Looking for proxy ware, whitch is the best out there ? ?
Greetings !
I am looking for a good proxy, and since stuff is being developed all the time I think it's time for a bit of name your favorite.
Points go to reasons why you like the proxy that you are using.
I do have conditions for submitions !
1) Software, no hardware
2) FREE stuff. If I'm setting up a proxy I'm not going to pay for software ( I'm broke ;-)
3) Windows or Linux (Woody rulez ! )
4) I want to cash pages, maybe filter URL'z.
5) I have a firewall on my router ( Cisco access-list) so the proxy can be weak on the firewalling
6) I WANT STATS ! I need to keep track of bandwith hogs with up to the minute stats, catch network worms before they spread, ect.
7)I would like to throttle, maybe per IP or port or something similar.
8) I dont mind having to learn to do a tricky setup, though my time is precious.
Thanks ! please submit/vote ( pritty pritty pleeeeeaeeze )
I am looking for a good proxy, and since stuff is being developed all the time I think it's time for a bit of name your favorite.
Points go to reasons why you like the proxy that you are using.
I do have conditions for submitions !
1) Software, no hardware
2) FREE stuff. If I'm setting up a proxy I'm not going to pay for software ( I'm broke ;-)
3) Windows or Linux (Woody rulez ! )
4) I want to cash pages, maybe filter URL'z.
5) I have a firewall on my router ( Cisco access-list) so the proxy can be weak on the firewalling
6) I WANT STATS ! I need to keep track of bandwith hogs with up to the minute stats, catch network worms before they spread, ect.
7)I would like to throttle, maybe per IP or port or something similar.
8) I dont mind having to learn to do a tricky setup, though my time is precious.
Thanks ! please submit/vote ( pritty pritty pleeeeeaeeze )
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi
Thanks ... all this does help allot. Tell me more about the transparent proxy please ! I'm getting it to use delay pools
Thanks
Thanks ... all this does help allot. Tell me more about the transparent proxy please ! I'm getting it to use delay pools
Thanks
Transparent Proxy is actually pretty easy to configure.
For transparent proxy, all this (in effect) happens is that shorewall firewall (or iptables) redirects any incoming port 80 requests to port 3128 - without the end user knowing about it.
Port 3128 being the default squid proxy port.
look on http://www.tldp.org/HOWTO/TransparentProxy.html for detailed explanation
Technically speaking, all that you need to do really (assuming squid and a firewall is running)
in /etc/squid/squid.conf:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_head
restart squid, and also run the following commands
squid -z
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
Delay pools can get kinda tricky depends on what you need to do with the bandwidth, but once configured correctly, it works extremely well.
an excerpt from http://users.bigpond.net.au/adam88/squid.html :
EXPLANATION OF SQUID DELAY POOLS
A pool is a number of bucket groups appropriate to a delay class. A bucket is an individual delay bucket that represents traffic allocation, which is refilled at a specified rate. Traffic is delayed when the bucket becomes empty. The delay class is a set of special buckets to suite a different purpose. Class 1 has a single aggregate bucket, Class 2 has an aggregate bucket with individual buckets for each host on a Class C network address and finally, a Class 3 has an aggregate bucket, with a network bucket for each class B address and an individual bucket for each host.
For the purpose of this exercise, the delay class 2 is used. This is how to use a Class 2:
delay_parameters pool aggregate (restore / maximum) individual (restore / maximum)
Delay Pool 3 (the last delay pool) gives the local network a 15K bucket. Meaning that the whole network will never receive more than 15K/sec. It also specifies that a single host will receive no more than 4K/sec.
The 15000/15000 is the 15K aggregate bucket. The first 15000 bytes will be given at full speed, after that the access is delayed. This is similar for the hosts as well.
The 4000/4000 is the rule for the hosts. The first 4000 bytes will be given at full speed while after than, it will be delayed to 4K/sec.
The numbers used here are symmetrical, but this isn't a requirement for the delay pools option. For example, you can allow the first 20K to be full speed and then after that, delay access to 4K/sec. This could be done like so:
have a look at this too:
http://www.tldp.org/HOWTO/Bandwidth-Limiting-HOWTO/
Cheers!
Good luck!
J
For transparent proxy, all this (in effect) happens is that shorewall firewall (or iptables) redirects any incoming port 80 requests to port 3128 - without the end user knowing about it.
Port 3128 being the default squid proxy port.
look on http://www.tldp.org/HOWTO/TransparentProxy.html for detailed explanation
Technically speaking, all that you need to do really (assuming squid and a firewall is running)
in /etc/squid/squid.conf:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_head
restart squid, and also run the following commands
squid -z
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
Delay pools can get kinda tricky depends on what you need to do with the bandwidth, but once configured correctly, it works extremely well.
an excerpt from http://users.bigpond.net.au/adam88/squid.html :
EXPLANATION OF SQUID DELAY POOLS
A pool is a number of bucket groups appropriate to a delay class. A bucket is an individual delay bucket that represents traffic allocation, which is refilled at a specified rate. Traffic is delayed when the bucket becomes empty. The delay class is a set of special buckets to suite a different purpose. Class 1 has a single aggregate bucket, Class 2 has an aggregate bucket with individual buckets for each host on a Class C network address and finally, a Class 3 has an aggregate bucket, with a network bucket for each class B address and an individual bucket for each host.
For the purpose of this exercise, the delay class 2 is used. This is how to use a Class 2:
delay_parameters pool aggregate (restore / maximum) individual (restore / maximum)
Delay Pool 3 (the last delay pool) gives the local network a 15K bucket. Meaning that the whole network will never receive more than 15K/sec. It also specifies that a single host will receive no more than 4K/sec.
The 15000/15000 is the 15K aggregate bucket. The first 15000 bytes will be given at full speed, after that the access is delayed. This is similar for the hosts as well.
The 4000/4000 is the rule for the hosts. The first 4000 bytes will be given at full speed while after than, it will be delayed to 4K/sec.
The numbers used here are symmetrical, but this isn't a requirement for the delay pools option. For example, you can allow the first 20K to be full speed and then after that, delay access to 4K/sec. This could be done like so:
have a look at this too:
http://www.tldp.org/HOWTO/Bandwidth-Limiting-HOWTO/
Cheers!
Good luck!
J
ASKER
Thanks ... These look like really good places to start doing the homework !
ASKER
Guys, my network is less than 50 computers ... its ok to thing small. That is why I dont want to hear about hardware .... I can set up a proxy on a P4 2 G with 2 IDE 's and I think it would make a difrance. ( our internet line is like 64 kbits .... uugh )