On Tue, 2005-11-29 at 11:58 -0600, Les Mikesell wrote:
> On Tue, 2005-11-29 at 11:04, Johnny Hughes wrote:
>
> > > so my question is..why can't yum deal with a squid proxy running in
> > > transparent mode?..<G>
> > Because a transparent proxy is cheating ... yum has no idea that you are
> > using a proxy.
>
> That's the point. You don't need to configure every client. Why would
> anyone want to?
>
> > Transparent proxies are not the way proxy servers should
> > be done.
>
> And the more correct alternative that allows yum to work without
> configuration would be???
>
> > If you know the IP address and port of your transparent proxy ... and
> > you setup yum to use it properly, it will be no problem.
>
> It is no problem for browsers either way. What does yum need that
> browsers don't?
>
> > If yum is not configured to use a proxy, it assumes that it is making a
> > direct connection. This is not an unreasonable assumption, and it is
> > quite logical.
> >
> > Transparent proxies should be against the freaking law :)
>
> Yes, right *after* there is universal agreement on how to auto-configure
> everything that uses http and ftp to use a non-transparent proxy - and
> the matching code gets added everywhere. Meanwhile things that claim
> to use http should work the same way as browsers.
>
OR ... maybe one should figure out how to design transparent proxy rules
that somehow test and make sure the agent is a web browser before one
decides to reroute that information.
actually, squid is pretty good ... and it mostly works with yum as a
transparent proxy.
BUT, rerouting stuff with IPTABLES and using transparent proxies does
sometimes cause problems ... and I can't personally define what gets
fixed in either yum or up2date ... as they are both maintained upstream.
I can tell people how they might work around known problems ... which I
have tried to do.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.centos.org/pipermail/centos/attachments/20051129/6a9d8944/attachment.bin
