On 27/08/2012 10:38 a.m., Roman Gelfand wrote:
Assuming that configuring client browsers' proxy is not a problem, is there a good (where good overweighs bad) reason to use squid transparent proxy feature?
The only other usefulness is to catch unconfigured clients and redirect them at a "how to configure your browser correctly" page (ie ERR_AGENT_CONFIGURE or ERR_AGENT_WPAD in the templates langpack).
I would argue that this is the best way to use it regardless of the circumstances. But some admin consider even that too much of a hassle to their users.
The reason why I am asking is I just skimmed through squid book and they are not painting a rosy picture around transparent proxy. Thanks in advance
Right. The NAT way is convenient for some, but MITM is not a rosy picture at the best of times. You will notice that many of those issues are not limited to HTTP, they or variantions can occur when any protocol is MITM'd.
Amos
