Need some clarifications regarding squid proxy

[rajesh.bahl]

Hi eveyone,

I need some clarifications regarding squid proxy as follows:-

1. Whether squid acts as "cache " proxy if operated in Transparent mode ?
2. What are the basic differences between normal and Transparent proxies ( except that clients need to be configured manually in case of normal proxy server) ?
3. Can we use squid for proxy application if a firewall is running on the same system ( for example firestarter). In case both are to be used, which one should be installed first and why ?
4. What exactly is the accelerator mode in squid ?



Thanks in advance
rajesh.bahl

[Ricky]

1. Yes, in transparent mode it does.
2. Transparent proxy gives you power to do filtering, caching without even client knowing about proxy.
3. Yes, there is no order needed, you can install them at any order, all you need is that firewall should allow proxy.
4. I don't really understood that but if you are acing http_accel mode or something then its just to tell that can be used in transparent mode also. But many time people refer caching mode as accelerator mode.

[rajesh.bahl]

Thanks Ricky !!

A few more queries , please:-
Can you please elaborate that under what conditions "normal" proxy be used and under what conditions the use of "Transparent" proxy is recommended ?

Also is it possible to open secured sites/sites where authentication is required  in Transparent proxy ? Also how to implement content filtering and access control under Transparent Proxy as what I feel is that under transparent proxy setup any one on the local  LAN wil have full access to internet ?

A typical problem with the combination of Squid and firestarter is :

Squid is working fine. When we install and run firestarter for the first time, it asks for "whether internet sharing is to be enabled ". If we say yes to this response then there will be two scenerios:
1.Internet access through NAT scripts generated by firestarter using iptables.
2. Internet access already available through the usage of Squid.

Which one will be used by the clients ?


My requirement is that I need my clients to have access to ftp servers on the internet, mail access via outlook/thunderbird , internet access via squid proxy because of caching advantage.



Thanks In Advance
rajesh.bahl

[Ricky]

Normal proxies are used when you need Authentication but also when you cannot implement NAT in certain situations.

We have discussed it thoroughly , Transparent proxy works with NAT  it means people can also access directly without proxy but as we do redirection then all NAT request are actually sent to Squid which means.. people will see that they are direct but in real , they are using squid. Transparent proxies are also used where certain application give problem with normal proxies.

[rajesh.bahl]

Thanks Ricky.

A simple straight forward query - Squid is working fine in normal mode on my server. I want my clients to be able to do ftp through ftp clients/command line and also be able to exchange mail from web using outlook express.

Additionally if I install firestarter and say no to "enable sharing internet connection" will that give me what I need ?



Regards
rajesh.bahl

[Ricky]

Internet sharing via firestarter is NAT, if you turn on net then you can do whatever you want from client PC but then you will also need to forward NAT request to Proxy so that it will be then Transparent proxy.

To access other application, you enable internet sharing via firestarter and use direct connect for those things which do not work with squid.

[rajesh.bahl]

Thanks a lot , Ricky !!


rajesh.bahl

[Ricky]

Glad to know that it helped u!