D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Locking down Gnome on Debian 3.1

 

John Botwright wrote:

Enable your web proxy on your firewall and tick the "transparent" box.

if you're interested (or have way too much free time), here's some elaboration on 
the jargon ...

A traditional ("dumb") proxy holds a copy of some (typically) static content. If a client 
requests content which is not held by the proxy, the proxy replies with the web equivalent of 
"tough luck!".

On the other hand, a "transparent" proxy is politely accomodating. It will pull in any 
requested content which it has not yet cached, and serve it to the client. "Squid" on its own 
is a transparent proxy.

Both these types rely on the clients being set up to use the proxy, either manually 
or by DHCP.

A third type, the "masquerading" proxy, forcefully grabs *any* http traffic and replies to it. 
Your firewall can provide the "masquerading" which grabs the http traffic, and it sends it to 
your proxy to generate the reply.

So ... the firewall+squid combination is an example of a "masquerading transparent 
proxy".

The "masquerading" proxy definitely simplifies things, but I heard it breaks some 
internet spec so some people will argue against its use.

Hope that whets your appetite!

Thats interesting.

The proxy isn't transparent at the moment.

I normally have 2 internet connections coming in. I have Telewest cable and my girlfriend's old AOL connection which she had before I moved in. We haven't canceled the AOL yet since my girlfriend still has about 5 months or so left on the contract, so if we don't use it, or even if we do, we still have to pay the £15 a month.

So... my network is setup as follows...

Cable Modem ----> Router ----> 10.0.0.254
ADSL Router ----> 10.0.0.251
Debian Server (Terminal Server & Samba File Server) ----> 10.0.0.253
SME Server (Mail Server, Proxy Server, Dans Guardian Server) ---> 10.0.0.252

The SME and Debian servers are configured to use the AOL DSL connection as it's Gateway.

The main desktops (my PC when it's working and my girlfriend's PCs) are setup to use the Telewest connection as their Gateway.

Now when I login to the terminal server, by default its looking at the AOL connection and not going through the proxy.

What I would like it the Debian server to automatically use the SME Server proxy for ANY HTTP/FTP traffic. Is there any configuration files I can change to do this?

I'm guessing the only other option would be to setup the SME server as a gateway, have the external connection go through to the ADSL Router and then have the Debian box use the SME server as it's gateway?

Rob



--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html