SQUID SOCKS
-
No.
Squid is not a SOCKS proxy.
-
Is there any other way to divert DNS requests from the browser without a SOCKS proxy?
Thanks
–Seth -
If you're using Squid then the Squid host performs the DNS resolution.
-
Let me explain a little better.
|–--DMZ---SSL VPN Server
|
Internet----DSL-----pfSense/SQUID|----LAN
|
|----WLANI tunnel my proxy over SSL VPN and wish to have the browser tunnel DNS request as well. Right know the client computer uses the DNS servers of the site that I'm visiting, not those of pfSense. Client is FF with network.proxy.socks_remote_dns set to true. Because SQUID isn't a SOCKS proxy this fails.
Thanks
--Seth -
When you connect to an HTTP proxy you the browser says:
GET http://www.google.com/ HTTP/1.1
No DNS resolution is done by the client.
-
Without a SOCKS proxy I believe your mistaken. Please see capture.
-
Hmmm. I've certainly often used a Squid proxy on networks where only the proxy server can resolve external addresses. I know that, at least for some browsers, if they're configured with a proxy they won't do any DNS resolution themselves.
You're certain that the browser is configured to use the proxy for all traffic?
-
Yes.
After my last post I checked if an internal client does a DNS request and it does.
-
Sorry, bad choice of words. Has the browser been told to use the proxy for all traffic, or only for some traffic? What browser are you using?
-
Yes proxy all traffic.
FireFox 3.0.10 -
Well, Firefox 3.0.10, no proxy exceptions - I get no DNS lookups on my LAN, which is what I've observed elsewhere.
Try Google Chrome, IE or any other browser and see if the problem goes away. If it does then there is a problem with your Firefox install, probably related to one of the extensions or a setting you've changed. Try a fresh profile and repeat the tests.
