06-24-2013
No more than without the proxy server. You may lose some identity information if the NAT assigns addresses and ports from a pool. The obvious place to put a proxy is on the firewall network boundary, that is to say, within the local no-NAT domain, so you get the identity right, and let the proxy have access, perhaps bypassing NAT/that-firewall. Of course, if you serve many such behind-NAT spaces, you need a NIC or tunnel so they can all locally connect to the proxy, or many proxy servers. If the power/resources are right, a proxy on a firewall with a local DNS server on the firewall is not a bad model -- just a different way through the same firewall. The proxy server is a very heavy DNS user, so a local DNS cache can be a nice idea. There is a wonderful feeling when you prevent a packet from needing to go out on a network!
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
hi. pardon my noob question id just like to have a quick answer. i am planning to install a jabber webclient and a jabber server in our apache server. my boss said this wouldnt work because squid filters port 5222 connections (jabber). i told him we can simply 'unfilter' the port then but he said... (0 Replies)
Discussion started by: marcpascual
0 Replies
2. IP Networking
I have an architecture as below
<> <>
There is a program in the AIX server which sends SMS to the internet, by sending HTTP request to the SMS processing server.
Like, http://smsserver/mysms=test
However the application does not have an option to specify where the Proxy server... (1 Reply)
Discussion started by: firdousamir
1 Replies
3. IP Networking
hi guys!
We are setting up Squid Server. we want the server to be transparent. But I don't know how will i be able to set the network up. is it possible to set the squid server in the same LAN with the Squid Client and still functions as a transparent server? if so, can anybody help me do it?
... (1 Reply)
Discussion started by: init6_
1 Replies
4. IP Networking
Does any one know how to block HTTP Tunnel in squid proxy server.
Pls reply (1 Reply)
Discussion started by: vishwanathhcl
1 Replies
5. UNIX for Advanced & Expert Users
Hi all,
The scenario is:
http://img834.imageshack.us/img834/7990/1234z.jpg
- With:
+ 192.168.100.0/24 : internet link (simulation)
+ Multiple Websites are hosting in local.
+ Complete DNS configuration.
+ OS: CentOS 5
- Requirements:
Configure Squid Proxy as... (0 Replies)
Discussion started by: kidzer0
0 Replies
6. IP Networking
Can any one direct me to the resources where I can find in-depth instructions on Squid Proxy server and its configuration?
Thanks in advance.:) (1 Reply)
Discussion started by: admin_xor
1 Replies
7. UNIX for Advanced & Expert Users
Hello all,
I am trying to configure squid proxy server for different organizations. These organizations will have different blocked ports, different acls, etc. But, I can use only one proxy server for this purpose. Thinking of making a shell script with iptables and squid.
For an example: a... (1 Reply)
Discussion started by: admin_xor
1 Replies
8. Linux
Hi All Im using squid Proxy in centos
Squid version = squid.x86_64 7:3.1.10-20.el6_5
CentOS release 6.5 (Final)
Router IP = 192.168.1.1
My proxy System have 2 Ethernet port
eth0
eth1
Using IP address for eth0 = 192.168.1.15/24
using IP address for eth1 = 192.168.1.16/24
Default... (1 Reply)
Discussion started by: babinlonston
1 Replies
9. Shell Programming and Scripting
i need squid proxy log file daily auto generate by shell script (1 Reply)
Discussion started by: sanjeetkumar086
1 Replies
10. UNIX for Advanced & Expert Users
Hi, forum reader, I have a squid problem. We have 2 squid proxy for two different group staffs, both of them can access gmail for web email access. It used about half year. One day we send out email with image but one proxy group user cannot view that pic but another group can see. Any idea for... (2 Replies)
Discussion started by: justinianho
2 Replies
LEARN ABOUT SUNOS
ssh-http-proxy-connect
ssh-http-proxy-connect(1) User Commands ssh-http-proxy-connect(1)
NAME
ssh-http-proxy-connect - Secure Shell proxy for HTTP
SYNOPSIS
/usr/lib/ssh/ssh-http-proxy-connect [-h http_proxy_host] [-p http_proxy_port] connect_host connect_port
DESCRIPTION
A proxy command for ssh(1) that uses HTTP CONNECT. Typical use is where connections external to a network are only allowed via a proxy web
server.
OPTIONS
The following options are supported:
-h http_proxy_host Specifies the proxy web server through which to connect. Overrides the HTTPPROXY and http_proxy environment vari-
ables if they are set.
-p http_proxy_port Specifies the port on which the proxy web server runs. If not specified, port 80 is assumed. Overrides the HTTP-
PROXYPORT and http_proxy environment variables if they are set.
OPERANDS
The following operands are supported:
http_proxy_host The host name or IP address (IPv4 or IPv6) of the proxy.
http_proxy_port The numeric port number to connect to on http_proxy_host.
connect_host The name of the remote host to which the proxy web server is to connect you.
connect_port The numeric port number of the proxy web server to connect you to on http_proxy_host.
EXAMPLES
The recommended way to use a proxy connection command is to configure the ProxyCommand in ssh_config(4) (see Example 1 and Example 2).
Example 3 shows how the proxy command can be specified on the command line when running ssh(1).
Example 1: Setting the proxy from the environment
The following example uses ssh-http-proxy-connect in ssh_config(4) when the proxy is set from the environment:
Host playtime.foo.com
ProxyCommand /usr/lib/ssh/ssh-http-proxy-connect
playtime.foo.com 22
Example 2: Overriding proxy environment variables
The following example uses ssh-http-proxy-connect in ssh_config(4) to override (or if not set) proxy environment variables:
Host playtime.foo.com
ProxyCommand /usr/lib/ssh/ssh-http-proxy-connect -h webcache
-p 8080 playtime.foo.com 22
Example 3: Using the command line
The following example uses ssh-http-proxy-connect from the ssh(1) command line:
example$ ssh -o'ProxyCommand="/usr/lib/ssh/ssh-http-proxy-connect
-h webcache -p 8080 playtime.foo.com 22"' playtime.foo.com
ENVIRONMENT VARIABLES
HTTPPROXY Takes the http_proxy_host operand to specify the default proxy host. Overrides http_proxy if both are set.
HTTPPROXYPORT Takes the http_proxy_port operand to specify the default proxy port. Ignored if HTTPPROXY is not set.
http_proxy URL format for specifying proxy host and port.
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 An error occurred.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Stable |
+-----------------------------+-----------------------------+
SEE ALSO
ssh(1), ssh-socks5-proxy-connect(1), ssh_config(4), attributes(5)
SunOS 5.10 24 Oct 2001 ssh-http-proxy-connect(1)