Re: [squid-users] transparent proxy by URL?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 05 Aug 2008 00:00:03 +1200

Jordi Prats wrote:
> On Mon, Aug 4, 2008 at 1:33 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
>> Jordi Prats wrote:
>>> Hi all,
>>> I've a transparent proxy using iptables+squid. It's possible to
>>> instruct squid to proxy only if the URL does not contain a given
>>> string?
>>>
>>> For example, if you try to access to
>>> http://lol.example.com/ALLOWEDSTRING/page.html through squid, it
>>> should allow direct access.
>>>
>>> Anyone have a setup like this?
>> Once the request has reached Squid its impossible to stop it reaching Squid.
>
> So, how can it be configured as invisible as possible? I'm trying to
> setup a honeyspot using squid to analyze HTTP data.
>

Okay.
Two questions to help me out with my suggestions:

  Exactly what type of helper software are you using to do the analysis?
   (by helper style I mean: ICAP scanner, redirector capture, log
analysis, etc.)

... and why do you need to exclude certain requests?
  (known good sources, from the helper software itself, etc?)

>
>> What you need is a WPAD/PAC setup for clients browsers.
>>
>> Though there is really no good reason why you can't just proxy straight
>> through for all HTTP requests. The limit usually comes down to broken web
>> server apps.
>>
>> Amos

Amos

-- 
Please use Squid 2.7.STABLE3 or 3.0.STABLE8
Received on Mon Aug 04 2008 - 12:00:02 MDT

This archive was generated by hypermail 2.2.0 : Mon Aug 04 2008 - 12:00:03 MDT