[squid-users] How to allow traffic other than http

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



tor 2002-11-14 klockan 10.10 skrev =E9=CC=D8=D1 =FB=C9=D0=C9=C3=C9=CE:

> > Squid is an HTTP proxy. Either run an MTA (sendmail, postfix, exim, qma=
il,
> > ....) on the squid server or let the wintel clients talk to the ISP's m=
ail
> > server  by routing (and natting?) through the squid server.
>=20
> not only. squid is also https-proxy, it understands "CONNECT" method.
> If you don't know how to make use of CONNECT to implement those things
> like SMTP, IMAP, IRC, POP3, You'd better be keeping silence.
> It's no good to say "it's impossible for sure". If you don't know
> just "I don't know". And even better, don't say anything.

Sure, CONNECT can be used for any simple TCP proxying, but it SHOULD
not.

As Colin says Squid is a HTTP proxy. Part of being a HTTP proxy is also
the responsibility of proxying SSL requests from HTTP agents using the
CONNECT method. Any other uses of the CONNECT method is pure misuse of
the function and is strongly discouraged for many reasons even if
technically possible.

If you want a generic proxy for other protocols such as SMTP, IRC, IMAP,
POP3, etc then SOCKS is the proxy protocol you are after, not HTTP
CONNECT.

Regards
Henrik




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux