D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Locking down Gnome on Debian 3.1

 

>Enable your web proxy on 
>your firewall and tick the 
>"transparent" box. 

if you're interested (or have way too much free time), here's some elaboration on 
the jargon ...

A traditional ("dumb") proxy holds a copy of some (typically) static content. If a 
client requests content which is not held by the proxy, the proxy replies with the 
web equivalent of "tough luck!".

On the other hand, a "transparent" proxy is politely accomodating. It will pull in 
any requested content which it has not yet cached, and serve it to the client. 
"Squid" on its own is a transparent proxy.

Both these types rely on the clients being set up to use the proxy, either manually 
or by DHCP.

A third type, the "masquerading" proxy, forcefully grabs *any* http traffic and 
replies to it. Your firewall can provide the "masquerading" which grabs the http 
traffic, and it sends it to your proxy to generate the reply.

So ... the firewall+squid combination is an example of a "masquerading transparent 
proxy".

The "masquerading" proxy definitely simplifies things, but I heard it breaks some 
internet spec so some people will argue against its use.

Hope that whets your appetite!

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html