From owner-freebsd-isp Mon Jun 17 3:26:40 2002 Delivered-To: freebsd-isp@freebsd.org Received: from amor.yuckfou.org (f40079.upc-f.chello.nl [80.56.40.79]) by hub.freebsd.org (Postfix) with ESMTP id 619A237B400 for ; Mon, 17 Jun 2002 03:26:36 -0700 (PDT) Received: by amor.yuckfou.org (Yuckfou Networks, from userid 500) id D0CE6BA13; Mon, 17 Jun 2002 12:26:34 +0200 (CEST) Date: Mon, 17 Jun 2002 12:26:34 +0200 From: Nils Vogels To: freebsd-isp@freebsd.org Subject: Re: squid proxy on a natd machine ?? Message-ID: <20020617122634.G82652@amor.yuckfou.org> Reply-To: Nils Vogels Mail-Followup-To: freebsd-isp@freebsd.org References: <20020617095844.9940.qmail@web20105.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020617095844.9940.qmail@web20105.mail.yahoo.com>; from freefabri@yahoo.it on Mon, Jun 17, 2002 at 11:58:44AM +0200 Organization: Yuckfou Networks -- Internet with a smile! X-PGP-key: finger://nivo.pgpkey@yuckfou.org X-PGP-Fingerprint: B43C 1EFB 1DD3 4D7E 7D49 8036 401F BE41 C26B D15F X-Echelon-trap: Arafat, bomb, hezbollah, terrorist, gun, FBI, CIA, FCC, murder, kill X-Stardate: [-30]8627.16 X-Uptime: 12:24PM up 45 days, 8:37, 7 users, load averages: 1.04, 1.05, 1.03 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Jun 17, 2002 at 11:58:44AM +0200, Fabrizio Ravazzini wrote: > Hello all is it a problem to install squid proxy on a > nat machine? > We've installed a FreeBSD 4.5 machine used to connect > a Lan to internet, we use natd daemon which "puts" all > the internal traffic to the external interface. > We also need a proxy for http requests, so we decided > to install squid on the same machine,is it a good > idea? or because of the natd the proxy isn't able to > take care of the requests on port 80? > Is it better to have the proxy on another machine > between the Lan and the nat? Squid will do just fine. You can achieve what you want to do in two ways: 1) Make the proxy available via a port redirect in the natd software 2) Enable transparent proxying (that way nobody escapes ;) For option 1; there are leads in the natd docs For option 2; You will have to enable transparent caching in squid while compiling and youll have to enable transparent caching in natd as well. All is documented. Gr, -- Nils Vogels PGP:0xC26BD15F Available on keyservers. S@H:4723WU/6.426yr --> setiathome.ssl.berkeley.edu. Will you find aliens? My other computer is your windows box. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message