?
thanks for your time
0 Kudos
Reply
5 REPLIES 5
Ivan Ferreira
Honored Contributor

‎05-23-2009 03:08 PM

‎05-23-2009 03:08 PM

Re: configuring squid

Squid is only proxy for some protocols, and also, there are some appliacations that you can't configure a proxy server on them.

You could go directly to Internet with these appliactions if you enable ip forwarding and configure iptables MASQUERADING/SNAT.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Joseph L. Casale
Regular Advisor

‎05-23-2009 03:52 PM

‎05-23-2009 03:52 PM

Re: configuring squid

Yes, its called a Transparent Proxy. Basically you will configure the gateway on the clients to point to the squid server (there are other more complex methods as well) and use iptables to redirect incoming traffic of interest like tcp80 and other other compatible protocols into the proxy port you defined in your squid.conf.

Simple:
http://tldp.org/HOWTO/TransparentProxy.html

Complex:
http://www.visolve.com/squid/whitepapers/trans_caching.php

HTH,
jlc
0 Kudos
Reply
iinfi1
Super Advisor

‎05-23-2009 09:27 PM

‎05-23-2009 09:27 PM

Re: configuring squid

thank you.
i had heard about these transparent proxies earlier but never got to the depth of it. i will read the links which you have provided.

i still have a couple of questions.
Are these transparent proxies used at enterprise level also? Do organizations like banks where data security is of utmost importance use transparent proxies?

secondly the if we use "iptables MASQUERADING/SNAT" or "use iptables to redirect incoming traffic of interest like tcp80 and other other compatible protocols into the proxy port you defined in your squid.conf" do the pages get cached in the proxy?
in my opinion all it does is does an IP port forwarding! so this defeats the logic of using a proxy.

please correct me if i am wrong.
thank you
0 Kudos
Reply
Joseph L. Casale
Regular Advisor

‎05-24-2009 07:40 AM

‎05-24-2009 07:40 AM

Re: configuring squid

Can't comment on banks, but if your topology is designed right, you can force traffic through in both scenarios and successfully regulate what goes in and out.

The method which your clients access the proxy whether it be directly or transparently has no effect on how squid caches. I can cache in either scheme if you set it up to.

Join the squid-users list.

Good luck,
jlc
0 Kudos
Reply
iinfi1
Super Advisor

‎05-24-2009 08:10 AM

‎05-24-2009 08:10 AM

Re: configuring squid

alright
thank you :)
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.