Le lundi 05 juin 2006 à 12:32 +0200, Nicolas Mailhot a écrit : > Hi, > > I'm currently setting up a transparent proxy for a small LAN. Since I > already have an apache running on the LAN gateway, I want to use > mod_proxy. > > Transparent proxy in this context means the gateway networking rules > redirect any request to web ports to the proxy system. Users do not have > to configure anything special in their browser. The classical FOSS > transparent proxy is squid. > > My problem is when users manually configure the proxy address in their > browser everything is fine (except most of the lan systems are laptops > and manual config is a no-go). When I use the networking tools to > redirect the packets to mod_proxy, apache logs show > > "GET / HTTP/1.1" instead of > "GET http://foo.org/ HTTP/1.1" and users are always served empty blank > index pages Also the netfiler people just told me : > Well, if Apache sees the traffic on port 8081 then your redirect is > working as it should. Netfilter does nothing with the contents of the > packets, just with the addresses and ports. So the network part should be fine. Attaching my proxy conf in case it helps Regards, -- Nicolas Mailhot
# Local transparent proxy for the LAN Listen 192.168.1.1:8081 <IfModule mod_proxy.c> ProxyRequests On ProxyVia On NoProxy localhost .bob 192.168.1.0/24 127.0.0.1 ProxyDomain .bob ProxyBadHeader Ignore ProxyPreserveHost On <IfModule mod_cache.c> # 24h CacheDefaultExpire 86400 <IfModule mod_disk_cache.c> CacheEnable disk / CacheRoot "/var/cache/mod_proxy" CacheDirLength 4 CacheDirLevels 5 CacheMaxFileSize 33554432 </IfModule> <IfModule mod_mem_cache.c> CacheEnable mem / MCacheSize 262144 MCacheMaxObjectCount 32768 MCacheMaxObjectSize 33554432 </IfModule> </IfModule> <Proxy *> Order Deny,Allow Deny from all Allow from .bob Allow from 192.168.1.0/24 Allow from 127.0.0.1 </Proxy> </IfModule>
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
|