Bug 110512 - Ask for tarnsparent proxy support
Ask for tarnsparent proxy support
Status: CLOSED UPSTREAM
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
1
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
http://www.balabit.com/products/oss/t...
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-11-20 11:32 EST by Péter, Soós
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-01-19 11:07:44 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Péter, Soós 2003-11-20 11:32:40 EST
From Bugzilla Helper:
User-Agent: Opera/7.22 (X11; Linux i686; U)  [en]

Description of problem:
Is this possible to add tarnsparent proxy support for netfilter? It's 
needed to build proxy based firewalls (e.g. Zorp, see: http://www.
balabit.hu).

Version-Release number of selected component (if applicable):
kernel-2.4.22-1.2115.nptl
Comment 1 Arjan van de Ven 2003-11-20 11:33:58 EST
my transproxy squid works fine without this patch....
Comment 2 Dave Jones 2003-11-20 11:48:11 EST
Unneeded.
http://www.faqs.org/docs/Linux-mini/TransparentProxy.html#s2
Comment 3 Péter, Soós 2003-11-20 11:57:34 EST
Zorp is not a http proxy it is a full proxying firewall suite with 
proxy support for _ALL_ protocols.
Comment 4 Péter, Soós 2003-11-20 11:59:06 EST
See: http://www.balabit.com/products/zorp/
Comment 5 Dave Jones 2003-11-20 13:12:13 EST
Netfilter _HAS_ transparent proxy support already.
Zorp seems to be nothing more than a bunch of tools to manage an
ipchains based proxy.

I don't see anything new here as far as the kernel is concerned.


Comment 6 Péter, Soós 2004-01-19 10:44:17 EST
Netfilter has transparent proxy support in 2.2, but it was leaved out,
because it was dirty implementation. The clean implementation for 2.4
and 2.6 (and Solaris 8!) comes from BalaBit Ltd.
(http://www.balabit.com). It may go into the official kernel in the
future.
BTW: What do you mean "a bunch of tools to manage an
ipchains based proxy"? Zorp is an application level (OSI layer 5)
firewall.
http://www.balabit.com/products/oss/tproxy/,
http://www.balabit.com/products/zorp_gpl/ and
http://www.balabit.com/dl/zorp2.pdf for details.
Comment 7 Dave Jones 2004-01-19 11:07:44 EST
If it's an improvement, it should go upstream.
I suggest you take it up with the netfilter developers.


Note You need to log in before you can comment on or make changes to this bug.