Guest Wireless traffic redirect to Proxy Server
I have Guest WLAN and i want to redirect all the traffice to Proxy Server. We use Cisco Ironport.
Cisco proxy Ironport has the ip 10.X.X.X.
We also have NCS Server. Can anybody tells me where i can configure this
best regards and thanks in advance
Muzaffar:
If you have web-auth configured you may have problems with the redirection if the users are using manual proxy server configured.
For that, you better enable WebAuth proxy redirection on wireless controller.
Here is the config example
http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b8a909.shtml
HTH
Amjad
Similar Messages
-
Traffic move through Proxy Server in Production
Hello,
Internet
|
Internet Router
|
Internet switch
|
IPS
|
Firewall
|
IPS
Inside ()---- Access-sw----------Core-SW------------DMZ
This is my Company network diagram, all data go through the firewall IPS is Inline mode on Acess and Core sw static route is configured for firewall but management wants all inside (Noc Room Helpdesk Team and Third Party members) traffic must pass via Proxy server that is connected to Core switch Please anybody tell me How can i do this in a Production Enviornment and which type of changes i need to do on Access or Core Switch.They will use Squid for Proxy on Linux ServerWCCP can be used to redirect traffic to the proxy server. See below a configuration example:
http://www.crypt.gen.nz/papers/cisco_squid_wccp.html
Don't forget to rate all posts that are helpful by clicking on the stars below. -
How to know internally redirect in Proxy Server
Hello,
I notice that our developed NSAP codes, at very first time, Sun Java System proxy Server internally redirect in Proxy Server.
If anyone knows how we can get the behavior difference between internal redirect and normal procedure to see the pblock structure.
Best Regards;
MMd1Here is the program.
My NSAPI program generate POST message in the below, but Web Proxy Server generate the appended URL in the below;
http: //tnakamura-t42.xxx.com:85/NSAPI_dev/http%3A//tnakamura-t42.xxx.com%3A86/test4/test1.html
The last GET in the message of the below should be;
http%3A//tnakamura-t42.xxx.com%3A86/test4/test1.html
The Web Proxy Server internally redirect the below.
I am not sure why Web Proxy Server modify the URL between (POST -> GET message)
If anyone knows the causes, please let us know.
( Here is the HTTP Header packet log)
==================================================
POST http: //tsugai-t42.xxx.com:85/NSAP_dev/aaa_logon_en.html HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: http://tsugai-t42.xxx.com:85/NSAP_dev/aaa_logon_en.html
Accept-Language: ja
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: tsugai-t42.xxx.com:85
Content-Length: 55
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: AAAASESSION=aHR0cCUzQS8vdHN1Z2FpLXQ0Mi5hcC5yc2EubmV0JTNBODYvdGVzdDQvdGVzdDEuaHRtbA%3D%3D
auth_mode=basic&user=aaaaa&password=xxxx&x=13&y=10
HTTP/1.1 303 See Other
Server: Sun-Java-System-Web-Proxy-Server/4.0.2
Date: Thu, 20 Apr 2006 23:57:42 GMT
Content-length: 106
Content-type: text/html
Set-cookie: AAASESSION=AAAAAQABAEBmNJDkbIY5stNO5YOpcqSUkKpAA341dbnAtqDShjDEk%2FUNelCn%2BSc2eOutJiX3tla1aFs2muQ%2BZ61WHhDvQfDr; domain=.xxx.com; path=/
Location: http%3A//tnakamura-t42.xxx.com%3A86/test4/test1.html
Connection: close
GET http: //tnakamura-t42.xxx.com:85/NSAPI_dev/http%3A//tnakamura-t42.xxx.com%3A86/test4/test1.html HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: http://tnakamura-t42.xxx.com:85/NSAPI_dev/aaa_logon_en.html
Accept-Language: ja
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: tnakamura-t42.xxx.com:85
Proxy-Connection: Keep-Alive
Pragma: no-cache
Cookie: AAAASESSION=aHR0cCUzQS8vdHN1Z2FpLXQ0Mi5hcC5yc2EubmV0JTNBODYvdGVzdDQvdGVzdDEuaHRtbA%3D%3D; AAASESSION=AAAAAQABAEBmNJDkbIY5stNO5YOpcqSUkKpAA341dbnAtqDShjDEk%2FUNelCn%2BSc2eOutJiX3tla1aFs2muQ%2BZ61WHhDvQfDr
HTTP/1.1 403 Forbidden
Content-length: 142
Content-type: text/html
Server: Sun-ONE-Web-Server/6.1
Date: Thu, 20 Apr 2006 23:57:49 GMT
Via: 1.1 proxy-proxy402
Proxy-agent: Sun-Java-System-Web-Proxy-Server/4.0.2
========================================= -
Redirecting http traffic to the proxy server
Hi,
We have a requirement to divert web traffic to blue coat proxy through firewall. Below is the setup
Requirement:
We need to divert web traffic from 10.20.200.0/23 [DMZ-STAFFNET] and point it to Bluecoat proxy to process the packets.
Now that ASA doesn't support PBR to accomplish this, how can we accomplish this ?Hi,
To list one limitation that you might see in your scenario , You would only be able to redirect the subnets to the proxy from those subnets which are physically behind the interface where the WCCP server resides only. i.e. UNTRUST
Now , talking about the NAT , why don't you try this NAT if you don't want to NAT the Source part of the Traffic:-
(DMZ-STAFFNET) to (bluecoat) source static DMZ-STAFFNET DMZ-STAFFNET destination static internet proxy-server service original-http proxy-8080
Also , ASA now supports Policy Based routing from ASA 9.4.1 :)
Thanks and Regards,
Vibhor Amrodia -
Wireless Downstream of a Proxy Server (AllegroSurf)
Anyone know how I should go about setting up a wireless setup downstream of my AllegroSurf Proxy Server. Not sure how to get started. Have a new Linksys Router and having difficulty.
Thx,
ChuckIs Sonic Wall an authenticated proxy?
If so, say good bye to most apps, many apps either fail silently on connecting or even crash behind authenticated proxies - even when the authentication details are supplied in the wireless config
I have iPads behind a smoothwall proxy (non-auth) and we have a proxy.pac file on our managment server.
This proxy.pac (http://ipad/proxy.pac - set in Auto ) directs all iPad traffic to the smoothwall proxy, rather then our default auth proxy.
Smoothwall can insert the authentication, and then direct it to your Sonic Wall -
Using ACE to load balance HTTP/S traffic between client & proxy server using tcp 8080
Folks,
I have a scenario where ACE is in load balancing connections to a bunch of Websense servers in a one-armed topology. ACE presents a single VIP to web browser clients and each client's browser proxy configuration is populated with the VIP DNS name. Traffic then gets load balanced between the Websense servers. The problem arises due to Websense requiring the 'X-Forwarded-For' HTTP header in order to obtain the source IP of the client.
ACE inserts this header into the standard HTTP 'proxied' traffic but doing this for HTTPS traffic has required the configuration of the ACE SSL proxy client server.
So the problem I have is this:
How to configure ACE to load balance both HTTP & HTTPS applications using a single VIP and tcp port number ie tcp 8080
The ACE hardware being used is ACE20-MOD-K9 - MODULE
I have attempted to use a L7 class map to match all ciphers and attach this to a L7 Policy-Map but the documentation highlights the fact the 'match cipher' configuration is only available on the ACE appliance.
I believe I am on the correct track. The HTTPS traffic must be identified and used to match against PolicyA and HTTP traffic matched against PolicyB
I'm looking for ideas! I'm hopeful someone must have solved this problem previously!!
Regards,
SimonHi Simon,
The classification has to work on different ports. Whether client types http or https doesn't matter to client. His request will reach VIP which will classify the traffic based on port, protocol first and then it can look into further detail to send the traffic to appropriate serverfarm.
You can class-map match-any xxxxx
2 match virtual-address x.x.x.x tcp any
and then you configure further classification on the basis of L7 like url, header etc.
But again, you will still need SSL termination on ACE.
Regards,
Kanwal
Note: Please mark answers if they are helpful. -
ASA DMZ zone and Unix proxy server
Hi.
i have router which all nat translation done at here. i have a asa and core sw.
192.168.1930.0/24 subnet my user and some server are located at this subnet. this subnet created at core sw.
int vlan 393
ip address 192.168.193.1 255.255.255.0
core sw connected to asa inside interface.asa inside interface ip 172.30.30.1 and at core sw site this port access vlan 8 which is
int vlan 8
ip address 172.30.30.2
at core sw at i have a default route to asa.
ip route 0.0.0.0 0.0.0.0 172.30.30.1
and asa site
route inside 192.168.193.0 255.255.255.0 172.30.30.2
all of them are ok.
i think that is ok.
at asa i have dmz zone which ip address:
interface Ethernet0/1
description connect to CoreSW
nameif inside
security-level 100
ip address 172.30.30.1 255.255.255.0 standby 172.30.30.3
interface Ethernet0/2
description DMZ zone connect mail server
nameif DMZ
security-level 50
ip address 172.16.10.1 255.255.255.0 standby 172.16.10.2
my proxy server inside interface connected to asa dmz zone and ip address 172.16.10.254 and outside interface is connected asa outside site which mean that is same subnet of asa outside interface which is 10.0.0.254 and then 10.0.0.254 i do static nat at router. i have no problem at nat translation.
i want my 192.168.193.0 subnet pass througth from proxy when this subnet want to connet internet.
i wrote
static (inside,DMZ) 192.168.193.0 192.168.193.0 netmask 255.255.255.0
and access-list
access-list from_dmz_to_in extended permit ip host 172.16.10.254 any
access-group from_dmz_to_in in interface DMZ
at this time what is up?
the user can not access internet and what i do? i wrote proxy server inside ip and default port 3128 at user internet explorer properties.
internet explorerr--tools-properties-connection-lan settting and show there 172.16.10.254 and port 3128.
at this time my user connect internet when i wrote this. when i remove this they can not connect internet
but i do not want write anything at my user. how i solved this?
after that one problem occur.
when my server to do nslookup it can not work.
i thnik that it is true because we have only one port 3128 is open and my server need udp 53.so it can not work
how i solve this issue?
as you see my access-list all of is open and i do
static (inside,DMZ) 192.168.193.0 192.168.193.0 netmask 255.255.255.0
it is this wrong proxy connection???
musti change proxy server inside interface to other device or asa other interface?
thanks.There is 2 way the proxy server can work, ie: either transparent or explicit proxy.
From your explaination, explicit proxy works just fine when you configure the proxy settings on your browser.
The reason why transparent proxy does not work is because:
1) When user browser connects to the Internet, the ASA default gateway is via the outside interface, that is why the Internet traffic is not being routed transparently towards your proxy server which is connected to the DMZ interface.
The static NAT statement configured on the ASA does not perform redirection. If you would like to transparently route the internet traffic towards the proxy server on DMZ, you would need to route the traffic towards the proxy server. With the current topology that you have, it is not achievable on the ASA. ASA does not support Policy Based Routing, nor it supports WCCP when the user and the proxy server is on different interfaces.
2) Also need to find out if the proxy server itself supports transparent proxy.
Otherwise, since explicit proxy works, why don't you just push the proxy settings to the browser via Active Directory Group Policy? -
Safari 3.x (Leopard) and Web Proxy Server Problems:
I have a Squid proxy server running on Linux. Users web traffic is directed through it via WPAD server which hosts a simple PAC file. The PAC files is very clean and small. It basically points all external (Internet) web traffic to our Proxy server. All of our Windows, Linux and Tiger clients work fine. However, Leopard (Safari 3.x) doesn't work quite right. Here's what happens:
Mac user logs into a Leopard 10.5 Mac. User launches Safari and tries to go to an external (Internet) site. The WPAD server is contacted and the Mac User is prompted to authenticate to the Proxy server. This is totally normal behavior thus far. Then, however, every few minutes the Leopard Mac user will be prompted to authenticate again (sometimes 2 or 3 times in a row!). Firefox 2.0.x, when configured to use the WPAD/PAC server and Proxy server, works fine in Leopard. Only Safari 3 in Leopard is having the problem.
All the Macs (Tiger and Leopard) are configured to use the Proxy server via OS X's Network Pref Pane (using the "Automatic Proxy Configuaration"). Reminder: Tiger works fine (even with the Safari betas), but Leopard's doesnt not.
I have attached our PAC file inline below (some things edited for privacy):
// SIMR automatic configuration for Mozilla and friends
// $Id: wpad.dat,v 1.8 2005/12/14 20:18:23 dct Exp $
// Edit carefully, since many may be relying on this...
function FindProxyForURL(url, host) {
// Bypass the proxy for internal addresses
if (!url.match("http:")
|| url.match("http://127.0.")
|| url.match("http://10.")
|| url.match("http://192.168.")
|| isPlainHostName(host)
return "DIRECT";
// These are exceptions given in the IE config for Windows.
if (host == "www.ncbi.nlm.nih.gov"
|| host == "chabry.caltech.edu"
|| host == "flybase.bio.indiana.edu"
|| host == "www.fedex.com"
|| host == "domain.org"
return "DIRECT";
return "PROXY <proxy server>:8080";
}I think I have a similar problem. I am a Mac connecting to an otherwise all PC school network.
