[Server-devel] Transparent proxy

Jerry Vonau jvonau at shaw.ca
Sat Nov 28 05:43:50 EST 2009


On Sat, 2009-11-28 at 10:11 +0100, Martin Langhoff wrote:
> 2009/11/27 Henry Vélez Molina <henry.laptop at gmail.com>:
> > We are working with the XS-0.6 version and for the moment all is working
> > well.
> > We want to disable the transparent proxy, for security,  and put it as an
> > intermediary proxy in a different port.
> 
That sounds like you want to use something like dansguardian.
The easiest would be to have your "new proxy" listen on 3128 on the lan
and have squid listen on lo only.

> Jerry's instructions are right. However, the XOs will need to be
> config'd to use it.
>  

If you have the iptables rule in place, for transparent proxy, what
config would you have to change?

> A while ago Pia Waugh figured out how to serve the
> proxy config via DHCP and to make the XOs obey it (you'll have to
> google for it as I don't have a link, when you find it... maybe add it
> to the techiques page?)
> 
> In any case, what is the security issue you're concerned with?
> 
> cheers,
> 
> 
> 
> m
Jerry




More information about the Server-devel mailing list