[plug] Proxy serving, and dial-on-demand
Greg Mildenhall
greg at networx.net.au
Tue Oct 20 11:39:21 WST 1998
On Tue, 20 Oct 1998, Matt Kemner wrote:
> On Tue, 20 Oct 1998, Greg Mildenhall wrote:
> > > * FTP Proxy
> > Squid does this also, but an FTP proxy is not often useful on a small
> > LAN. If you use IP masquerading and the "ip_masq_ftp.o" module, clients
> > can do a normal (non-proxied) FTP.
> Greg, I think you're confusing "proxy" with "cache" :)
> It was my understanding proxy means "to act on behalf of someone" and
> cache (in this context) means "to store proxied data for later re-use"
Yes, I know the difference. But a protocol specific proxy is of no use
unless it a) caches or b) avoids a firewall.
There is no firewall here, since masquerading is in use.
Thus proxy=cache.
> IP Masquerade will proxy your nntp and smtp etc sessions for you -
> transparently.
Hmmm, OK, so call it a IP-proxying :)
There's still no need for any protocol-specific proxies, except where
caching. (http nd DNS)
> To the original poster: since you are new to linux, I assume you don't
> know what masquerading is... Masquerading allows linux to proxy all types
> of internet connections, transparently - instead of WinGate, which has a
> seperate proxy for each major service,
Yeah, what he said......
In all of those words ending in P (http,ftp,nntp,smtp,pop), the P stand
for protocol. Likewise in "IP" and "TCP".
The specific protocols mentioned run over the TCP protocol, which runs
over of the IP protocol.
Whereas proxies for those individual services speak and understand their
specific protocol, (speaking them on your behalf) IP masquerading does the
same for the TCP/IP protocol, with the effect that all of the protocols
running over TCP/IP are already being proxied on a lower level, so in most
cases they will work as they always did, without being aware of the
proxying.
FTP is a little different, because it tries to create a second connection
in the other direction (from server to client), which the proxy can not
handle, hence the need for the module mentioned earlier. (which is a
workaround to create the reverse connection properly.)
> (you can even play quake over your masqueraded link.. I'd like to see that
> with wingate (: )
I can assure you you wouldn't. :)
-Greg Mildenhall
More information about the plug
mailing list