Amos Jeffries wrote: > On 13/12/2016 5:11 a.m., Fomo Dong wrote: >> Hi all, >> >> For couple of days I'm trying to figure out how to get a transparent >> HTTPs proxy to work with Squid. What I'm trying to achieve is a proxy >> that accepts internet traffic from ports 80 & 443, routes them >> through Squid to Privoxy and finally through Tor and returns back the >> data. So essentially I want to "automatically" revert some traffic >> through Tor without the user needing to add a proxy to their >> connection. >> >> I know how to setup the Privoxy and Tor part, but I'm struggling with >> the Squid & IP tables configuration. > > The first thing to be aware of is that Squid obeys the HTTPS > requirement that traffic received on TLS connection also goes out one. > So your Privoxy must be capable of receiving TLS connections from > Squid. > > If Privoxy cannot do TLS like that you could have Squid do the privacy > filtering. But then Tor would face the same requirement. > > > Second thing I want to make clear is that a *transparent* proxy is the > opposite of anonyizing proxy. A transparent proxy hides *itself* while > _revealing_ the client. An anonymous proxy reveals itself, while > hiding the client(s). They are almost direct opposites in behaviour. > > Anyhow, what you meant by the word "transparent" turns out to actually > be "intercepting". We also run a "transparent" proxy, but it is transparent for the _client_. The main office router simply sends an ICMP redirect to point clients to the proxy. -- Per Jessen, Zürich (0.1°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
