Common settings

Back to proxy main page

Next configuration section

A distinction is made between two different modes of operations. This is theconventional mode and thetransparent mode.

Conventional mode

In this mode, the proxy needs to be entered in the network settings in the client machines (also if you use browsers with independent network settings such as Firefox or Opera) so the proxy is used.
In this mode, the HTTP protocol, HTTPS, FTP over HTTP, and Gopher are available.

For an automatic way take a look to the "transparent mode" mentioned below.

Configuration example

As shown in the configuration example, by ticking the checkbox squid works in the appropriate network and mode. In this example, Squid is enabled on "Green" and "Blue" respectively in the conventional mode. Mixed operations are also possible!

Disadvantage of this mode

Since the proxy can be bypassed by the users relatively easy (if the proxy settings are removed on the client system), if the browser refers his network settings from the system preferences the users should not have administrator privilege to prevent this scenario.

To make sure that the proxy is not bypassed, the outbound firewall can be configured accordingly. Thus, the proxy settings on the client systems must be correct to allow access to the Web, otherwise the connection will be prohibited by IPTables.

Transparent mode

In this mode Squid operates completely in the background and requires no configuration on client side. This mode only works with HTTP (port 80), the transparency is technically regulated by the firewall that intercepts any request to the web through the proxy and redirects the service (REDIRECT-Target).

Configuration example

Further settings

  • Suppress version information: = By checking this box, the version of Squid won´t be delivered by requests over the WAN.
  • Squid Cache Version: = Defines the actual Squid version.
  • Proxy port: = Here the internally-used proxy port can be selected (default 800).
  • Visible hostname: = If a specific host name should appear in e.g. the error messages or parent proxies, it can be defined here.
  • Error message language: = The language of the error messages output can be defined here.
  • Error message design: = IPFire has its own design for the output of error messages, that also can be affected here.

Next configuration section

Back to proxy main page

Edit Page ‐ Yes, you can edit!

Older Revisions • December 18, 2018 at 11:59 pm • Jon