Re: squid3 ssl-bump

2018-09-14 Thread Moreau Tanguy
Hello, The solution is to install libssl1.0-dev instead of libssl-dev of the Debian repo. Squid don’t support libssl > 1.0. Tanguy

Re: squid3 ssl-bump

2018-02-11 Thread Gokan Atmaca
> http://squid-web-proxy-cache.1019090.n4.nabble.com/Build-errors-with-Squid-3-5-24-under-Debian-td4681637.html > > said you have to use libssl1.0-dev for compiling squid3 ok , worked successfully.. thanks.. On Sun, Feb 11, 2018 at 11:36 PM, Ulf Volmer wrote: > On 11.02.2018

Re: squid3 ssl-bump

2018-02-11 Thread Gokan Atmaca
> http://squid-web-proxy-cache.1019090.n4.nabble.com/Build-errors-with-Squid-3-5-24-under-Debian-td4681637.html > > said you have to use libssl1.0-dev for compiling squid3 Thanks.. Now i try... On Sun, Feb 11, 2018 at 11:36 PM, Ulf Volmer wrote: > On 11.02.2018 21:28, Gokan Atmaca w

Re: squid3 ssl-bump

2018-02-11 Thread Ulf Volmer
On 11.02.2018 21:28, Gokan Atmaca wrote: > I am getting an error like the following while compiling Squid3. (I > want to install it with SSL-BUMP.) > > What can be the problem ? > > packages: > apt-get install libssl-dev libcrypto++-dev > apt-get build-dep squid3

squid3 ssl-bump

2018-02-11 Thread Gokan Atmaca
Hello I am getting an error like the following while compiling Squid3. (I want to install it with SSL-BUMP.) What can be the problem ? packages: apt-get install libssl-dev libcrypto++-dev apt-get build-dep squid3 apt-get install build-essential sharutils ccze libzip-dev libssl-dev

Re: Squid3 doesn't listen on any port on Jessie

2016-02-08 Thread tomas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Feb 08, 2016 at 01:24:24PM +0100, Willy Ted MANGA wrote: > Hi, [...] > In my case the firewall rules are OK. Squid do not listen at all. [...] > Jessie comes with systemd by default. [...] > The conf files remain at the same place. But I

Re: Squid3 doesn't listen on any port on Jessie

2016-02-08 Thread Willy Ted MANGA
Hi, Le 08/02/2016 12:28, Ron Leach a écrit : > On 08/02/2016 10:20, Willy Ted MANGA wrote: >> Hello, >> I just upgraded my server from wheezy to jessie and my squid3 doesn't >> listen to any port . :-\ >> >[...] > > We just had a similar problem with

Re: Squid3 doesn't listen on any port on Jessie

2016-02-08 Thread Ron Leach
On 08/02/2016 10:20, Willy Ted MANGA wrote: Hello, I just upgraded my server from wheezy to jessie and my squid3 doesn't listen to any port . :-\ We just had a similar problem with a new squid 3 install on another distro. (For historical reasons we have one old server running Fedora,

Re: Squid3 doesn't listen on any port on Jessie

2016-02-08 Thread Willy Ted MANGA
Hello, Le 08/02/2016 11:17, to...@tuxteam.de a écrit : > On Mon, Feb 08, 2016 at 11:20:30AM +0100, Willy Ted MANGA wrote: >> [...] 2016/02/08 09:39:17 kid1| ERROR: No forward-proxy ports >> configured. 2016/02/08 09:39:17 kid1| ERROR: No forward-proxy >> ports configured. > > I can't say this is t

Re: Squid3 doesn't listen on any port on Jessie

2016-02-08 Thread tomas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Feb 08, 2016 at 11:20:30AM +0100, Willy Ted MANGA wrote: > Hello, > I just upgraded my server from wheezy to jessie and my squid3 doesn't > listen to any port . :-\ > > I even remove all my settings and just modify `htt

Squid3 doesn't listen on any port on Jessie

2016-02-08 Thread Willy Ted MANGA
Hello, I just upgraded my server from wheezy to jessie and my squid3 doesn't listen to any port . :-\ I even remove all my settings and just modify `http_port` directive to `http_port 3128 intercept` . But I doesn't work either . I have attached an excerpt of the cache.log . I

