Firewall Wizards mailing list archives
Re: Transparent proxying
From: Ng Pheng Siong <ngps () netmemetic com>
Date: Fri, 13 Feb 2004 08:43:11 +0800
On Wed, Feb 11, 2004 at 07:55:28PM -0800, jm wrote:
I'm trying to enable transparent proxying from a router or from a L3/4 switch and after a day spent on Cisco, Extreme Networks and other Enterasys website I'm still completely clueless as to whether I need a $1,000 or a $15,000 box. Since obviously I would prefer the former, I'm relying on your advices.
Take a look here: http://www.transproxy.nlc.net.au/ "The program is used in conjunction with the FreeBSD (ipfw, ipnat) or Linux transparent proxy feature (ipfwadm, ipchains, iptables), to transparently proxy HTTP requests. [...] Normally users would have to configure their browser to access the proxy. This transparent proxy will automatically intercept HTTP accesses and re-direct them to the Squid (or any other) proxy server. The users need not even know that a proxy is being used, it's that transparent." I think ipfilter also works with transproxy. http://coombs.anu.edu.au/~avalon/ ipfilter is available on BSD, Solaris, Irix and HPUX.
In addition I need the router/switch to be remotely configurable from my proxy server. And finally I need some equipment which from a brand which is known enough that it won't raise too much eyebrows when installed in-line (i.e. Linux is out of the picture, Cisco would be ideal if the price is correct).
A Unixen running this thing is of course remotely manageable. If BSD or Linux is out maybe you can go for a Solaris or a HPUX? Pros: meets your cost and technical requirements. Cons: may not meet your political(?) requirements. Cheers. -- Ng Pheng Siong <ngps () netmemetic com> http://firewall.rulemaker.net -+- Firewall Change Management & Version Control http://sandbox.rulemaker.net/ngps -+- Open Source Python Crypto & SSL _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Vlan's as effective security measures? Ware, Larry (Feb 09)
- Re: Vlan's as effective security measures? John Hall (Feb 09)
- Re: Vlan's as effective security measures? avraham shir-el (arthur sherman) (Feb 11)
- Re: Vlan's as effective security measures? John Hall (Feb 12)
- Re: Vlan's as effective security measures? Daniel Linder (Feb 12)
- Transparent proxying jm (Feb 12)
- Re: Transparent proxying Luke Butcher (Feb 12)
- Re: Transparent proxying kaptain (Feb 12)
- Re: Transparent proxying Ng Pheng Siong (Feb 13)
- Re: Vlan's as effective security measures? avraham shir-el (arthur sherman) (Feb 11)
- Re: Vlan's as effective security measures? John Hall (Feb 09)
- <Possible follow-ups>
- RE: Vlan's as effective security measures? Melson, Paul (Feb 10)
- Re: Vlan's as effective security measures? Brian Ford (Feb 12)
- Re: Re: Vlan's as effective security measures? Brian Ford (Feb 12)
- Re: Vlan's as effective security measures? Todd Joseph (Feb 13)
- Re: Vlan's as effective security measures? Brian Ford (Feb 16)
- Re: Vlan's as effective security measures? Todd Joseph (Feb 13)
- RE: Re: Vlan's as effective security measures? hugh_fraser (Feb 16)
- Re: Vlan's as effective security measures? Jeremiah Cornelius (Feb 20)
- RE: Re: Vlan's as effective security measures? Brian Ford (Feb 16)
- RE: Re: Vlan's as effective security measures? hugh_fraser (Feb 20)