Transparent HTTP/FTP proxy configuration

The configuration for transparent proxying is based on a standard routing mechanism as shown in Figure 5-1 below:

Figure 5-1. Scheme of ESET Gateway Security as a transparent proxy

esets_transparent_proxy

The configuration is created naturally as kernel IP routing tables are defined on each local network client. These routing tables are used to establish static routes to the default network gateway server (router). On a DHCP network, this is done automatically. All HTTP (or FTP) communication with outbound servers is then routed via network gateway server, where ESET Gateway Security must be installed in order to scan the communication for infiltrations. For this purpose, a generic ESETS HTTP (or FTP) filter has been developed, called esets_http (or esets_ftp).

To configure ESET Gateway Security to scan HTTP (or FTP) messages routed through the network gateway server, enter the command:

@SBINDIR@/esets_setup

Follow the instructions provided by the script. When the ‘Available installations/un-installations’ offer appears, choose the ‘HTTP’ (or FTP) option to display the ‘install/uninstall’ options, then choose ‘install’. This will automatically configure the module to listen on a predefined port. It also redirects IP packets originating from the selected network and with HTTP (or FTP) destination port to the port where esets_http (or esets_ftp) listens. This means that only requests originally sent to HTTP (or FTP) destination ports will be scanned. If you also wish to monitor other ports, equivalent redirection rules must be assigned.

In default mode, the installer shows all steps which will be performed and also creates a backup of the configuration, which can be restored at any time. The detailed installer utility steps for all possible scenarios are also described in ESETS setup and configuration topic of this document.