.\" Automatically generated by Pandoc 1.17.2 .nh .\" .TH "firehol\-proxy" "5" "Built 21 Jan 2017" "FireHOL Reference" "3.1.1" .hy .SH NAME .PP firehol\-proxy \- set up a transparent TCP, HTTP or squid proxy .SH SYNOPSIS .PP transparent_proxy \f[I]service\f[] \f[I]port\f[] \f[I]user\f[] \f[I]rule\-params\f[] .PP transparent_squid \f[I]port\f[] \f[I]user\f[] \f[I]rule\-params\f[] .SH DESCRIPTION .PP The \f[C]transparent_proxy\f[] helper command sets up transparent caching for TCP traffic. .PP The \f[C]transparent_squid\f[] helper command sets up the special case for HTTP traffic with \f[I]service\f[] implicitly set to 80. .RS .PP \f[B]Note\f[] .PP The proxy application must be running on the firewall host at port \f[I]port\f[] with the credentials of the local user \f[I]user\f[] (which may be a space\-delimited list enclosed in quotes) serving requests appropriate to the TCP port service. .RE .PP The \f[I]rule\-params\f[] define a set of rule parameters to define the traffic that is to be proxied. See firehol\-params(5) for more details. .PP For traffic destined for the firewall host or passing through the firewall, do not use the \f[C]outface\f[] parameter because the rules are applied before the routing decision and so the outgoing interface will not be known. .PP An empty \f[I]user\f[] string ("") disables caching of locally\-generated traffic. Otherwise, traffic starting from the firewall is captured, except that traffic generated by the local user(s) \f[I]user\f[]. The \f[C]inface\f[], \f[C]outface\f[] and \f[C]src\f[] \f[I]rule\-params\f[] are all ignored for locally\-generated traffic. .SH EXAMPLES .IP .nf \f[C] transparent_proxy\ 80\ 3128\ squid\ inface\ eth0\ src\ 192.0.2.0/24 transparent_squid\ 3128\ squid\ inface\ eth0\ src\ 192.0.2.0/24 transparent_proxy\ "80\ 3128\ 8080"\ 3128\ "squid\ privoxy\ root\ bin"\ \\ \ \ \ \ \ \ inface\ not\ "ppp+\ ipsec+"\ dst\ not\ "a.not.proxied.server" transparent_squid\ "80\ 3128\ 8080"\ "squid\ privoxy\ root\ bin"\ \\ \ \ \ \ \ \ inface\ not\ "ppp+\ ipsec+"\ dst\ not\ "non.proxied.server" \f[] .fi .SH SEE ALSO .IP \[bu] 2 firehol(1) \- FireHOL program .IP \[bu] 2 firehol.conf(5) \- FireHOL configuration .IP \[bu] 2 firehol\-interface(5) \- interface definition .IP \[bu] 2 firehol\-router(5) \- router definition .IP \[bu] 2 firehol\-params(5) \- optional rule parameters .IP \[bu] 2 firehol\-nat(5) \- nat, snat, dnat, redirect config helpers .IP \[bu] 2 FireHOL Website (http://firehol.org/) .IP \[bu] 2 FireHOL Online PDF Manual (http://firehol.org/firehol-manual.pdf) .IP \[bu] 2 FireHOL Online Documentation (http://firehol.org/documentation/) .SH AUTHORS FireHOL Team.