n00b Question: use router to direct port 80 and 443 traffic to separate proxy server?

DurocShark · 11-18-2009, 01:23 PM

This is probably stupid simple, but I haven't seen anything that jumps out at me. I'm happy for educational links too.

--

Coffee shop has two routed networks. One for staff and internal computers, one for public access. They're routed through an old Red Hat 4.1.2 box. The networks are working fine, but we want to use a different web filter that requires it be used as a proxy.

I would prefer not to push out PAC files to visitors and then provide tech support to support that for customers. Can I use the existing routes to direct all the public access 80 and 443 (I may decide to add others later) to the proxy without having to configure their browsers?

Tinkster · 11-18-2009, 01:50 PM

Hi, welcome to LQ!

You most certainly can (not that I know which proxy you're intending to use).
Search google for "squid transparent proxy" - that should arm you with enough
ideas on how to use iptables to achieve what you're after.

And I hope that RedHat 4.1.2 means something like RedHat Enterprise Linux (RHEL 4.x);
otherwise I'd like to call you criminally insane ;D.

Cheers,
Tink

DurocShark · 11-18-2009, 01:57 PM

Quote:

Originally Posted by Tinkster

And I hope that RedHat 4.1.2 means something like RedHat Enterprise Linux (RHEL 4.x);
otherwise I'd like to call you criminally insane ;D.

Cheers,
Tink

I hope so too... It doesn't say RHEL anywhere in /proc/version. But the Kernel is 2.6.18 so that at least is sometime this century...

I had ignored the Squid references because we have a commercial web filter, but it didn't occur to me to try to glean the info from there.

Thanks!

Tinkster · 11-18-2009, 02:00 PM

Quote:

Originally Posted by DurocShark

I hope so too... It doesn't say RHEL anywhere in /proc/version. But the Kernel is 2.6.18 so that at least is sometime this century...

Have a look at /etc/redhat-release.

Quote:

Originally Posted by DurocShark

I had ignored the Squid references because we have a commercial web filter, but it didn't occur to me to try to glean the info from there.

Thanks!

No worries - hope it works ok for you! Out of curiosity:
which commercial product are you using?

Cheers,
Tink

DurocShark · 11-18-2009, 02:17 PM

Currently we're using Websense tied to a Juniper firewall. So it's all transparent. But Websense is $$$ so I'm testing a Sophos web appliance right now.

DurocShark · 11-18-2009, 02:19 PM

redhat-release returns RHEL 5.2. Hmm... I wonder why /proc/version shows Red Hat 4.1?

Tinkster · 11-18-2009, 03:05 PM

Quote:

Originally Posted by DurocShark

redhat-release returns RHEL 5.2. Hmm... I wonder why /proc/version shows Red Hat 4.1?

It doesn't :}

That's the compiler version ;}

Cheers,
Tink

Tinkster · 11-18-2009, 03:07 PM

Quote:

Originally Posted by DurocShark

Currently we're using Websense tied to a Juniper firewall. So it's all transparent. But Websense is $$$ so I'm testing a Sophos web appliance right now.

If you want to avoid $$$ you could have a look at the
combination Squid/DansGuardian. Does a reasonably good
job - requires some grunt on the machine if you want to
scan content for viruses, though.

Cheers,
Tink

jefro · 11-18-2009, 03:16 PM

Might look at things like untangle and other open sourced devices. Can run them as virtual machines within other systems.

Should be able to use wpad.dat too.

DurocShark · 11-19-2009, 06:29 AM

The malware and multi-policy and AD integration are needed, which is why were going commercial.

Websense still doesn't even support NTLMv2, let alone Kerb. NTLMv1 and Lan Manager are disabled on my AD servers.

The battle is between iPrism and Sophos. iPrism pre-sales support was utter crap. Sophos has been great. Plus I use Sophos a/v on the desktops and love it.

As for what the 4.1.2... I did say I was a n00b.