Wednesday, December 7, 2016

Should http traffic be blocked to enable non transparent proxy?

February 7, 2013 by admin  
Filed under Discussions

Question by computersrmyfriends: Should http traffic be blocked to enable non transparent proxy?

Hello everyone,
I would like to know if HTTP traffic should be blocked on Linux based firewalls to enable non transparent proxy (ie automatic redirection to a login page when a user tries to open any webpage).
Thanks…
P.S:The firewall I’m using is ENDIAN firewall.

Best answer:

Answer by Mad Dog Laurie
I think you’re more interested in port forwarding than blocking in this case.

Say if I’ve got squid running on my firewall box and it’s accepting connections on port 8080, Web browsers are still going to send requests off to port 80 for HTTP and port 443 for HTTPS requests. It’s just the way they work (unless you override it with the :portno at the end of the domain name).

It’s the firewalls job to redirect port 80 requests to port 8080 where the proxy is listening and then the proxy can handle the request on behalf of all the hosts you’ve got on your LAN.

Add your own answer in the comments!

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Get Adobe Flash playerPlugin by wpburn.com wordpress themes