On 25.05.21 01:51, Albretch Mueller wrote:
Subject: (possibly dynamic?) multiple port forwarding in the
same internal Network ...
As part of a teaching and learning (TaL)/school software, I need squid:
as first I'd like to note that squid is a HTTP/FTP proxy, not a port
forwarder (see Subject)
a) to detect one of the connected computers in an internal network
comprising wirelessly connected and wired computers as the "master"
(operated by the teacher);
b) when that master reach out to an outside URL, the response should
be replicated in that master's and all other internal computers; but
squid also does not actively distribute content.
It can fetch and cache it, but the rest is on you.
and according to your description, most of the work is on you.
c) responses to requests originating in the non master ("slave"?)
ends, return to their corresponding ends;
d) at times the master should be able to switch off that replicating feature;
e) more than one or all computers should be able to play "master";
f) all other "slave" should operate in a "transparent proxy" mode;
g) on a single computer, someone could use different
browsers/versions to do a-f ...
I have seen that partially implemented one way or the other, however
I need to integrate/manage all parts as part of an integrated whole.
I could imagine these kinds of setups being used in TaL and
conferencing environments, as well as in testing environments and, for
example, §a could be achieved with the mac address and/or cookies, but
someone could run macchanger and delete all cookies in their browser,
so an extra authentication barrier should be used, which I see as the
only fool proof way of setup and know who the masters are, or? How
could disable slave ends from authenticating? I am not a networking
kind of guy, so I am not quite sure about the kind of scenarios that
could play out in those kinds of dynamic "master"/"slaves" setups.
Probably, all the functional requirements relating to what I have
described can not straight-forwardly done with squid, but there should
be a way to use other applications' output to dynamically reconfigure:
/etc/squid/squid.conf
So, my questions could be reduced to: which exactly are the
configuration lines that should be changed in both squid and the
browsers on the connected computers or the different browsers in the
same computer?
this apaprently means that all squid caches running on their machines will
transparently intercept outgoing port 80 connections. Should be easier on
local machine.
https://wiki.squid-cache.org/SquidFaq/InterceptionProxy
note that intercepting HTTPS (port 443) is much more work and issues than
port 80 (http).
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
