|
||||||||
Yeah that's actually how I have it setup now. I had some free time and it was just bugging me that the transparent proxy isn't working correctly. Plus the wpad lookup doesn't always happen on my laptop which is not a member of the domain, and when you go to a workplace where there is no wpad file it takes the browser 20 secs or so to figure before it will display any page it out which is annonying. Wpad config involves setting up a dns entry for wpad.your-domain and placing a wpdat.dat in the root directory. I have this running on the squid server with apache. Ryan -----Original Message----- From: A dot L dot M dot Buxey at lboro dot ac dot uk [mailto:A dot L dot M dot Buxey at lboro dot ac dot uk] Sent: Tuesday, February 07, 2006 5:42 PM To: Neil A. Hillard Cc: m0n0wall at lists dot m0n0 dot ch Subject: Re: [m0n0wall] Settings For Squid Transparent Proxy Hi, > A transparent proxy is ugly and prone to errors, anyway. My > recommendation would be to redirect all request for port 80 (except > those from the machine running squid) to a page on one of your servers > that instructs the user how to configure their browser to use the proxy. ...if you use the 'automatically detect settings' in your browser config (IE, Firefox, Safari etc) then it should put out a request for the WPAD substantiator: http://www.wrec.org/Drafts/draft-cooper-webi-wpad-00.txt bluntly, this means if you have a host responding to that request eg http://proxy_config:80/wpad.dat and wpad.dat contains the settings you are all clear. incidentally 1) this can also be served out as an 'option 252' in the DHCP response 2) the wpad.dat could be held and served by m0n0wall.... so m0n0wall could, trivially, support having a web proxy on your LAN/DMZ which would mean all your clients were happy. easy eh? ;-) alan --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |