[squid-users] (possibly dynamic?) multiple port forwarding in the same internal Network ...
Matus UHLAR - fantomas
uhlar at fantomas.sk
Tue May 25 14:26:32 UTC 2021
>On 5/25/21, Matus UHLAR - fantomas <uhlar at fantomas.sk> wrote:
>> as first I'd like to note that squid is a HTTP/FTP proxy, not a port
>> forwarder (see Subject)
>>
>> squid also does not actively distribute content.
>> It can fetch and cache it, but the rest is on you.
>>
>> and according to your description, most of the work is on you.
>
> Well, yes that I see. I ask here because the most important part of
>what I have in mind is squid in tandem with an ICAP plugin, so you
>should know best about technologies around it. I am not asking for you
>to do such thing or change the design of squid for me.
>
>>> Probably, all the functional requirements relating to what I have
>>>described can not straight-forwardly done with squid, but there should
>>>be a way to use other applications' output to dynamically reconfigure:
>>>
>>> /etc/squid/squid.conf
>>>
>>> So, my questions could be reduced to: which exactly are the
>>>configuration lines that should be changed in both squid and the
>>>browsers on the connected computers or the different browsers in the
>>>same computer?
>>
>> this apaprently means that all squid caches running on their machines will
>> transparently intercept outgoing port 80 connections. Should be easier on
>> local machine.
>>
>> https://wiki.squid-cache.org/SquidFaq/InterceptionProxy
>>
>> note that intercepting HTTPS (port 443) is much more work and issues than
>> port 80 (http).
On 25.05.21 10:14, Albretch Mueller wrote:
> I was actually thinking in terms of some sort of "squid caching
>sessions" instead of having squid running on all local machines, but I
>have to think more about why you have suggested such a solution (or
>possibly misinterpreted my idea)
your description sounded like running caching squid on each machine ("all
other internal computers")
Also, it's much easier to do intercepting proxy on local machine, as you
don't have to play with routing (which is required for intercepting
connections).
Also, it's easier to reconfigure multiple squid caches on multiple computers
than (tons of) different clients on each computer...
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.
More information about the squid-users
mailing list