Search squid archive

Re: FW: Encrypted browser-Squid connection errors

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 10/25/22 10:18 AM, Matus UHLAR - fantomas wrote:
I prefer to explicitly state what one means by transparent because RFC2616 has defined transparent proxy diferently: 

On 25.10.22 10:56, Grant Taylor wrote:
I do too. I /thought/ that I was explicitly stating. At least that was my intention.
Aside: That's why I included my working definition. So hopefully you would know what I meant even if I accidentally used the wrong term. 

I think intercepting is better, more precise.
Based on the quoted sections, it seems to me like an intercepting proxy is a superset of a transparent proxy. 

those two are completely separate,
proxy may be intercepting and modify content (e.g. filter), including squid.
Aside: I've long been a fan of and preferred explicit client configuration to use a proxy.
yes, especially PAC scripts are great to explicitly state what you need, including using socks for other than http(s)/ftp connections (direct smtp,imap,pop3 over socks)
and of course socks is generic bidiretional tcp/udp proxy, which makes it possible to implement it near over any kind of communication.
Yes, SOCKS is bidirectional. However, inbound connections through it, e.g. FTP active connections, are time limited. -- At least I'm not aware of any way to have a SOCKS proxy allow inbound traffic indefinitely a la. port forwarding in NAT or SSH remote port forwarding (assuming the real server is the SSH client).
I guess PORT connections have to be allowed on the SOCKS server which is I'd say not common (can be dangerous)
passive connections are safe in case of ftp/ssl, where it's impossible to know for the proxy/firewall who connects where. 

--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you to install Windows.   -- Matthew D. Fuller
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux