[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: upgrading more then one box by downloading the files once!



>>>>> "Karsten" == Karsten M Self <kmself@ix.netcom.com> writes:
>>>>> "Dave" == Dave Carrigan <dave@rudedog.org> writes:

    Dave> Also, if you prefer not to use a transparent cache (I
    Dave> sometimes want to bypass squid), then you can install a
    Dave> normal squid proxy and set an environment variable:

    Dave> http_proxy=3Dhttp://squidbox.dom.ain:3128/

    Dave> Apt honors the http_proxy environment variable if it's set.

    Karsten> True.  But with a transparent proxy on your gateway
    Karsten> there's *no* client or node configuration to be done to
    Karsten> utilize it -- for any host served by that gateway.
    Karsten> Hence: transparent.

I'm not sure, but IIRC a proxy def (either by http_proxy or by
configuring the app) works for *all* http accesses, no matter which
port.

So, to really be transparent, you'd need to redirect all HTTP acesses
to your firewall's cache.  Hmmm... can iptables analyze the protocol
the connection is using?

(ipchains sure can't)

Bye, J

PS: I'd like to do that... as I can autoconfig Netscape to go via my
firewall when it's there and go direct when it's not (useful on a very
mobile laptop), but I can't do the same for links etc.  (BTW, that's a
tiny Python script being invoked via inetd, no webserver
needed... </brag> ;-)

But the bypassing is important too (I found a server that absolutely
didn't like being contacted by my squid).  You could do that with a
special port, that the firewall would redirect to 80... but then you
couldn't get to servers on non-std ports.  Oh well...

-- 
      Jürgen A. Erhard  (juergen.erhard@gmx.net, jae@users.sf.net)
          My WebHome: http://members.tripod.com/Juergen_Erhard
   Stop the execution of Mumia Abu-Jamal!  (http://www.freemumia.org)
                       DMCA -- A.K.A The Gag Rule

Attachment: pgpdcQg22f_B2.pgp
Description: PGP signature


Reply to: