[ previous ] [ next ] [ threads ]
 From:  "Neil A. Hillard" <m0n0 at dana dot org dot uk>
 To:  'Serge Huber' <serge at think dash simple dot ch>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] transparent proxy from WLAN to LAN
 Date:  Mon, 10 Jan 2005 23:19:22 +0000

>> -----Original Message-----
>> From: Serge Huber [mailto:serge at think dash simple dot ch]
>> Sent: January 10, 2005 2:47 PM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: [m0n0wall] transparent proxy from WLAN to LAN
>> anyone tried to forward all http traffic from WLAN to the LAN's proxy ?
>> each has its own subnet.
>> I'm portforwarding all traffic on port 80 from the WLAN interface to the
>> proxy in the LAN segment
>> but i alwys get an error from the proxy that the url:  /_  is invalid.
>> does anyone have a solution for that ?
>[Mitch says:] Not 100% sure, but doesn't that happen because the client is
>making an HTTP/1.0 request which does not contain a hostname? A 1.1 style
>request needs to be used for a proxy server to know what to proxy to...
>If you can simulate it, try grabbing the connection with a sniffer or packet
>logger and look at the actual connection.
That usually happens when the proxy receives a request that has been
transparently intercepted whilst it isn't set up for transparency.

The proxy will need to know the intended destination address so I guess
you'd need something like WCCP or GRE between the firewall and proxy
server in order to pass the necessary info through.  I've not tried
either of those as I prefer telling the browser that it is using a
browser, although I do understand why you are trying to use transparency
in this case.

Hope this Helps,


Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk