Penguin
Diff: TransparentProxy
EditPageHistoryDiffInfoLikePages

Differences between current version and predecessor to the previous major change of TransparentProxy.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 7 Last edited on Friday, June 22, 2007 3:45:05 pm by PaulWankadia
Older page: version 3 Last edited on Saturday, September 21, 2002 4:27:26 pm by PerryLorier Revert
@@ -1,9 +1,18 @@
-Transparent Proxy's is when you use NetworkAddressTranslation to intercept traffic going to specific port and redirect it to go to a proxy. This is very popular in NewZealand [ISP]'s to redirect traffic to port 80 ([HTTP]) to a proxy so they can attempt to proxy common content and save bandwidth (as all international traffic to/from NewZealand carries charges). The flaw in this plan is that while the proxy is supposed to be transparent (ie: you're not supposed to be able to tell it's there), far too often it becomes opaque, and you can tell that it's there. Common problems with Transparent proxies: 
+Transparent Proxying is when you use NetworkAddressTranslation to intercept traffic going to specific port and redirect it to go to a proxy. This is very popular in NewZealand [ISP]'s to redirect traffic to port 80 ([HTTP]) to a WebProxy, so they can attempt to proxy common content and save bandwidth (as all international traffic to/from NewZealand carries charges). The flaw in this plan is that while the proxy is supposed to be transparent (ie: you're not supposed to be able to tell it's there), far too often it becomes opaque, and you can tell that it's there. Common problems with Transparent proxies: 
  
 * The source address is no longer your machine but the proxy, so any website that uses IP based authentication won't work. 
 * The source address may come from different IP's every time you request a page, so any website that remembers what IP your on and requires you to login each time you change it will ask you to login again always, sigh. 
 * The TransparentProxy accepts the connection, gets the request *then* goes and finds out if the page is available, so your browser doesn't get to handle events such as "Connection Timed out" or "Connection Refused" 
-* The TransparentProxy resolves the destination host again which may be different to what your machine resolves it to, for instance if you use an AlternativeRoot[1], or have a /etc/hosts (hosts(5)) entry for the machine the TransparentProxy will either fail to find the [DNS] for it, or even worse, find it's own one (which may be an old cached incorrect version). 
+* The TransparentProxy resolves the destination host again which may be different to what your machine resolves it to, for instance if you use an AlternativeRoot[1], or have a /etc/hosts (hosts(5)) entry for the machine the TransparentProxy will either fail to find the [DNS] for it, or even worse, find its own one (which may be an old cached incorrect version). 
 * Your [ISP] uses software that is not clever enough. For example, [Xtra]'s proxy (used to? still?) didn't look at the "Accept-Language" header. For example, if I send a request for the home page of www.debian.org with Accept-Language set to French, and you later send a request for the same page (but your browser sends a different language for Accept-Language) then you might get the French version if the proxy decides that the page is not yet expired. ''That would explain why I kept getting debian pages in french! Why couldn't you just read them in plain english like everyone else? <grin> -- PerryLorier'' 
  
 [1]: Not a good idea at the best of time anyway. 
+  
+!But I want to do it anyway?  
+  
+http://www.tldp.org/HOWTO/TransparentProxy.html  
+http://www.deckle.co.za/squid-users-guide/Transparent_Caching/Proxy  
+http://www.lesismore.co.za/Squid_3_Transparent_Proxy  
+  
+----  
+Part of CategoryNetworking