Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

OpenBSD

Transparent proxying with squid and pf

Post date: May 17, 2005, 08:05 Category: Views: 11860 Comments
Tutorial quote: squid is a caching web proxy, it's set up between web browsers and servers, fetching documents from servers on behalf of browsers. It can accelerate web access by caching frequently requested pages and serving them from its cache. It can also be used to filter pop-up ads and malware or to enforce access control (which clients may request what pages based on different authentication methods).

Traditionally, the proxy is an optional component, and browsers are configured to actively use the proxy. Transparent proxying means forcing all web traffic through the proxy without the cooperation (or knowledge) of the clients. Once all browser connections pass through the proxy, outgoing connections to external hosts can be restricted to the proxy, and direct connections from local clients can be blocked.

The OpenBSD packet filter (pf) can be used to redirect connections based on various criteria, including source and destination addresses and ports. For instance, one can redirect all TCP connections with destination port 80 (HTTP) that arrive through an interface connected to local workstations to a squid proxy running on a different address and port.

Comments

Web-based applications and online marketing solutions - LumoLink