A new location with all correct proxies has been set up. However, Safari always crashes on first attempt to negotiate its way through our server to the internet. Internet explorer gets through because in its preferences it is possible to include the name of the school domain as well as my user name and password.
We have been unable to find any way of including the domain name into Location in Network or into Safari.
However, once Internet Explorer has negotiated with the server I can launch Safari and it works as normal.
Safari/Network seems to lack this option of including a domain name that my PC server requires.
Make sense to anyone?
Worth mentioning that my copy of Internet Explorer (5.2) often crashes, but usually it has done its job by then. I quite like the concept of Internet Explorer sacrificing itself to clear a path for Safari. -
ASA5510 base config for guest wireless network
Hello
I am partitioning off my guest wireless traffic out a new connection.
I have a WISM and a 5508 controller. The WISM will anchor the subnets to the specific controller.
AP - WISM - 5508 - FW - Cable link - Internet
Can anyone assist in implementing a base config so only traffic originating inside can get out, nothing from outside getting in.
The external link will be via cable and I want to configure their static on my outside int,
Where would be the best place to ratelimit the subnet(s)?
sMcip access-list 10 permit ip 172.16.16.0 255.255.255.0 eq 80ip access-list 10 permit ip 172.16.16.0 255.255.255.0 eq 443
These are router configurations and would not work on the ASA. To do this the ACL config would need to look like this:
access-list LAN extended permit ip 172.16.16.0 255.255.255.0 any eq 80
access-list LAN extended permit ip 172.16.16.0 255.255.255.0 any eq 443
access-group LAN in interface inside
Keep in mind that you can change the ACL name (LAN) to anything you want it to be. You could apply the ACL in the outbound direction but this is very unusual to do on the ASA and I do not suggest doing it unless you have a specific reason for doing so.
Also, to make sure this subnet has no access to inside services, what would be needed?
Not exactly sure where you are going with this. Is this subnet also located on the inside interface? or on a different interface?
If it is located on a different interface, then all you have to do is either give it a lower security level than that of the inside interface (lets say 90 for example), or add an ACL that denies traffic to the inside network subnet and then under that rule have an entery permitting traffic to any.
Keep in mind that the ACLs are checked top to bottom and there is an implicit deny any rule at the bottom of all ACLs. If this ASA is version 8.3 or higher the implicit deny can be seen in the global ACL in the ASDM.
Please remember to rate and select a correct answer -
WLC - Redirect Traffic to Web Proxy
Hi,
We need to create Guest WLAN on WLC 5508 which will be used for internet access only.
My questions are:
1. Is it possible to use our external web proxy server to authenticate users?
2. Can we also forward all traffic to the external web proxy to filter the websites that can be accessed (without configuring it on the browser)?
3. Can this be achieved using the L3 webauth?
Our topology:
WLC -- Switch -- ASA Firewall -- Internet -- External Web Proxy
We are using WLC as DHCP server for Guest WLAN with ASA Firewall as the gateway.
Any inputs and ideas are appreciated.
Many thanks.Otiynomed,
I have come across this problem recently as well and ended up using an Internal DHCP server with Option 252 configured which will point Users towards our proxy for authentication. Unfortunately it isn't a perfect setup as the following issues occurred:
If using Option 252, make sure the wpad file has an internal re-direction for the virtual interface of your anchor controller to allow web-auth redirection otherwise devices will try to get to that address externally
Some devices don't support Option 252
You have to set the devices to 'auto proxy discover' whether Windows or Apple
If using devices running less than iOS 6 then embedding authentication in the proxy settings upon initial connection will still end up with users being prompted for HTTPS authentication constantly. HTTP traffic will work fine however.
Android devices don't like Option 252 and most of the applications don't work with authentication via a proxy except browsing
Alternatively, use web-auth but link it to an LDAP server or RADIUS server for authentication and use a transparent proxy. Problem solved -
E4200 guest wireless redirect failure in Bridged Mode: cause & solution.
Background:
I have two E4200 v1 routers, both running the 1.0.04 firmware, both running in Bridged Mode.
