[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Set http_proxy on cardctl insert

On Fri, 2002-12-13 at 02:14, Russell Coker wrote:
> On Fri, 13 Dec 2002 10:56, Walter Hofmann wrote:
> > Yet another idea: If you always use a proxy, then set http_proxy to
> > something like http://123.45.67.89:12345 and use iptables to redirect
> > all outgoing connections to the proxy instead of 123.45.67.89:12345.
> > This allows you to switch proxies on the fly without restarting the
> > programs that use the proxy when it changes. (Extending this idea so
> > that you can completely switch off the proxy is left as an exercise...)
> 
> Masquerading of packets originating at the local machine was a new feature 
> added in 2.4.20, so this only works if you are tracking the latest kernels.
> 
> Also use a reserved private address such as 10.x.x.x.

I agree that this is a good idea, using private addresses and such.
However, if the goal is to force outgoing web surfing to go somewhere
else, what about masquerading anything going to ports 80 and 443 from
the local machine.  That way you wouldn't have to change the proxy
settings on whatever browser you were using.

rob
Reply to: