|
|
| What the heck is a transparent proxy? |
|
A transparent proxy is a proxy that is tansparent :-), i.e. one the
user does not notice. Thus the user does not have to configure his
programs, the programs do not have to support a proxy and so on... A
special service like http or in our example ftp is redirected to a
port a proxy listens on. Then this proxy program manages the
connection.
|
|
| What do I need to setup jftpgw as a a transparent proxy server |
- jftpgw v0.0.10 or higher on the proxy machine
- you must be root on the proxy machine
- the kernel must support packet redirecting without rewriting the
target address (CONFIG_IP_TRANSPARENT_PROXY=y for Linux)
- the client machine must route all IP traffic through the proxy
machine
- a regular FTP program to transfer the files
|
|
| How to setup jftpgw with transparent support |
|
First, of course, compile jftpgw in the normal fashion. Make sure
that the bindport option is not on the standard port 21
but on some other. Furthermore, defaultforward must be
commented out since the target is read from the IP packets.
Now, become root and (I assume you're using Linux ipchains and you
run jftpgw on the port 2370) issue the following command:
ipchains -A input -d 0/0 ftp -p tcp -j REDIRECT 2370
That's it. Now the proxy machine intercepts the TCP packets that go
to any host on the FTP port and forwards them to the port 2370 on
the proxy machine. There, jftpgw looks at the real destination
address and connects to the ftp server there.
|
|
|
|