On one, guest wireless redirect works perfectly: select the Network-guest SSID, open a browser and you get the Cisco login page, enter the passphrase and bingo, you're connected.
On the other unit, the redirect seems to fail. You are never presented with the login page and so, you are never connected.
After hours of mucking about, including some time on the phone with a very patient engineer, I believe I have stumbled on what's actually going on and possibly, what needs to be done to fix it.
The Problem
The firmware assumes that in Bridged Mode, DNS should come from the Gateway IP address.
The Fix
Linksys should include a field in Bridged Mode that allows you to specify an IP for the DNS server.
Diagnostics
To diagnose the problem, I used a Mac OS X machine.
The network is set up like this:
Router (not the E4200) is at 10.0.0.1
DNS server is at 10.0.0.2
E4200, Bridged Mode as a WAP, is at 10.0.0.253.
E4200's network settings are:
IP: 10.0.0.253
Subnet: 255.255.255.0
Gateway: 10.0.0.1
The problem is that the Linksys firmware assumes that DNS and the gateway are at the same IP. You will note that there is no place in the Bridged Mode settings to specify a DNS server IP address. You can prove this by doing the following:
1. Connect to the guest wireless.
2. In a Terminal window, type cat /etc/resolv.conf and press Enter. You'll see this:
nameserver 10.0.0.1
nameserver 192.168.33.1
This tells us that when you're on the guest network, your machine is looking for DNS results from 10.0.0.1. Except that on many networks, the gateway does not supply DNS. You can prove that DNS is working by typing this into a Terminal window:
dig yahoo.com
You should see a result similar to this:
; <<>> DiG 9.6-ESV-R4-P3 <<>> yahoo.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45182
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 13
;; QUESTION SECTION:
;yahoo.com. IN A
;; ANSWER SECTION:
yahoo.com. 3063 IN A 209.191.122.70
yahoo.com. 3063 IN A 72.30.38.140
yahoo.com. 3063 IN A 98.139.183.24
;; AUTHORITY SECTION:
. 24651 IN NS a.root-servers.net.
. 24651 IN NS j.root-servers.net.
. 24651 IN NS l.root-servers.net.
. 24651 IN NS c.root-servers.net.
. 24651 IN NS e.root-servers.net.
. 24651 IN NS d.root-servers.net.
. 24651 IN NS f.root-servers.net.
. 24651 IN NS m.root-servers.net.
. 24651 IN NS g.root-servers.net.
. 24651 IN NS b.root-servers.net.
. 24651 IN NS i.root-servers.net.
. 24651 IN NS h.root-servers.net.
. 24651 IN NS k.root-servers.net.
;; ADDITIONAL SECTION:
a.root-servers.net. 24651 IN A 198.41.0.4
b.root-servers.net. 24651 IN A 192.228.79.201
c.root-servers.net. 24651 IN A 192.33.4.12
d.root-servers.net. 24651 IN A 128.8.10.90
e.root-servers.net. 24651 IN A 192.203.230.10
f.root-servers.net. 24651 IN A 192.5.5.241
g.root-servers.net. 24651 IN A 192.112.36.4
h. root-servers.net. 24651 IN A 128.63.2.53
i.root-servers.net. 24651 IN A 192.36.148.17
j.root-servers.net. 24651 IN A 192.58.128.30
k.root-servers.net. 24651 IN A 193.0.14.129
l.root-servers.net. 24651 IN A 199.7.83.42
m.root-servers.net. 24651 IN A 202.12.27.33
;; Query time: 73 msec
;; SERVER: 10.0.0.1#53(10.0.0.1)
;; WHEN: Thu Apr 5 10:51:02 2012
;; MSG SIZE rcvd: 494
Note the section at the bottom that says ;; SERVER: 10.0.0.1#53(10.0.0.1). This tells you that the DNS query was answered by the DNS server at 10.0.0.1.
But in fact, if DNS is NOT served by your Gateway, you'll see this:
dig yahoo.com
; <<>> DiG 9.6-ESV-R4-P3 <<>> @10.0.0.1 yahoo.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Lucky:~ aball$
As a side note: the reason that the login page is never presented is most likely that the login page is only presented the first time that your Mac OS X machine connects to the network. Thereafter, the network is remembered and the WAP allows you access without a password. So, once you've connected a second time to the network, the WAP says "I know you" and lets you sail on through to wherever your browser is pointed, but then the browser, unable to find a DNS server, returns a blank page which appears to be a failure to present the login page but is, in fact, a DNS failure.
Hope someone finds this useful. And here's hoping that Linksys fixes this obvious issue with the firmware.I do understand what you were trying to do here since you would like to have only 2 SSIDs (main & guest) for perhaps easy connectivity. The reason why you were not having problems getting online wirelessly when you were connected to the main network it’s because the computer was connected to only one DHCP server since the 2 bridge routers were just acting as a switch or a passthrough device. Now with guest network access it is a different scenario, a guest network is a virtual network meaning to say it’s like your having another router embedded on your router. Since it is a virtual network, then it does not follow the parameters of the main network, hence even if the router was set to bridge mode those routers will still have their own ip address of either 192.168.33.1 or 192.168.3.1.
-
WLC guest wireless proxy script for Apple iPhone
I have guest wireless setup on a 4402 WLC. I am using a wpad.dat (proxy.pac) proxy auto-config script to ensure guest traffic passes through a proxy. After a few attempts at creating a working proxy.pac file, Cisco TAC provided one that worked successfully for IE and Firefox (I realise only IE is offically supported by the WLC however my issue is not with an issue of browser-WLC compatibility).
I am after a proxy.pac proxy auto-config file that will work with Apple iPhone Safari browser (the script below does not). Manually specifying the proxy is not an option as Sarafi on the iPhone does not allow "proxy exceptions" to be specified.
The script I use which works fine with IE and Firefox is below:
function FindProxyForURL(url, host)
// variable strings to return
var proxy_yes = "PROXY 10.23.16.20:80";
var proxy_no = "DIRECT";
if (shExpMatch(url, "http://1.1.1.1*")) { return proxy_no; }
if (shExpMatch(url, "https://1.1.1.1*")) { return proxy_no; }
// Proxy anything else
return proxy_yes;Here is the Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.0
http://www.cisco.com/en/US/docs/wireless/technology/guest_access/technical/reference/4.0/GAccess.html#wp1167844 -
How do I create a configuration profile that has wireless settings including a manual proxy server.
I can configure the wireless network using the IPCU but cannot set the proxy server settings.
I'm sure that this is simple but just can't work it out!IPCU does not currently allow entry of proxy server settings. This must be done, from the device, for each wi-fi network. It would be great if it did.....
-
Little help please with forwarding traffic to proxy server!
hi all, little help please with this error message
i got this when i ran my code and requested only the home page of the google at my client side !!
GET / HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
Accept-Language: en-us
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; .NET CLR 2.0.50727)
Host: www.google.com
Connection: Keep-Alive
Cookie: PREF=ID=a21457942a93fc67:TB=2:TM=1212883502:LM=1213187620:GM=1:S=H1BYeDQt9622ONKF
HTTP/1.0 200 OK
Cache-Control: private, max-age=0
Date: Fri, 20 Jun 2008 22:43:15 GMT
Expires: -1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Server: gws
Content-Length: 2649
X-Cache: MISS from linux-e6p8
X-Cache-Lookup: MISS from linux-e6p8:3128
Via: 1.0
Connection: keep-alive
GET /8SE/11?MI=32d919696b43409cb90ec369fe7aab75&LV=3.1.0.146&AG=T14050&IS=0000&TE=1&TV=tmen-us%7Cts20080620224324%7Crf0%7Csq38%7Cwi133526%7Ceuhttp%3A%2F%2Fwww.google.com%2F HTTP/1.1
User-Agent: MSN_SL/3.1 Microsoft-Windows/5.1
Host: g.ceipmsn.com
HTTP/1.0 403 Forbidden
Server: squid/2.6.STABLE5
Date: Sat, 21 Jun 2008 01:46:26 GMT
Content-Type: text/html
Content-Length: 1066
Expires: Sat, 21 Jun 2008 01:46:26 GMT
X-Squid-Error: ERR_ACCESS_DENIED 0
X-Cache: MISS from linux-e6p8
X-Cache-Lookup: NONE from linux-e6p8:3128
Via: 1.0
Connection: close
java.net.SocketException: Broken pipe // this is the error message
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
at java.net.SocketOutputStream.write(SocketOutputStream.java:115)
at java.io.DataOutputStream.writeBytes(DataOutputStream.java:259)
at SimpleHttpHandler.run(Test77.java:61)
at java.lang.Thread.run(Thread.java:595)
at Test77.main(Test77.java:13)please could just tell me what is wrong with my code ! this is the last idea in my G.p and am havin difficulties with that cuz this is the first time dealin with java :( the purpose of my code to forward the http traffic from client to Squid server ( proxy server ) then forward the response from squid server to the clients !
