Solved

Looking for proxy ware, whitch is the best out there ? ?

Posted on 2004-09-29
8
410 Views
Last Modified: 2010-04-08
Greetings !
I am looking for a good proxy, and since stuff is being developed all the time I think it's time for a bit of name your favorite.

Points go to reasons why you like the proxy that you are using.

I do have conditions for submitions !

1) Software, no hardware

2) FREE stuff. If I'm setting up a proxy I'm not going to pay for software ( I'm broke ;-)

3) Windows or Linux (Woody rulez ! )

4) I want to cash pages, maybe filter URL'z.

5) I have a firewall on my router ( Cisco access-list) so the proxy can be weak on the firewalling

6) I WANT STATS ! I need to keep track of bandwith hogs with up to the minute stats, catch network worms before they spread, ect.

7)I would like to throttle, maybe per IP or port or something similar.

8) I dont mind having to learn to do a tricky setup, though my time is precious.


Thanks ! please submit/vote ( pritty pritty pleeeeeaeeze )

0
Comment
Question by:Xorb
8 Comments
 
LVL 1

Assisted Solution

by:GreatWhiteOne
GreatWhiteOne earned 100 total points
ID: 12183028
My company of around 650 employees has been using Squid for a long time (www.squid-cache.org).  It is a great software that will do pretty much anything you want it to do including:
Transparent-proxy
Domain Authentication or many others
HTTP Proxy caching
FTP caching
HTTP server acceleration
Redirects
bandwidth throttling per user

This software out of the box will configure itself to run on port 3128 and allow only your subnet to access the internet, but through it's heavily commented config file, you can configure just about thing having to do with proxy services.  You can also get a plethera of log analyzers for Squid.  You can access a list of them at http://www.squid-cache.org/Scripts/.  They are all free and many of them are very detailed.  Webanalyzer is a good one to start with.

Good luck.
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 25 total points
ID: 12183062
All of the above using microsoft ISA 2004
1) it's software
2) it's free (if you work hard and earn a free Microsoft MSDN subscript)
3) Windows 2003 (also free w/MSDN)
4) It does cache and filters URL's
5) I would never use Microsoft as a firewall, but the proxy cache and dns cache work on a single-nic PC
6) You can get stats and reports from any time period with a few mouse clicks. Anything and everything you want to know
7)You can set bandwidth limitations
8) Wizards make it embarrasingly simple

Else, Squid is pretty much the defacto "free" standard. Since it runs on linux, you may have to master that, and probably perl, and probably 50 other things to get meaningful reports, etc....
http://www.squid-cache.org/

If you want low-cost, CCProxy is pretty solid:
http://www.youngzsoft.net/ccproxy/
0
 
LVL 6

Assisted Solution

by:bloemkool1980
bloemkool1980 earned 25 total points
ID: 12189903
MICROSOFT MSDN does not mean free. It does not even allow you to use it in production. If you like to have subscription with production licenses you need a Select Agreement.
If you like to run something on Solaris and have support you can try SUN one Proxy and sorry but it is not free.
If you need it for large networks 1500+ users go look for something like http://www.bluecoat.com/ those are proxy appliances. BUt as you only wonna have something free you should go for squid :)
I cannot find one single proxy that is good and free on windows.
0
 
LVL 2

Author Comment

by:Xorb
ID: 12190079
Nothing is GOOD and FREE on WIndows ! (",) .... sorry ... could not help it ;-)

Guys, my network is less than 50 computers ... its ok to thing small. That is why I dont want to hear about hardware .... I can set up a proxy on a P4 2 G with 2 IDE 's and I think it would make a difrance. ( our internet line is like 64 kbits .... uugh )
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Accepted Solution

by:
jacauc earned 50 total points
ID: 12206877
Do not think twice!! Squid proxy is your answer.
As a matter of fact it comes by default with most Linux Distros and if you want to run it on windows, fear not, because a windows binary is available.
VERY easy to configure (especially if you use webmin)

I have used squid proxy for years and i absolutely LOVE it.
(currently using it as a Transparent Proxy which also rocks, coz no client config is neccesary)

another nice feature of squid is delay pools to allocate a certain amount of bandwidth to certain ports/users/etc - traffic shaping if you want - very handy if one user keeps saturating the link with Kazaa or whatever and the other actually want to do some work...

A couple of VERY nice logging/reporting tools for squid is also available - MRTG is great and i think webalizer can do the job as well...

Hope this helps!
J   ;)
0
 
LVL 2

Author Comment

by:Xorb
ID: 12214755
Hi
Thanks ... all this does help allot. Tell me more about the transparent proxy please ! I'm getting it to use delay pools

Thanks
0
 
LVL 3

Expert Comment

by:jacauc
ID: 12214814
Transparent Proxy is actually pretty easy to configure.

For transparent proxy, all this (in effect) happens is that shorewall firewall (or iptables) redirects any incoming port 80 requests to port 3128 - without the end user knowing about it.
Port 3128 being the default squid proxy port.

look on http://www.tldp.org/HOWTO/TransparentProxy.html for detailed explanation

Technically speaking, all that you need to do really (assuming squid and a firewall is running)
in /etc/squid/squid.conf:
 httpd_accel_host virtual
 httpd_accel_port 80
 httpd_accel_with_proxy on
 httpd_accel_uses_host_header on

restart squid, and also run the following commands
 squid -z
 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128



Delay pools can get kinda tricky depends on what you need to do with the bandwidth, but once configured correctly, it works extremely well.

an excerpt from http://users.bigpond.net.au/adam88/squid.html :
EXPLANATION OF SQUID DELAY POOLS
A pool is a number of bucket groups appropriate to a delay class. A bucket is an individual delay bucket that represents traffic allocation, which is refilled at a specified rate. Traffic is delayed when the bucket becomes empty. The delay class is a set of special buckets to suite a different purpose. Class 1 has a single aggregate bucket, Class 2 has an aggregate bucket with individual buckets for each host on a Class C network address and finally, a Class 3 has an aggregate bucket, with a network bucket for each class B address and an individual bucket for each host.

For the purpose of this exercise, the delay class 2 is used. This is how to use a Class 2:

delay_parameters pool aggregate (restore / maximum) individual (restore / maximum)

Delay Pool 3 (the last delay pool) gives the local network a 15K bucket. Meaning that the whole network will never receive more than 15K/sec. It also specifies that a single host will receive no more than 4K/sec.

The 15000/15000 is the 15K aggregate bucket. The first 15000 bytes will be given at full speed, after that the access is delayed. This is similar for the hosts as well.

The 4000/4000 is the rule for the hosts. The first 4000 bytes will be given at full speed while after than, it will be delayed to 4K/sec.

The numbers used here are symmetrical, but this isn't a requirement for the delay pools option. For example, you can allow the first 20K to be full speed and then after that, delay access to 4K/sec. This could be done like so:


have a look at this too:
http://www.tldp.org/HOWTO/Bandwidth-Limiting-HOWTO/

Cheers!
Good luck!
J




0
 
LVL 2

Author Comment

by:Xorb
ID: 12214909
Thanks ... These look like really good places to start doing the homework !
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This video discusses moving either the default database or any database to a new volume.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now