Welcome to the new location of Alien's Wiki, sharing a single dokuwiki install with the SlackDocs Wiki.
Welcome to Eric Hameleers (Alien BOB)'s Wiki pages.
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |
| slackware:proxy [2006/06/14 21:56] – Typo fix, and addition about https not being filtered alien | slackware:proxy [2006/06/16 22:47] (current) – Removed FIXME for link to parental control article. alien |
|---|
| <note>Tinyproxy and Squid are licenced under the GPL. Dansguardian is licenced under the GPL, with the addition that it is free for non-commercial use.</note> | <note>Tinyproxy and Squid are licenced under the GPL. Dansguardian is licenced under the GPL, with the addition that it is free for non-commercial use.</note> |
| |
| <note tip>This article focuses on the configuration of a transparent proxy on a gateway/router for **small networks**. Another scenario is that of the **family computer** with a single network interface, running Linux, where you want to restrict the children in their Internet browsing while still being able to have unrestricted Internet access for your own account (assuming //you// are the parent) or as the root user.\\ I have a FIXME [[:slackware:parentalcontrol|Wiki page]] that points out the different steps you need to take compared to this very page here.</note> | <note tip>This article focuses on the configuration of a transparent proxy on a gateway/router for **small networks**. Another scenario is that of the **family computer** with a single network interface, running Linux, where you want to restrict the children in their Internet browsing while still being able to have unrestricted Internet access for your own account (assuming //you// are the parent) or as the root user.\\ I have a [[:slackware:parentalcontrol|Wiki page]] that points out the different steps you need to take compared to this very page here.</note> |
| |
| <note warning>When using this proxy/contentfilter, it will not be possible for the content filter to examine //HTTPS// requests. This is of course due to the nature of the encryption used - if it //were// possible for the content filter to examine the content of secure HTTPS connections, then this would pose a serious threat to all secure communication on the Internet. This would be called the "man in the middle attack".\\ The tinyproxy by itself can proxy the HTTPS traffic because //it// does not need to inspect the content of the HTTPS traffic, it just passes the received data on to the client browser. This is the reason why in the rest of the article, there will be a few examples of redirecting HTTPS traffic (tcp port 443); it is only for the benefit of people who use this article to just setup a proxy without filtering.</note> | <note warning>When using this proxy/contentfilter, it will not be possible for the content filter to examine //HTTPS// requests. This is of course due to the nature of the encryption used - if it //were// possible for the content filter to examine the content of secure HTTPS connections, then this would pose a serious threat to all secure communication on the Internet. This would be called the "man in the middle attack".\\ The tinyproxy by itself can proxy the HTTPS traffic because //it// does not need to inspect the content of the HTTPS traffic, it just passes the received data on to the client browser. This is the reason why in the rest of the article, there will be a few examples of redirecting HTTPS traffic (tcp port 443); it is only for the benefit of people who use this article to just setup a proxy without filtering.</note> |
