From owner-freebsd-stable@FreeBSD.ORG Wed Apr 18 13:28:28 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EE4B616A402 for ; Wed, 18 Apr 2007 13:28:28 +0000 (UTC) (envelope-from jon@seaholm.caamora.com.au) Received: from seaholm.caamora.com.au (seaholm.caamora.com.au [203.7.226.5]) by mx1.freebsd.org (Postfix) with ESMTP id DE41313C480 for ; Wed, 18 Apr 2007 13:28:25 +0000 (UTC) (envelope-from jon@seaholm.caamora.com.au) Received: (from jon@localhost) by seaholm.caamora.com.au (8.11.1/8.11.1) id l3IDSEc13005; Wed, 18 Apr 2007 23:28:14 +1000 (EST) Message-ID: <20070418232814.14487@caamora.com.au> Date: Wed, 18 Apr 2007 23:28:14 +1000 From: jonathan michaels To: Volker References: <46247471.9030503@tk-pttuntex.com> <200704172129.22275.sanya-spb@list.ru> <20070418095903.12432@caamora.com.au> <462575D4.2010801@tk-pttuntex.com> <4626094C.20207@vwsoft.com> <46260E3C.4090408@vwsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.84e In-Reply-To: <46260E3C.4090408@vwsoft.com>; from Volker on Wed, Apr 18, 2007 at 02:25:32PM +0200 Organisation: Caamora, PO Box 144, Rosebery NSW 1445 Australia Cc: Adrian Chadd , freebsd-stable@freebsd.org Subject: Re: tproxy on freebsd X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Apr 2007 13:28:29 -0000 On Wed, Apr 18, 2007 at 02:25:32PM +0200, Volker wrote: > On 04/18/07 14:14, Adrian Chadd wrote: > > On 18/04/07, Volker wrote: > > > >> > but with that configuration, still the proxy ip address that visible > >> > when my client using the proxy. > >> > >> Don't understand that sentence. What address is visible to whom? And > >> which address do you want to 'hide'? If you don't want to leak your > >> internal addresses to any outside webserver, this is a squid issue > >> and there should (?) be configuration options for squid. > >> > > > > He means fully transparent - ie, client thinks its talking to the > > server; server thinks its talking to the client; proxy server IP isn't > > visible to either. > > > > > > > > Adrian > > > > Adrian, > > thanks, I got it. > > Talking about real transparent proxy not just a transparent one... ;) not sure i understand this one, a "real transparent" "not just a tra.." > Unfortunately I don't have a solution for that as I'm using mostly > NATed environments and it doesn't make sense to hand out private > address space to a web server. i was assigned a class c some 15 years ago and its getting used for all sorts of admin stuff/disabled user client stuff and other stuff that i cannot sort out 'netting/natting for' most kind regards and appreciations jonathan thanks all ... adrian volker and zen if i forgot somebody sorry. -- ================================================================ powered by .. QNX, OS9 and freeBSD -- http://caamora com au/operating system ==== === appropriate solution in an inappropriate world === ====