trasparent proxy. - Networking

This is a discussion on trasparent proxy. - Networking ; Hi folks, I'm setting up a proxy and redirecting all the HTTP traffic, but that coming from the proxy, that enters the LAN interface of my Cisco router to the proxy. Do I need to put the eth0 of my ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: trasparent proxy.

  1. trasparent proxy.

    Hi folks,

    I'm setting up a proxy and redirecting all the HTTP traffic, but that coming from the proxy, that
    enters the LAN interface of my Cisco router to the proxy.
    Do I need to put the eth0 of my linux proxy (say 192.168.2.56) in promiscous mode so that it reads
    also the packets directed to IP addresses different from 192.168.2.56, i.e. all the Internet addresses?

    Is there any other things I need?

    Some articles on Internet say that building up a transparent proxy is so easy but I can't have my
    linux proxy working properly?

    Thanks in advance,

    Alex.

  2. Re: trasparent proxy.

    On 2007-01-10, AM wrote:
    > Do I need to put the eth0 of my linux proxy (say 192.168.2.56) in
    > promiscous mode so that it reads


    No.

    > Is there any other things I need?


    It would be nice if you could trim your line length to around 75
    characters... it makes the text much more readable.

    And yes, add a NAT rule to redirect the connection from your
    gateway to the proxy.

    Davide

    --
    Microsoft does have a Y2K problem... it's called Linux!

  3. Re: trasparent proxy.

    Davide Bianchi wrote:
    > On 2007-01-10, AM wrote:
    >
    >>Do I need to put the eth0 of my linux proxy (say 192.168.2.56) in
    >>promiscous mode so that it reads

    >
    >
    > No.
    >
    >
    >>Is there any other things I need?

    >
    >
    > It would be nice if you could trim your line length to around 75
    > characters... it makes the text much more readable.


    I'm sorry Davide,
    I'll bear in mind next time.

    >
    > And yes, add a NAT rule to redirect the connection from your
    > gateway to the proxy.


    That's the problem. The NAT action on a Cisco it's particularly tricky
    in such case.
    Maybe I can apply the NAT rule on the Linux box.Is it possible. I would
    like to know what happen to packets with dest address different from the
    IP address of the proxy. Are they processed anyway by the interface and
    then discarded by the proxy?

    Moreover, where could I find information about the way a client wraps up
    the HTTP requests. I realize this not a network topic but if you knew it
    I would appreciate it.

    AND...If you are Italian, may you tell me where we can speak about the
    same topic in Italian? :-)

    Alex

  4. Re: trasparent proxy.

    On 2007-01-11, AM wrote:
    > Maybe I can apply the NAT rule on the Linux box.


    You need to apply the rule on the gateway, where the packets have to pass
    throught before going to the public internet. If you setup your linux
    box as the gateway, then you can intercept the packets in there.

    > like to know what happen to packets with dest address different from the
    > IP address of the proxy.


    They will be sent to the detination machine if there is a route for
    that machine in the routing table, otherwise they will be sent to the
    gateway.

    > Moreover, where could I find information about the way a client wraps up
    > the HTTP requests.


    In the specification for the HTTP protocol.

    > AND...If you are Italian, may you tell me where we can speak about the
    > same topic in Italian? :-)


    it.comp.os.linux.sys sounds appropriate. Or another it.comp.os.linux
    group.

    D.

    --
    Usenet should require licenses; licenses that can be revoked.
    -- Abigail on alt.sysadmin.recovery

  5. Re: trasparent proxy.

    Davide Bianchi wrote:
    >
    >
    > it.comp.os.linux.sys sounds appropriate.


    OK see you there!

+ Reply to Thread