httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tikka, Sami" <>
Subject [PATCH] Apache as a transparent proxy
Date Wed, 22 Oct 2003 14:23:28 GMT
I was wondering if it would be possible to use Apache together with a Linux
firewall to proxy HTTP even when browsers have not been configured to use a
proxy. More specifically I was thinking of Linux firewall configured with: 

/sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to

The problem, of course, is that a non-proxy request (= without a full URL)
will not be recognized as a proxy request by proxy_detect() in mod_proxy.c.

I came up with the attached patch that seems to solve the problem. The patch
tries to check if the Host header of the request is someone else and if so,
construct the full URL from the Host header and other information of the

There is one problem, though: If Apache does not have a VirtualHost directive
in httpd.conf, it cannot detect requests meant for Apache itself. 

Is it required to have a VirtualHost directive in httpd.conf or should I be
using some other method to check who the request was meant for? Should there
be an option to turn on this transparent proxy support or can it be always

Sami Tikka, senior software engineer, F-Secure Corporation
tel: +358 9 2520 5115, fax: +358 9 2520 5015
F-Secure: Securing the Mobile Enterprise

View raw message