[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: HTTP tunnel


> Well indeed, it would be great to have the new kernel and go for IP Masq. but
> the thing is I need to scan the data coming back from the proxy.  The HTTP tunnel
> has to see the traffic coming back and check it for the keywords allow/deny
> and only then pass it back to browser.

I get you point... lets see... using threads/fork would indeed enable
you to service more connections.. By multi-threading/pr-forking your
"tunnel" proxy server you can indeed handle more clients... however in
the scenario you describe your proxy would also have to be a sort of
HTTP client... it would take the URL form the client machine, scan it
based on keywords and then using its HTTP client functions request the
actual proxy (SQUID) to give the required URL to you... after you've
searched the page you can simply forward that page to the client...
however, this means that you are making a whole new proxy of you own -
its not actually a tunnel any more... 

so as someone else suggested on the list, i'd say that you get some
simpler proxy server that just behaves as a proxy and add your
scanning/grep-ing code to it...