You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Nicolas Mailhot <ni...@laposte.net> on 2006/06/05 12:32:42 UTC

[users@httpd] Using Apache 2.2 mod_proxy to setup a transparent LAN proxy

Hi,

I'm currently setting up a transparent proxy for a small LAN. Since I
already have an apache running on the LAN gateway, I want to use
mod_proxy.

Transparent proxy in this context means the gateway networking rules
redirect any request to web ports to the proxy system. Users do not have
to configure anything special in their browser. The classical FOSS
transparent proxy is squid. 

My problem is when users manually configure the proxy address in their
browser everything is fine (except most of the lan systems are laptops
and manual config is a no-go). When I use the networking tools to
redirect the packets to mod_proxy, apache logs show

"GET / HTTP/1.1" instead of
"GET http://foo.org/ HTTP/1.1" and users are always served empty blank
index pages

Can't mod_proxy be used in transparent mode like squid ?

Regards,

-- 
Nicolas Mailhot

[users@httpd] Re: Using Apache 2.2 mod_proxy to setup a transparent LAN proxy

Posted by Nicolas Mailhot <ni...@laposte.net>.

Le lundi 05 juin 2006 à 12:32 +0200, Nicolas Mailhot a écrit :
> Hi,
> 
> I'm currently setting up a transparent proxy for a small LAN. Since I
> already have an apache running on the LAN gateway, I want to use
> mod_proxy.
> 
> Transparent proxy in this context means the gateway networking rules
> redirect any request to web ports to the proxy system. Users do not have
> to configure anything special in their browser. The classical FOSS
> transparent proxy is squid. 
> 
> My problem is when users manually configure the proxy address in their
> browser everything is fine (except most of the lan systems are laptops
> and manual config is a no-go). When I use the networking tools to
> redirect the packets to mod_proxy, apache logs show
> 
> "GET / HTTP/1.1" instead of
> "GET http://foo.org/ HTTP/1.1" and users are always served empty blank
> index pages

Also the netfiler people just told me :

> Well, if Apache sees the traffic on port 8081 then your redirect is
> working as it should. Netfilter does nothing with the contents of the
> packets, just with the addresses and ports.

So the network part should be fine.

Attaching my proxy conf in case it helps

Regards,

-- 
Nicolas Mailhot