Re: IMPORTEND squid3 stable needs update

2016-01-26 Thread Charlie Kravetz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 26 Jan 2016 22:17:54 +1300 Chris Bannister wrote: >On Fri, Jan 22, 2016 at 09:37:52PM +0300, Michael Tokarev wrote: >> 15.01.2016 22:47, startrekfan wrote: >> >> > *squid3 Version 3.4.8* is deployed in the Jessi

Re: IMPORTEND squid3 stable needs update

2016-01-26 Thread Chris Bannister
On Fri, Jan 22, 2016 at 09:37:52PM +0300, Michael Tokarev wrote: > 15.01.2016 22:47, startrekfan wrote: > > > *squid3 Version 3.4.8* is deployed in the Jessie stable > > repository.*This version is outdated and has some security risks!!*. > > Version 3.5 is more secure but

Re: IMPORTEND squid3 stable needs update

2016-01-22 Thread Michael Tokarev
15.01.2016 22:47, startrekfan wrote: > *squid3 Version 3.4.8* is deployed in the Jessie stable repository.*This > version is outdated and has some security risks!!*. Version 3.5 is more > secure but unfortunately it's only marked as unstable I wonder how many times this ques

Re: IMPORTEND squid3 stable needs update

2016-01-22 Thread Luigi Gangitano
Hi, The link you provided refers to an issue with proxy certificates for SSL interception. This feature is disabled in Debian squid3 package due to licensing issues with OpenSSL, thus this is not a bug in Debian squid3 packages. The only way this bug could affect a Debian user would be if the

Re: IMPORTEND squid3 stable needs update

2016-01-22 Thread startrekfan
squid 3.5 ref: https://forum.pfsense.org/index.php?topic=99141.0 (I think it's the same problem with debian jessie. The certificates are only generated with sha1) 2016-01-18 12:53 GMT+01:00 Martin Wuertele : > > * startrekfan [2016-01-15 23:39]: > > > squid3 3.4.8 has some secur

Re: IMPORTEND squid3 stable needs update

2016-01-18 Thread Axel Beckert
Hi, startrekfan wrote: > *squid3 Version 3.4.8* is deployed in the Jessie stable repository.* This > version is outdated and has some security risks!!*. Version 3.5 is more > secure but unfortunately it's only marked as unstable Have you checked https://packages.qa.debian.org

Re: IMPORTEND squid3 stable needs update

2016-01-15 Thread Carsten Schoenert
Hello startrekfan, please don't do top posting. Am 15.01.2016 um 23:19 schrieb startrekfan: > squid3 3.4.8 has some security issues(risks)/bugs so an upgrade to 3.5 is > actually only a fix of this bugs/security issues. Which issues do you refer? What bugs in detail? Have you look

Re: IMPORTEND squid3 stable needs update

2016-01-15 Thread startrekfan
squid3 3.4.8 has some security issues(risks)/bugs so an upgrade to 3.5 is actually only a fix of this bugs/security issues. There is no patch for 3.4.8 because it's outdated. Debian Jessie is the current active release. So why not fixing squid3 in Debian Jessie with an stable 3.5 update?

Re: IMPORTEND squid3 stable needs update

2016-01-15 Thread Ben Hutchings
On Fri, 2016-01-15 at 19:47 +, startrekfan wrote: > Hello, > > I'm not sure which mailing list I should chose. So I'll try my luck here. > > I didn't subscribed to the mailing list. So* please put my mail address > into cc*. thanks. > > *squid3 V

IMPORTEND squid3 stable needs update

2016-01-15 Thread startrekfan
Hello, I'm not sure which mailing list I should chose. So I'll try my luck here. I didn't subscribed to the mailing list. So* please put my mail address into cc*. thanks. *squid3 Version 3.4.8* is deployed in the Jessie stable repository.* This version is outdated and has some

[solved] Re: Squid3 on Raspberry Pi listen to IPv6 only even if ipv6 is disabled

2015-06-15 Thread basti
I have fixed with the following in squid.conf http_port 0.0.0.0:3128 transparent Sorry On 15.06.2015 10:42, basti wrote: > Hello, > > last weekend I have try to run squid3 on my raspberry. > Squid3 listen to IPv6 only even if IPv6 is disabled. > > I have found this bug-report

Squid3 on Raspberry Pi listen to IPv6 only even if ipv6 is disabled

2015-06-15 Thread basti
Hello, last weekend I have try to run squid3 on my raspberry. Squid3 listen to IPv6 only even if IPv6 is disabled. I have found this bug-report which is marked as fixed: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584223 How can i fix this, that squid3 also listen on IPv4? Thanks a lot

