fre 2007-04-27 klockan 13:18 +0300 skrev robert@xxxxxxxxxx: > i need it for sure. and why shouldn't my network support it ? Do your network route return traffic from the internet with a destination IP of one of the clients via the proxy which forwarded the traffic out to the internet? transparent == Transparent interception of port 80 traffic without browser configuration. Works on most OS:es supporting transparent interception (Linux 2.x, FreeBSD, OpenBSD, Solaris, etc etc..). Usually done with assymetric routing where outgoing port 80 traffic is redirected to the proxy. tproxy == Forwarding of requests using the original clients IP as source address. Requires a TPROXY patched Linux kernel. Requires fully symmetric routing of port 80 traffic in both directions. The only reasonably deployable tproxy network configurations I know of is a) A single proxy which also acts as the sole Internet gateway for all Internet traffic. b) Dual WCCP2 setup with two WCCP2 services, one for outgoing requests and another mirrored WCCP2 service for return traffic. It's also kind of possible with carefully crafted route maps, but doesn't scale well with more than one proxy.. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
