Indraneel Majumdar forced the electrons to say:
> What is a "proxy server" supposed to do? And what is a "masquerading
If you are talking about application proxy servers (squid, for example),
then read on:
A proxy server sends the actual application protocol request over the
internet, communicates with the application server at the remote end,
and passes on the end result to you. For example, with squid, the actual
job of talking to the web server at the remote end is squid's. All your
browser need to do is to connect to the proxy server and request the
document. The browser doesn't even do a DNS lookup of the site. squid
gets the data from the remote server, and passes it on to the browser. It
can optionally filter out URLs, provide an authentication mechanism,
keep detailed logs of web site visits, and cache downloaded data for
later use. There are similar proxies for various other TCP/IP protocols -
I have heard of proxies for FTP, IRC etc. Even a relay SMTP server can
be considered as a proxy server, in a loose sense. :-)
A masquerading server rewrites IP headers of the packets that is passes
through. For example, a gateway server that is forwarding IP packets from
one interface to another (maybe from an ethernet interface to a dialup
PPP interface) will also be masquerading in most cases. When an intranet
uses unroutable private network IP addresses (192.168.*.* etc), it becomes
essential that the gateway server masquerade outgoing packets. In this,
any packet that comes from (say) the ethernet interface has its source
IP address rewritten as the IP address of the PPP interface. So, to the
remote server, it appears that the connection is always from the dial-up
dynamic IP address of the gateway server. Even masquerading can be logged -
check out the -l option to ipchains.
The problem with masquerading is that the outside world cannot make
connections to the machine from which the initial packet originated. This
makes, for example, active FTP unusable.
> hazy. The word "proxy" implies something which is near (and so it keeps a
> local cache). Or does the word "proxy" imply something which is near (like
In my IIT days, a proxy implied one person answering roll calls for
many. :-) Seems to me that a proxy server also does something similar.
Binand
--
The prompt for all occasions:
export PS1="F:\$(pwd | tr '/[a-z]' '\134\134[A-Z]')> "
--------------- Binand Raj S. ([EMAIL PROTECTED])
----------------------------------------------
An alpha version of a web based tool to manage
your subscription with this mailing list is at
http://lists.linux-india.org/cgi-bin/mj_wwwusr
