LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-10-2009, 04:49 AM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Rep: Reputation: 30
what does transparent proxy mean?


Does a transparent proxy just mean when traffic is redirected to port 3128?
Is there any problem with just telling people to use port 3128?

For example, I could redirect all traffic on 8080 to 3128.
 
Old 08-10-2009, 05:04 AM   #2
nowonmai
Member
 
Registered: Jun 2003
Posts: 481

Rep: Reputation: 48
A transparent proxy is when the client requires no configuration to be proxied.
The way to achieve this is to create fw rules on the gateway that redirect packets with the one destination port, to anther port, generally where the proxy software is listening.

The classic example is for your gateway firewall to redirect packets destinated for port 80 to 3128 or 8080 where they are handled by the proxy server/filter and then passed (if necessary) to the actual destination server/port.

The reason for it is to prevent people un-proxying their http (or whatever) connections.
 
Old 08-10-2009, 05:12 AM   #3
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by nowonmai View Post
A transparent proxy is when the client requires no configuration to be proxied.
The way to achieve this is to create fw rules on the gateway that redirect packets with the one destination port, to anther port, generally where the proxy software is listening.

The classic example is for your gateway firewall to redirect packets destinated for port 80 to 3128 or 8080 where they are handled by the proxy server/filter and then passed (if necessary) to the actual destination server/port.

The reason for it is to prevent people un-proxying their http (or whatever) connections.
So this is really only useful for within networks behind a firewall where you want internet connections to go through the proxy first?

If I have a proxy available to anyone on the internet they still need its IP address and I would forward connections on port 80 to 3128?
Why not just tell them to connect to 3128?
 
Old 08-10-2009, 05:31 AM   #4
nowonmai
Member
 
Registered: Jun 2003
Posts: 481

Rep: Reputation: 48
Quote:
Originally Posted by qwertyjjj View Post
Why not just tell them to connect to 3128?
Because they might decide not to... particularly where the proxy also includes some form of filtering/scanning.
 
Old 08-10-2009, 05:31 AM   #5
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by qwertyjjj View Post
So this is really only useful for within networks behind a firewall where you want internet connections to go through the proxy first?
Yes. But then that's the whole point (or at least one of
the major points) of having a proxy.

Quote:
Originally Posted by qwertyjjj View Post
If I have a proxy available to anyone on the internet they still need its IP address and I would forward connections on port 80 to 3128?
Why not just tell them to connect to 3128?
Because it requires *no* set-up on the client?



Cheers,
Tink
 
Old 08-10-2009, 05:52 AM   #6
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,012

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by Tinkster View Post
Yes. But then that's the whole point (or at least one of
the major points) of having a proxy.


Because it requires *no* set-up on the client?



Cheers,
Tink
Well, it does in an environemtn where people are connecting to a proxy outside of thir network. For example, to hide their IP or spoof the fact that they are in their own country.
For this, the user has to set up the IP address in their browser anyway don't they?
I guess giving them a different port hides the proxy server port?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Transparent Proxy gudboy Linux - Newbie 2 03-09-2008 08:46 PM
transparent proxy lqchangba Linux - Server 1 02-27-2007 11:25 AM
transparent proxy tsaravan Linux - Networking 10 02-06-2006 01:49 AM
transparent proxy mattsthe2 Linux - Networking 9 10-26-2005 09:44 AM
Transparent Proxy vinhhv Linux - Networking 0 07-23-2003 02:01 AM


All times are GMT -5. The time now is 09:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration