Re: Auto Proxy Configuration?

From: George Ellenburg <gme@dont-contact.us>
Date: Wed, 11 Feb 1998 23:08:44 -0500 (EST)

On Thu, 12 Feb 1998, Michael Samuel wrote:

> On Wed, 11 Feb 1998, George Ellenburg wrote:
>
> Hmm... I cheated though :-)
>
> I use a Linux boxen for the dialup itself. I would NEVER use a Linux box
> as a main router, because the simple fact is, they are more prone to misc.
> hardware failures than a Cisco router. (not that Cisco routers are
> indestructable or anything)

Now *that's* a possibility. It had totally slipped my mind to change the
default gateway for my PM's and TCH's to use anything but my Cisco... and
for doing something like that, I have far less problems doing something
like that than having my entire network flow through it.

Question, you think a 486DX2/66 would be sufficient to handle the
Transparent Proxying stuff for Linux? Overkill? I've got a 486 lying
around...

> Aha... I am a Holy Linux supporter, but I have no beef with any truly free
> software...
>
> I beleive that freebsd can still do transparent proxying somehow... But I
> don't know.

Only reason why we're running BSD/OS is at the time we started it was cost
efficient. BSDI has gotten too greedy so any new servers will be on
FreeBSD.

As far as FreeBSD doing transparent proxying, from what I gather the
current release (2.2.5) can't, at least not easily and not without some
really serious kernel hacking - I've got more important issues on my ever
growing "To Do" List than to sit down and hack the FreeBSD Kernel.

> I have a customer support page, which will tell customers how to set up
> the java proxy autoconfig.

I don't frankly trust my customers to do that. ;-)

> Hehehe... Netscape are a little bit more security concious than that :-)
>
> They will have to do it manually.

Then the tranparent proxy looks like the way to go... Looks like I'll be
FTP'in the latest Debian Linux Disks for an install this weekend.

> As for IE, you can just give customers a .ins file which will set
> everything up (Start page, search page, dialup+scripting, proxies etc.)
>
> This comes with the IEAK.

Yeah, we're doing the whole IEAK thing now - but I'm more concerned about
old customers than new ones. ;-)

> I don't recommend transparent proxying, this is just to catch those that
> slip through the cracks once you beleive that most are using the proxy.

Well, I don't have a problem doing transparent proxying; in fact I posted
a few articles here a few months ago when I was first tackling this issue
but never received any good responses for doing Transparent Proxying under
FreeBSD or BSD/OS. Linux however may be back in the game if the router is
limited solely to the Dial-Up Customers.

---
George Ellenburg
Received on Wed Feb 11 1998 - 20:13:56 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:51 MST