mån 2006-12-11 klockan 13:26 -0700 skrev Shaun Skillin (home): > think I need more education on how the packets are presented to squid in > transparent vs. browser-based mode Squid does not look at packets. Squid looks at HTTP messages ontop of TCP connections. As HTTP is also using HTTP messages (it's the HTTP protocol) having port 80 (http) redirected to Squid kind of works. But Squid need to be aware that this is done as the HTTP request format differs slightly for proxy vs origin server requests, and may also need correct interception support for the interception method used to find the intended destination as it's not always indicated in the supposedly direct connection to the server. FTP is not HTTP, but an HTTP client configured to use an HTTP proxy for FTP forwards the requested ftp:// URL in an HTTP proxy request to the proxy, just as if it was a request for an http:// URL. Same thing for gopher etc.. SSL/https is different. As browsers behind a HTTP proxy also need to be able to access encrypted https content the HTTP protocol has a special proxy method for SSL connections, the CONNECT method. This method allows the browser to request the proxy to make a "direct" connection to the requested server with the proxy only acting as a dumb communication relay shuffling data between the two. When the method have completed the browser is given a full duplex TCP connection to the requested server:port and the proxy looks no further at the data exchanged (only shuffles it). You could say it's an escape hatch for HTTP clients out from a network where direct connections is not allowed. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
