• Home
  • Help
  • Search
  • Login
  • Register
Pages: [1]
Author Topic: Sheevaplug as proxy server  (Read 2691 times)
kb100
Newbie
*

Karma: 0
Posts: 5


View Profile
« on: October 25, 2010, 01:59:06 PM »

I'm planning to use Sheevaplug as a proxy server as well. Is Squid the best proxy server for Sheeva?


Can you share your experience if you have used Squid or any other proxy server?
Logged

kb100
Newbie
*

Karma: 0
Posts: 5


View Profile
« Reply #1 on: October 25, 2010, 02:51:08 PM »

It apears that the memory footprint for Squid is large. I might use tinyproxy. Anyone has used this on Sheeva?
Logged

graviton
Newbie
*

Karma: 0
Posts: 18


View Profile
« Reply #2 on: November 14, 2010, 04:43:42 AM »

No takers?

Wanna use Sheeva as proxy as well, what are the alternatives besides tinyproxy?
Logged

obaltus
Newbie
*

Karma: -1
Posts: 4


View Profile
« Reply #3 on: November 14, 2010, 07:28:34 AM »

I also tried tinyproxy but I was not satisfied by its performance. I am now using ziproxy and I am very satisfied. Works faster and has a smaller footprint. It also does pictures compression which greatly increases the throughput.
Logged

graviton
Newbie
*

Karma: 0
Posts: 18


View Profile
« Reply #4 on: November 15, 2010, 02:49:16 AM »

Installed tinyproxy yesterday, works fine, no big footprint, not many configuration settings to do, only thing I haven't found out is how to make tinyproxy obligatory for all systems when accessing internet or how I can get tiny to automatically be setup inside browsers, probably some setting in browsers itself?
Logged

sfzhi
Jr. Member
**

Karma: 1
Posts: 83


View Profile
« Reply #5 on: November 15, 2010, 09:03:16 AM »

Only thing I haven't found out is how to make tinyproxy obligatory for all systems when accessing internet or how I can get tiny to automatically be setup inside browsers, probably some setting in browsers itself?
To make it obligatory you can set it up as a transparent proxy. Then the browsers will not even need to know that they are talking to a proxy. Although I don't know if tinyproxy is capable of that.
An alternative would be to block direct traffic to TCP ports 80 and 443 outside of you local network, so that the browsers would not have web connectivity other than via the proxy.

As for automatic configuration of the browsers, you might want to read about WPAD.
Logged

Lack of knowledge is not such a big problem, unwillingness to learn is.

LrdShaper
Newbie
*

Karma: 0
Posts: 31


View Profile WWW
« Reply #6 on: November 20, 2010, 12:31:31 AM »

I've been using Squid daisy-chained to Privoxy on my NSLU2 for years and now it runs on my Sheevaplug, well at least it used to until my Sheevaplug died.

As for transparent proxying, if you have a DD-Wrt or OpenWrt capable router then you can easily do this via iptables. Redirect all outgoing request on port 80 to your Sheevaplug.

This is what I have on my router's iptables:
Code:
iptables -t nat -N Proxy
iptables -t nat -A Proxy -i br0 -s 192.168.1.77 -j RETURN
iptables -t nat -A Proxy -i br0 -p tcp --dport 80 -j DNAT --to 192.168.1.77:3128
iptables -t nat -A PREROUTING -i br0 -s 192.168.1.0/24 -d 192.168.1.0/24 -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s 192.168.1.0/24 -d ! 192.168.1.0/24 -p tcp --dport 80 -j Proxy
iptables -t nat -A POSTROUTING -o br0 -s 192.168.1.0/24 -p tcp -d 192.168.1.77 -j SNAT --to 192.168.1.1
iptables -t filter -I FORWARD -s 192.168.1.0/24 -d 192.168.1.77 -i br0 -o br0 -p tcp --dport 192.168.1.77 -j ACCEPT

Outgoing requests to port 80 from all IP addresses (except requests coming from 192.168.1.77) are redirected to 192.168.1.77 which is where Squid+Privoxy runs. Then on my squid.conf:
Code:
http_port 3128 transparent
and
Code:
cache_peer localhost parent 8118 0 no-query no-digest
always_direct allow ftpproto
never_direct allow all
to chain with Privoxy
Logged


Pages: [1]
Print
Jump to: