You are not logged in.
- Topics: Active | Unanswered
#1 2008-11-16 22:36:27
- techprophet
- Member
- Registered: 2008-05-13
- Posts: 209
Proxy Transparency... how?
I am using squid and dansguardian and want to force all network computers to use that proxy server on port 8080 (dg). Is all I have to do add the 'transparent' option the the port setting? I have heard some browsers don't work with this. Which ones? All the computers run XP/Vista/*buntu/Arch. Latest FF/IE should work right? Would it be better to somehow use the modem to make all internet-bound traffic from all computers but the server go through the server? eg: Client->Modem->Proxy->Modem->Internet
Offline
#2 2008-11-16 22:52:44
- fukawi2
- Ex-Administratorino
- From: .vic.au
- Registered: 2007-09-28
- Posts: 6,224
- Website
Re: Proxy Transparency... how?
I don't have any experience with Dansguardian specifically, but I beleive the way this is normally done is under the assumption that the box is also the default gateway for the network. It then uses iptables to intercept traffic on port 80, and redirect it ro port 8080 (or whatever the proxy server is running).
If the device isn't your default gateway, then you could still do that same thing (manually) on your default gateway assuming it's Linux with iptables
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
#3 2008-11-16 23:06:09
- techprophet
- Member
- Registered: 2008-05-13
- Posts: 209
Re: Proxy Transparency... how?
i don't know if it's linux. I doubt it
what about setting the route on the modem? I don't have direct access to any of the computers except the server. Would setting up dhcp on the server allow me to do that if I disabled dhcp on the modem? (eg the server would hand out ips that would channel port 80 traffic through the proxy)
Offline
#4 2008-11-16 23:21:48
- fukawi2
- Ex-Administratorino
- From: .vic.au
- Registered: 2007-09-28
- Posts: 6,224
- Website
Re: Proxy Transparency... how?
No. You would need to hand out DHCP addresses with the default route being the server, then configure the server to do NAT back to the modem. Of course, having them on the same physical network doesn't stop anyone from manually pointing their IP configuration back to the modem as the default route and bypassing the proxy altogether again.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
#5 2008-11-19 20:23:45
- derelict
- Member
- Registered: 2006-07-25
- Posts: 81
Re: Proxy Transparency... how?
What is your network topology? There are various ways to accomplish what you need depending upon the equipment in use and the layout of you network infrastructure. I run two squid servers in an enterprise environment. (Both run Arch 
). But my solution might not apply for you.
Offline