A small note of warning: For transparent proxying to work really well
Squid must know how to ask the NAT engine what the real intended
destination address is. If not it won't work for certain HTTP/1.0
clients not sending Host: headers.
Fortunately such clients is not very common. Mostly seen in other
"hidden" HTTP clients such as certain anti-virus update agents, custom
programs etc..
Regards
Henrik
fre 2003-04-11 klockan 02.14 skrev Gary Price (ICT):
> Hi
> I have been trying to use RRAS to set up transparent proxying on Win2K with squidNT2.5. I would like to use the NAT facility of RRAS
> to translate any incoming destination address to an address on the proxy machine, so that squid can process it. So far, I have not
> been able to do this. It appears from the documentation that with RRAS NAT it is possible to do either/both
>
> 1. Map a range of "client" IP addresses to one or a few "public" addresses. This should be suitable, except that it is not clear how
> to apply this transformation only to a specific port (80 say).
>
> 2. Translate requests from a "public" network directed at a specific IP address and port to another "internal" IP address and port.
> This is meant to allow external access to internal services (like a proxy?). This seems not to be suitable because it requires a
> specific list of IP addresses - there seems to be no way to specify that every incoming port 80 request, no matter to what origin
> server, be translated to a single loacl IP address.
>
> Has anyone been able to use RRAS to do transparent proxying on Windows?
>
> Thanks
> Gary Price
> ICT
-- Henrik Nordstrom <hno@squid-cache.org> MARA Systems AB, SwedenReceived on Fri Apr 11 2003 - 07:37:46 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:56 MST