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-30 Thread Stefan Monnier
> The best thing is to educate your children instead of trying to > shelter them from those sites. "Why choose" or "Security in depth" Stefan -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debi

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-30 Thread Chris Bannister
[Please don't top post. Please trim unnecessary content.] On Thu, Mar 26, 2015 at 02:29:08PM +0100, Peter Viskup wrote: > It's the way you look at. > For me it's about prevention...your child can click on some link somewhere > and see some pictures/videos which will remain in his/her mind (let's

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-27 Thread Dan Purgert
On Thu, 26 Mar 2015 15:53:04 -0600, Bob Proulx wrote: > rog...@queernet.org wrote: >> Michael Graham wrote: >> > As MITM proxies in school/business seem to be pretty common in the US >> > and the UK. >> >> I bet your proxy firewall does it too. > > I bet not! I think you are confusing https wit

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-27 Thread Peter Viskup
Unfortunately we are living in real (not ideal) world and there are cases where the SSL split is definitely needed or should be considered at least. For example Squid 3.5 coming with new design of SSLBump allowing to do some inspection of the connection prior the real SSLSplit. That gives you possi

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Bob Proulx
Michael Graham wrote: > Reco wrote: > > Ow. Exactly which kind of consumer-grade hardware comes with SSL bump > > preinstalled? That's very interesting to me as I like know which > > hardware to avoid in the future. > > It's way more common than you seem to think. CERT recently did a blog post > a

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Michael Graham
On Thu, 26 Mar 2015 17:18 Reco wrote: > > Hi. > > On Thu, 26 Mar 2015 12:44:11 -0700 > rog...@queernet.org wrote: > > > On 3/26/15 12:42 PM, Michael Graham wrote: > > > On 26 March 2015 at 14:18, Reco wrote: > > >> Then it's even worse that I thought. I don't know about Germany, but > > >> wh

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Bob Proulx
rog...@queernet.org wrote: > Michael Graham wrote: > > As MITM proxies in school/business seem to be pretty common in the > > US and the UK. > > I bet your proxy firewall does it too. I bet not! I think you are confusing https with http. We are talking about https here not http. And even then

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Reco
Hi. On Thu, 26 Mar 2015 12:44:11 -0700 rog...@queernet.org wrote: > On 3/26/15 12:42 PM, Michael Graham wrote: > > On 26 March 2015 at 14:18, Reco wrote: > >> Then it's even worse that I thought. I don't know about Germany, but > >> where I live tampering with public communications is considere

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread rogerk
On 3/26/15 12:42 PM, Michael Graham wrote: On 26 March 2015 at 14:18, Reco wrote: Then it's even worse that I thought. I don't know about Germany, but where I live tampering with public communications is considered a criminal offense. I strongly suggest you to seek a legal advice before doing a

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Michael Graham
On 26 March 2015 at 14:18, Reco wrote: > Then it's even worse that I thought. I don't know about Germany, but > where I live tampering with public communications is considered a > criminal offense. I strongly suggest you to seek a legal advice before > doing anything like SSL bump. Just out of cu

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Sven Hartge
Reco wrote: > On Thu, 26 Mar 2015 18:18:24 +0100 "Michael I." > wrote: >> for private usage I am think a filter isn't good, children need trust >> and a filter is the opposite of trust. >> >> But in usage for a school I think a filter is better, a teacher can't >> look on all computers. The ki

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Reco
Hi. On Thu, 26 Mar 2015 18:18:24 +0100 "Michael I." wrote: > Hello, > > for private usage I am think a filter isn't good, children need trust > and a filter is the opposite of trust. > > But in usage for a school I think a filter is better, a teacher can't > look on all computers. The kids

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Sven Hartge
Michael I. wrote: > This are not my children, the filter is used for a school. Aha, important information. Do not proceed any further with breaking encrypted connections or, for the matter, transparently proxiing _any_ connections until you had a talk with a) the Justitiar and b) the Datenschut

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Dan Purgert
On Thu, 26 Mar 2015 08:49:37 -0500, John Hasler wrote: > Why don't you just get rid of the computers? I tried that route one time ... got looked at like I had 7 heads for even suggesting that the kids go back to "textbooks and paper". -- To UNSUBSCRIBE, email to debian-user-requ...@lists.deb

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Michael I.
Hello, for private usage I am think a filter isn't good, children need trust and a filter is the opposite of trust. But in usage for a school I think a filter is better, a teacher can't look on all computers. The kids are trying out thinks in school which is good but when nobody is there to

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Michael I.
Sven Hartge wrote:> Michael I. wrote: Sven Hartge wrote: Michael I. wrote: But I have a new problem, I want to have a transparent proxy for http this works fine but when I add the iptables rule for https the loading won't work. Of course not. That this is not working is the _whole point

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Reco
Hi. On Thu, 26 Mar 2015 16:48:00 +0100 Peter Viskup wrote: > Hello Reco, > > On Thu, Mar 26, 2015 at 4:13 PM, Reco wrote: > > > Hi. > > And just as well child can see a naughty picture on TV. Or a phone ad. > > Or a magazine/newspaper. Anywhere, once you start thinking about it. > > > > An

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Peter Viskup
Hello Reco, On Thu, Mar 26, 2015 at 4:13 PM, Reco wrote: > Hi. > And just as well child can see a naughty picture on TV. Or a phone ad. > Or a magazine/newspaper. Anywhere, once you start thinking about it. > And that's just sad, disturbingly and one of the main reasons of so many people facin

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Reco
Hi. On Thu, 26 Mar 2015 14:29:08 +0100 Peter Viskup wrote: > It's the way you look at. > For me it's about prevention...your child can click on some link somewhere > and see some pictures/videos which will remain in his/her mind (let's say) > forever and can harm even if it was only seconds the

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread John Hasler
Why don't you just get rid of the computers? -- John Hasler jhas...@newsguy.com Elmwood, WI USA -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87y4mjswb2@thump

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Sven Hartge
Peter Viskup wrote: > It's the way you look at. For me it's about prevention...your child > can click on some link somewhere and see some pictures/videos which > will remain in his/her mind (let's say) forever and can harm even if > it was only seconds they were seen...I am speaking about childr

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Sven Hartge
Michael I. wrote: > Sven Hartge wrote: >> Michael I. wrote: >>> But I have a new problem, I want to have a transparent proxy for >>> http this works fine but when I add the iptables rule for https the >>> loading won't work. >> >> Of course not. That this is not working is the _whole point_ of

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Peter Viskup
> -Ursprüngliche Nachricht- > Von: Reco [mailto:recovery...@gmail.com] > Gesendet: Donnerstag, 26. März 2015 13:52 > An: debian-user@lists.debian.org > Betreff: Re: Redirect HTTPS with Squid3+Squidguard > > Hi. > > On Thu, 26 Mar 2015 13:21:57 +0100 > Peter Vis

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Peter Viskup
Without the SSL splitting the only option is to install some software on the client side. Some "endpoint" security software doing the inspection of the web data transfers on the fly before they pass the TLS tunnel. It's the same like SSL split on Squid, but let's say more transparent. Unfortunately

AW: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Sascha Steinmann (adremes GmbH & Co KG)
will spend your evenings to make your blacklists up2date. Greetings Sascha -Ursprüngliche Nachricht- Von: Reco [mailto:recovery...@gmail.com] Gesendet: Donnerstag, 26. März 2015 13:52 An: debian-user@lists.debian.org Betreff: Re: Redirect HTTPS with Squid3+Squidguard Hi. On Thu, 26 Mar

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Michael I.
Sven Hartge wrote: Michael I. wrote: But I have a new problem, I want to have a transparent proxy for http this works fine but when I add the iptables rule for https the loading won't work. Of course not. That this is not working is the _whole point_ of any end-to-end encrypted connection.

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Reco
Hi. On Thu, 26 Mar 2015 13:21:57 +0100 Peter Viskup wrote: > Hi, > just jumped into SSLBump/Split features some months ago. I don't find these > features harmful. Especially when protecting your children from access of > YouTube or other possibly harmful sites. Once you are logged with Google >

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Peter Viskup
Hi, just jumped into SSLBump/Split features some months ago. I don't find these features harmful. Especially when protecting your children from access of YouTube or other possibly harmful sites. Once you are logged with Google account they redirect your communication to https which makes the inspec

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Sven Hartge
Michael I. wrote: > But I have a new problem, I want to have a transparent proxy for http > this works fine but when I add the iptables rule for https the loading > won't work. Of course not. That this is not working is the _whole point_ of any end-to-end encrypted connection. What you are ef

