[ilugd] Squid as transparent proxy using TPROXY
I have a problem of accommodating a large increase in the number of users on my LAN, without proper planning at the level of the router. The router now has a throttle of around 50%! Fortunately, in our times of excess, we had not implemented web-caching. This, I hope, could be the short-term answer to serving the users on the LAN and reducing throttle. For administrative issues, it is best if squid is implemented as a transparent cache. Most info on the net has squid sitting on the router, and is transparent only to the client. Since content filtering etc, is provided through a UTM box - Cyberoam - I need squid to be transparent to both client and web-server. TPROXY promises such a feature. Does anyone have the experience in setting this kind of a configuration, and can point me to some easy-to-follow how-tos? Would also be glad to hear from anyone who has another solution. Regards, Andrew ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Squid as transparent proxy using TPROXY
On 19/11/09 19:06, Andrew Lynn wrote: I have a problem of accommodating a large increase in the number of users on my LAN, without proper planning at the level of the router. The router now has a throttle of around 50%! Fortunately, in our times of excess, we had not implemented web-caching. This, I hope, could be the short-term answer to serving the users on the LAN and reducing throttle. For administrative issues, it is best if squid is implemented as a transparent cache. Most info on the net has squid sitting on the router, and is transparent only to the client. Since content filtering etc, is provided through a UTM box - Cyberoam - I need squid to be transparent to both client and web-server. TPROXY promises such a feature. Does anyone have the experience in setting this kind of a configuration, and can point me to some easy-to-follow how-tos? Would also be glad to hear from anyone who has another solution. Regards, Andrew Andrew, AFAIK, Cyberroam actually has a proxy module and can be set for both transparent or otherwise. Its in the interface options of Cyberoam. You may just want to stick with that rather than introduce a new box/service. Cheers...Kishore -- Hindsight is an exact science. ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
Re: [ilugd] Squid as transparent proxy using TPROXY
On Thu, Nov 19, 2009 at 8:57 PM, Kishore Bhargava kish...@linkaxis.com wrote: On 19/11/09 19:06, Andrew Lynn wrote: I have a problem of accommodating a large increase in the number of users on my LAN, without proper planning at the level of the router. The router now has a throttle of around 50%! Fortunately, in our times of excess, we had not implemented web-caching. This, I hope, could be the short-term answer to serving the users on the LAN and reducing throttle. For administrative issues, it is best if squid is implemented as a transparent cache. Most info on the net has squid sitting on the router, and is transparent only to the client. Since content filtering etc, is provided through a UTM box - Cyberoam - I need squid to be transparent to both client and web-server. TPROXY promises such a feature. snip AFAIK, Cyberroam actually has a proxy module and can be set for both transparent or otherwise. Its in the interface options of Cyberoam. You may just want to stick with that rather than introduce a new box/service. Nope. New versions of Cyberoam have removed support for (Squid)/caching in the box - probably because the cache was eating up the small disk on board. They have recently introduced a great logging/reporting solution called Cyberoam iview[1] which can link Squid, Syslog and Cyberoam or other UTMs like Sonicwall. But ... that does not solve my problem :( Andrew [1] http://sourceforge.net/projects/cyberoam-iview/ http://www.cyberoam-iview.org/ -- Freed.in : Freedom in technology and software ___ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/