Bug 110512 - Ask for tarnsparent proxy support
Summary: Ask for tarnsparent proxy support
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 1
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Arjan van de Ven
QA Contact: Brian Brock
URL: http://www.balabit.com/products/oss/t...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-11-20 16:32 UTC by Péter, Soós
Modified: 2007-11-30 22:10 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2004-01-19 16:07:44 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Péter, Soós 2003-11-20 16:32:40 UTC
From Bugzilla Helper:
User-Agent: Opera/7.22 (X11; Linux i686; U)  [en]

Description of problem:
Is this possible to add tarnsparent proxy support for netfilter? It's 
needed to build proxy based firewalls (e.g. Zorp, see: http://www.
balabit.hu).

Version-Release number of selected component (if applicable):
kernel-2.4.22-1.2115.nptl

Comment 1 Arjan van de Ven 2003-11-20 16:33:58 UTC
my transproxy squid works fine without this patch....


Comment 2 Dave Jones 2003-11-20 16:48:11 UTC
Unneeded.
http://www.faqs.org/docs/Linux-mini/TransparentProxy.html#s2


Comment 3 Péter, Soós 2003-11-20 16:57:34 UTC
Zorp is not a http proxy it is a full proxying firewall suite with 
proxy support for _ALL_ protocols.

Comment 4 Péter, Soós 2003-11-20 16:59:06 UTC
See: http://www.balabit.com/products/zorp/

Comment 5 Dave Jones 2003-11-20 18:12:13 UTC
Netfilter _HAS_ transparent proxy support already.
Zorp seems to be nothing more than a bunch of tools to manage an
ipchains based proxy.

I don't see anything new here as far as the kernel is concerned.




Comment 6 Péter, Soós 2004-01-19 15:44:17 UTC
Netfilter has transparent proxy support in 2.2, but it was leaved out,
because it was dirty implementation. The clean implementation for 2.4
and 2.6 (and Solaris 8!) comes from BalaBit Ltd.
(http://www.balabit.com). It may go into the official kernel in the
future.
BTW: What do you mean "a bunch of tools to manage an
ipchains based proxy"? Zorp is an application level (OSI layer 5)
firewall.
http://www.balabit.com/products/oss/tproxy/,
http://www.balabit.com/products/zorp_gpl/ and
http://www.balabit.com/dl/zorp2.pdf for details.


Comment 7 Dave Jones 2004-01-19 16:07:44 UTC
If it's an improvement, it should go upstream.
I suggest you take it up with the netfilter developers.




Note You need to log in before you can comment on or make changes to this bug.