Enable transparent proxy and non-transparent proxy

[rmahorn@…]

Hi Guys,

I think I've found what may be a bug:

When I enable transparent proxy, computers using the non-transparent proxy stops working on the network.

Is there a way to use both?

I have a setup where I need a transparent proxy for mobile devices, such as iPads, Phones PDAs etc... but I need to use non-transparent proxy for the desktops and laptops.

Thanks for your help, Richard

[jamor@…]

Hello Rmahor,

no, it is not a bug. This feature has not been requested before. Why do you need to use non-transparent proxy for the desktop/laptops ?.

Regards,

Javier

[rmahorn@…]

Replying to jamor@…:

Hello Rmahor,

no, it is not a bug. This feature has not been requested before. Why do you need to use non-transparent proxy for the desktop/laptops ?.

Regards,

Javier

Hi Javier,

The primary use will be for active directory group based and https filtering.

I'm aware that I can block certain ip ranges with the firewall for https websites when using the transparent proxy, but in a medium sized environment this just isn't practical.

Kind regards, Richard

[jamor@…]

Hello Richard,

this is a feature request and we have to think if we include it or not.

However there is a workaround for you. To enable no-transparent proxy do you need two firewall rules:

1) Redirecting traffic from HTTP proxy port (default 3128) to dansguardian port (3129).

2) Accepting traffic in dansguardian port (3129)

This asssumes that you are using filter mode and that you dont have different policies for objects.

The best way to implement this is using a firewall hook, see this post for more information ->  http://blogs.zentyal.org/jacalvo/2011/01/04/how-to-customize-the-configuration-files-generated-by-zentyal/

Regards, Javier

[jsalamero@…]

Squid doesn't allow to work in both modes at the same time, so I'm afraid I'm closing this ticket as invalid.