Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Ethereal-users: Re: [Ethereal-users] proxy connection tag?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jerry Talkington <jtalkington@xxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 26 Jul 2005 14:34:16 -0700
On Tue, Jul 26, 2005 at 02:07:02PM -0700, Vicky Rode wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi,
> 
> I'm looking for any help in detecting (if possible)
> *outgoing* client request (see below flow) header information for
> transparent proxies via some sort of pattern match. Maybe proxy
> connection tag? Is it doable? So far my search has turned up negative.
> 
> web browser ----------------> proxy ---------------> web server
> ~             <---------------        <--------------

I'm not sure I understand where you are trying to detect this.  If you
mean that you want to find a difference in how the client makes requests
to the transparent proxy, then that's not possible, because there is no
difference.  Clients have no idea that a proxy is involved until the
response comes back, so there is no CONNECT request, or any other
changes to the request.

It is usually possible for the client to detect that a proxy has been
involved after the first response comes back, but I'm not aware of any
client that changes behavior if it detects a transparent proxy.  In
fact, it would be pretty reckless to change behavior in that scenario,
since you can't be sure that the next request is going to hit a proxy.

-- 
GPG public key:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x9D5B8762
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube