RE: [squid-users] Transparent config OK if not used?

From: Dave Raven <dave@dont-contact.us>
Date: Fri, 20 Aug 2004 17:16:11 +0200

As long as your iptables rules only affect traffic that's not destined to
your squid port, you should be fine

-----Original Message-----
From: Steve Snyder [mailto:swsnyder@insightbb.com]
Sent: 20 August 2004 04:06 PM
To: squid-users@squid-cache.org
Subject: [squid-users] Transparent config OK if not used?

I understand that there are some problems associated with configuring
Squid (2.5S6 + patches) as a transparent proxy. Are there any negative
affects from having a transparent config even if the browsers are
directly addressing the cache?

On my (Linux, RedHat v9) LAN the browsers should all be configured to
point to the Squid proxy. However there is the occasional lapse, such as
from newly-installed browser or a guest system on the network. I would
like to have a transparent config in place to ensure that all HTTP
traffic goes through the proxy, but not at the cost of introducing
problems for all the correctly configured browsers.

So, if I enable transparent proxying with these options:

  httpd_accel_port 80
  httpd_accel_host virtual
  httpd_accel_with_proxy on
  httpd_accel_uses_host_header on

(together with an iptables rule) will there be problems on the browsers
that are already explicitly configured to address the proxy?

Thanks.
Received on Fri Aug 20 2004 - 09:15:31 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:02 MDT