[ previous ] [ next ] [ threads ]
 
 From:  "Ryan Wagoner" <Ryan at wgnrs dot dynu dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Settings For Squid Transparent Proxy
 Date:  Tue, 7 Feb 2006 20:52:35 -0500
Yeah that's actually how I have it setup now. I had some free time and
it was just bugging me that the transparent proxy isn't working
correctly. Plus the wpad lookup doesn't always happen on my laptop which
is not a member of the domain, and when you go to a workplace where
there is no wpad file it takes the browser 20 secs or so to figure
before it will display any page it out which is annonying.

Wpad config involves setting up a dns entry for wpad.your-domain and
placing a wpdat.dat in the root directory. I have this running on the
squid server with apache.

Ryan

-----Original Message-----
From: A dot L dot M dot Buxey at lboro dot ac dot uk [mailto:A dot L dot M dot Buxey at lboro dot ac dot uk] 
Sent: Tuesday, February 07, 2006 5:42 PM
To: Neil A. Hillard
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] Settings For Squid Transparent Proxy

Hi,

> A transparent proxy is ugly and prone to errors, anyway.  My 
> recommendation would be to redirect all request for port 80 (except 
> those from the machine running squid) to a page on one of your servers

> that instructs the user how to configure their browser to use the
proxy.

...if you use the 'automatically detect settings' in your browser config
(IE, Firefox, Safari etc) then it should put out a request for the WPAD
substantiator:

http://www.wrec.org/Drafts/draft-cooper-webi-wpad-00.txt

bluntly, this means if you have a host responding to that request eg
http://proxy_config:80/wpad.dat and wpad.dat contains the settings you
are all clear.

incidentally

1) this can also be served out as an 'option 252' in the DHCP response
2) the wpad.dat could be held and served by m0n0wall.... so m0n0wall
could, trivially, support having a web proxy on your LAN/DMZ which would
mean all your clients were happy.

easy eh? ;-)

alan

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch