IPCop Linux Firewall

Proxy Server

A proxy server is basically a cache for websites. When a proxy is used, the web browser does not contact the remote site directly, but rather queries the proxy. The proxy server will then check to see whether its cache already contains a copy of the requested site, and whether a newer version exists on the Internet. This ensures that only new data must be downloaded from the Internet, while the rest is provided from within the local network. This can save a great deal of bandwidth, especially when many users are browsing simultaneously. Potentially even more important is the fact that sites load much faster.

There are two types of proxy servers. A classic proxy listens for requests on a specific port, usually 8080 or 3128. Every user that wishes to use this proxy must configure his browser manually to use it, otherwise it is bypassed.

The second type is the transparent proxy, which latches onto any HTTP connection without requiring any further configuration on the client side. In this case, bypassing the proxy is not possible, which is why large companies prefer this configuration: it allows them to limit access to certain websites.

IPCop supports both types of proxies, although the server is turned off by default. It can be enabled using the option Services > Proxy. Proxies can be activated individually for each of the interfaces. Therefore, the correct option for the green interface is called Enabled on Green in Figure 30. If a WLAN adapter is installed, it too can be configured to use a proxy, with the option Enabled on Blue.

Figure 30: Proxy Server Settings

Checking the option Transparent makes the server a transparent proxy. In this case, the proxy port is ignored. If this setting is not enabled, the server and the corresponding port have to be entered manually in each browser on every client. The size of the proxy server's cache can be adjusted under Cache Management, while the cache itself is located on the router's hard drive. We chose a cache size of 40 GB and a maximum file size of 32 MB for cached objects; a minimum file size is not specified.

Tip: A word of warning about clicking the save button when a large cache size is selected: The web interface will not react for a while, as the router attempts to allocate the specified disk space. Don't panic, just be patient and wait for it to complete.

Finally, there is also an option to limit the amount of data that is transferred. This is especially interesting for users who don't have flat rate Internet service, as it prevents exorbitant Internet bills as a result of large downloads.