Back to proxy main page

Next configuration section

A distinction is made between two different modes of operations. One is the Conventional mode and the other is the Transparent mode.

Conventional mode (non-transparent mode)

In this mode, the proxy needs to be entered in the network settings on the client machines to insure the proxy is used. Also if browsers use independent network settings such as Firefox or Opera. In this mode, the HTTP protocol, HTTPS, FTP over HTTP, and Gopher are available.

For an automatic way, take a look to the Transparent mode mentioned below.

As shown in the configuration example, by ticking the checkbox squid works in the appropriate network and mode. In this example, Squid is enabled on "Green" and "Blue" respectively in the conventional mode. Mixed operations are also possible!

Disadvantage of Conventional mode

Since the proxy can be bypassed by the user relatively easily (if the proxy settings are removed on the client system), if the browser refers his network settings from the system preferences the users should not have administrator privilege to prevent this scenario.

To make sure that the proxy is not bypassed, the outbound firewall can be configured to block port 80 access. Thus, the proxy settings on the client systems must be correct to allow access to the Web, otherwise the connection will be prohibited by IPTables.

Transparent mode

In this mode Squid operates completely in the background and requires no configuration on client side. This mode only works with HTTP (port 80), the transparency is technically regulated by the firewall that intercepts any request to the web through the proxy and redirects the service (REDIRECT-Target).

Common settings - other

  • Proxy port
    • Set the internally-used proxy port (default is port 800)
  • Transparent port
    • Set the internally-used Transparent port (default is port 3128)
  • Visible hostname
    • Set the hostname if needed for error messages or parent proxies
  • Error message language
    • Set the language for error messages output
  • Error message design
    • Set the output for error messages

Next configuration section

Back to proxy main page