thanx a lot,
this is my code :
import java.io.*;
import java.net.*;
public class Test7 {
public static void main(String[] args) {
try {
ServerSocket serverSocket = new ServerSocket(1416);
while(true){
System.out.println("Waiting for request");
Socket socket = serverSocket.accept();
new Thread(new SimpleHttpHandler(socket)).run();
socket.close();
catch (Exception e) {
e.printStackTrace();
class SimpleHttpHandler implements Runnable{
private final static String CLRF = "\r\n";
private Socket client;
private DataOutputStream writer;
private DataOutputStream writer2;
private BufferedReader reader;
private BufferedReader reader2;
public SimpleHttpHandler(Socket client){
this.client = client;
public void run(){
try{
this.reader = new BufferedReader(
new InputStreamReader(
this.client.getInputStream()
InetAddress ipp=InetAddress.getByName("192.168.6.29"); \\ my squid server
System.out.println(ipp);
StringBuffer buffer = new StringBuffer();
Socket ss=new Socket(ipp,3128);
this.writer= new DataOutputStream(ss.getOutputStream());
writer.writeBytes(this.read());
this.reader2 = new BufferedReader(
new InputStreamReader(
ss.getInputStream()
this.writer2= new DataOutputStream(this.client.getOutputStream());
writer2.writeBytes(this.read2());
this.writer2.close();
this.writer.close();
this.reader.close();
this.reader2.close();
this.client.close();
catch(Exception e){
e.printStackTrace();
private String read() throws IOException{
String in = "";
StringBuffer buffer = new StringBuffer();
while(!(in = this.reader.readLine()).trim().equals("")){
buffer.append(in + "\n");
buffer.append(in + "\n");
System.out.println(buffer.toString());
return buffer.toString();
private String read2() throws IOException{
String in = "";
StringBuffer buffer = new StringBuffer();
while(!(in = this.reader2.readLine()).trim().equals("")){
buffer.append(in + "\n");
System.out.println(buffer.toString());
return buffer.toString();
Edited by: Tareq85 on Jun 20, 2008 5:22 PM -
Wireless auto proxy server OS X
Hi,
With IOS you are able to assign a proxy server per Wireless connection, but I can not see how to do this via OS X, when im at work I have to manually enter the proxy settings for both HTTP and HTTPS then remove them when I get home.
There must be a way to do this but I can not seem to find anything.
I would be greatful for any advise on how to do this.
Thanks in advance.Hi Linc,
Thanks for he response, that will save me a lot of effort
Take it there is no way to link the proxy server to the wireless so it is automatic then?
From what I have read about the locations, which I have already setup, but a manual switch is required to change. I know this makes me sound very lazy, but was just wondering if it is possible.
Maybe you are looking for
-
Input parameters for BAPI_GOODSMVT_CREATE --MIGO--GR for Outbound Delivery
Hi Friends, We have to create a Goods Receipt against an Outbound Delivery ( movement type "101" ) using the BAPI <b>BAPI_GOODSMVT_CREATE</b>. In online the user is using <b>MIGO</b> transaction for the same. There he will choose the GOODS RECEIPT
-
Default principal validation provider
Hello, I wonder if sombody can tell me if instances of the principal class I have attached to this post will be validated by the default principal validation provider??? package org.rps.weblogic.security.principal; import org.rps.security.spi.RPSGrou
-
On iMovie, when I add a new photo a then add another one, the newer photo is only the previous photo, only stretched out. What do I do!!?! (I'm new at this help communities thing)
-
Why does my macbook shut down when the lid is closed?
Hi, I have a Macbook Pro (mid-2012) running 10.9.1 Last week out of the blue, the Macbook started shutting down whenever I close the lid. When I open the lid, the logon screen appears (as if it's been asleep as normal) but almost immediately reboots
-
Digital Copy supplied with BluRay doesn't download properly...
BluRays such as Sherlock Holmes, Hulk, and Star Trek come with a Digital Copy disc and code. You put the disc in, enter the code at the iTunes Store, and it begins to download. When the download queue shows it is completely downloaded, it just keeps