[tproxy] Is tproxy a real transparent proxy?

mtpr mtpr at carreira.com.pt
Wed Jun 3 23:43:12 CEST 2009

I think tproxy cannot run in accelerated mode, so a REVERSE transparent 
proxy seems impossible to setup.
There is a phrase in http://wiki.squid-cache.org/Features/Tproxy4 that says:
"...The way TPROXYv4 works makes it incompatible with NAT interception, 
reverse-proxy acceleration, and standard proxy traffic. The intercept, 
accel and related flags cannot be set on the same http_port with tproxy 

Is there someone who build a reverse transparent proxy anyway, or is 
there another way of building one?

mtpr escreveu:
> I am testing tproxy with a vmware Centos-5.3 virtual server.
> I installed squid-3.1, iptables-1.4.3 and kernel-
> Everything seems to be working, unless one...
> There is a proxy behaviour I thought it would be expectable, but I found 
> it doesn't work the way I thought.
> Here is the example:
> If I create a cgi-bin script in a apache webserver that prints the 
> client ip address like this one:
> #!/bin/env python
> # coding: utf-8
> import os
> print 'Content-Type: text/plain'
> print
> print os.environ['REMOTE_ADDR']
> I thought that, in a real transparent proxy, it would give me the 
> original client ip address of the browser computer.
> But no!
> Like the old transparent proxy way (not tproxy), it prints the ip 
> address of the proxy server.
> If I want the original ip address, I need to read the environment 
> It doesn't seem to be a "real" transparent proxy.
> Is this the expectable behaviour, or could be something wrong with the 
> way I setup my tproxy?
> mtpr
> _______________________________________________
> tproxy mailing list
> tproxy at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/tproxy

More information about the tproxy mailing list