Topic: SME 7.0 - Tranparanent web proxy ?

[arne]

Does the SME 7.0 Beta 4 contain a tranparant web proxy (Squid) or is is possible to enable/disable the web proxy function by selecting or deselecting web proxy and port 3128 in your browser ?

(With Linux/Squid it is possible to make a firewall forwarding from port 80 to port 3128 so that the user is not able to observe that there is a web proxy involved in the data transport. Don't know if the SME server does this trix.)

Best reg Arne.

[arne]

Exuse me - looks like I didn't hit the "S" key a few times - transparent proxy - of cource.

[arne]

And one other thing - of course the question is related to a standard sme server gateway installation.

[cc_skavenger]

Last version I installed, Alpha something or another had squid installed and was running a transparent http proxy.  There is a server manager panel that allows you to turn it off, though...

HTH

[Franco]

I'm testing beta4 now in servergateway mode, and if I turn proxy on, I have to set the proxy properties under a browser to surf(3128), other packets go through. 7 seems to work a bit different related to previous releases, but it's still beta...

[gordonr]

Does the SME 7.0 Beta 4 contain a tranparant web proxy (Squid) or is is possible to enable/disable the web proxy function by selecting or deselecting web proxy and port 3128 in your browser ?

Have you read the manual?

http://mirror.contribs.org/smeserver/contribs/bobk/SME_Manual/chpt-07.5.html

and yes, the SME Server does include a transparent proxy. If it isn't working for you, please raise a bug in the SourceForge bug tracker.

[arne]

Thanks a lot for your info !

The information in the manual (for sme 6.x) should indirectely indicate that there should be no tranparent proxy function, as a transparent proxy function should make it unneccessary to configure the browser for the proxy.

On the other hand it was my impression that the sme 7.0 has a transparent proxy, and I wondered how to find it out for sure.

The sender ip of the packets leaving out the external interphace will be the same external ip, whether this is obtained using a nat mechanism or a proxy, so you can not tell the difference using a trafic monitor like iptraf (or a trafic monitor like ethereal) (??!!)

Well, if I run top while using the browser on the Windows client, I can see that the Squid demon is popping up and using som eprocessor resources.

It looks like that it is correct that the sme 7.0 use a transparant web proxy and that you can turn it on or of fram the server-manager panel. (Selecting or deselecting from the client side will not work.)

Anybody who nows a bether or more accurate method than "the top method" to indicate if the packets are passing the Squid deamon or not ?! (I think the answer in this case is clear, but it would still be good to have bether methods for stating or exploring the internal server datatransports. To observe that the Squid deamon is pulling some resources is only a indirect and possible and possible not so precice indicator.)

Best reg Arne.

[gordonr]

Anybody who nows a bether or more accurate method than "the top method" to indicate if the packets are passing the Squid deamon or not ?!

Squid logs.