Le lundi 05 juin 2006 à 12:32 +0200, Nicolas Mailhot a écrit : > Hi, > > I'm currently setting up a transparent proxy for a small LAN. Since I > already have an apache running on the LAN gateway, I want to use > mod_proxy. > > Transparent proxy in this context means the gateway networking rules > redirect any request to web ports to the proxy system. Users do not have > to configure anything special in their browser. The classical FOSS > transparent proxy is squid. > > My problem is when users manually configure the proxy address in their > browser everything is fine (except most of the lan systems are laptops > and manual config is a no-go). When I use the networking tools to > redirect the packets to mod_proxy, apache logs show > > "GET / HTTP/1.1" instead of > "GET http://foo.org/ HTTP/1.1" and users are always served empty blank > index pages
Also the netfiler people just told me : > Well, if Apache sees the traffic on port 8081 then your redirect is > working as it should. Netfilter does nothing with the contents of the > packets, just with the addresses and ports. So the network part should be fine. Attaching my proxy conf in case it helps Regards, -- Nicolas Mailhot
# Local transparent proxy for the LAN
Listen 192.168.1.1:8081
<IfModule mod_proxy.c>
ProxyRequests On
ProxyVia On
NoProxy localhost .bob 192.168.1.0/24 127.0.0.1
ProxyDomain .bob
ProxyBadHeader Ignore
ProxyPreserveHost On
<IfModule mod_cache.c>
# 24h
CacheDefaultExpire 86400
<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
CacheDirLength 4
CacheDirLevels 5
CacheMaxFileSize 33554432
</IfModule>
<IfModule mod_mem_cache.c>
CacheEnable mem /
MCacheSize 262144
MCacheMaxObjectCount 32768
MCacheMaxObjectSize 33554432
</IfModule>
</IfModule>
<Proxy *>
Order Deny,Allow
Deny from all
Allow from .bob
Allow from 192.168.1.0/24
Allow from 127.0.0.1
</Proxy>
</IfModule>
signature.asc
Description: Ceci est une partie de message numériquement signée