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-26 Thread Michael I.
y for http this works fine but when I add the iptables rule for https the loading won't work. With the config now you can bypass the blocking with using https, this is not so good. I think it's the same as the other problem I had, squid3 is not able to read and understand the https tr

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-24 Thread Bob Proulx
Sven Hartge wrote: > Michael I. wrote: > > I tested around a bit with squid3+squidguard and I found out that the > > redirect works with the Internet Explorer (IE 11). > > > Then I tested some other browser (firefox, chrome, ..) and with all > > the other browser

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-24 Thread Sven Hartge
Michael I. wrote: > I tested around a bit with squid3+squidguard and I found out that the > redirect works with the Internet Explorer (IE 11). > Then I tested some other browser (firefox, chrome, ..) and with all > the other browser the redirect didn't work. > Is there a

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-23 Thread Michael I.
Hello again, I tested around a bit with squid3+squidguard and I found out that the redirect works with the Internet Explorer (IE 11). Then I tested some other browser (firefox, chrome, ..) and with all the other browser the redirect didn't work. Is there a bug in the Internet Explor

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-23 Thread Sven Hartge
Liam O'Toole wrote: > On 2015-03-23, linux-michae...@abwesend.de > wrote: >> I thought there is a simple and secure way to redirect to an 'This >> Site has been blocked' Page for HTTP and HTTPS. But when I must >> destroy the safety from HTTPS this isn't an option. > [SNIP} > You could simply

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-23 Thread linux-michael-i
Hello Liam, thanks for the hint, but the error page I get is a browser error page (it's the connection failed error page) and not a squid error page. -- Michael > "Liam O'Toole" wrote: > > On 2015-03-23, linux-michae...@abwesend.de > wrote: > > Hello Sven and the other, > > > > thanks for he

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-23 Thread Liam O'Toole
On 2015-03-23, linux-michae...@abwesend.de wrote: > Hello Sven and the other, > > thanks for help. > > I thought there is a simple and secure way to redirect to an 'This > Site has been blocked' Page for HTTP and HTTPS. But when I must > destroy the safety from HTTPS this isn't an option. [SNIP}

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-23 Thread linux-michael-i
he user can see this site has been blocked and there are no connection troubles (the browser error page). Greetings, Michael > "Sven Hartge" wrote: > Bob Proulx wrote: > > Sven Hartge wrote: > >> Michael I. wrote: > > >>> Is there really no wa

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-22 Thread Sven Hartge
Bob Proulx wrote: > Sven Hartge wrote: >> Michael I. wrote: >>> Is there really no way to redirect https request to an errorpage >>> with squid3+squidguard? >> Long answer: The only way is to setup a transparent proxy, >> intercepting any outbound connecti

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-22 Thread Bob Proulx
Sven Hartge wrote: > Michael I. wrote: > > Is there really no way to redirect https request to an errorpage with > > squid3+squidguard? > > Short answer: No, there is not. +1, No there is not for the reasons Sven described. > Long answer: The only way is to s

Re: Redirect HTTPS with Squid3+Squidguard

2015-03-22 Thread Sven Hartge
Michael I. wrote: > I have a problem with my squid3 + squidguard. I can't redirect https > requests to an errorpage. When I request a blocked https page it > always says the site isn't available. > I searched on the internet an there it says, it is an problem with the &g

Redirect HTTPS with Squid3+Squidguard

2015-03-22 Thread Michael I.
Hello list, I have a problem with my squid3 + squidguard. I can't redirect https requests to an errorpage. When I request a blocked https page it always says the site isn't available. I searched on the internet an there it says, it is an problem with the https protocol becaus

Squid3 on Debian

2010-06-03 Thread cosme
Squid3 on Debian Alguien me puede sugerir algún buen manual para instalar y configurar el squid3 en Debian. Uso Debian Lenny Saludos Cosme -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.

squid3

2008-08-07 Thread Márcio Luciano Donada
Hi People, I'm trying to compile the squid3 the option --enable-ssl, I am doing the following: apt-get source squid3 vim Debian/rules add --enable-ssl then in debuild-uc-us-b always fails, which is the process, as it works perfectly for the squid2. -- Márcio Luciano Donada Aurora Alim

squid vs squid3

2008-01-01 Thread William Twomey
Hello, I've tried both squid and squid3 (via apt-get). My current config file (used for a transparent proxy) works well with both. Is there any advantage using one over the other? For a transparent proxy setup, which is better? Thanks -Will -- To UNSUBSCRIBE, email to [EMAIL PROT