Proxies¶
Estimated time to read: 3 minutes
- Last Updated: January, 2025
Diagrams for my future self or anyone else who needs to remember proxy directions and details.
Definitions¶
Forward Proxy¶
I need to specify a proxy server on endpoints in my lab to allow outbound traffic out to the internet. This allows for content filtering, caching, logging etc. See below for how to set them in different areas
Reverse Proxy¶
This is for inbound client requests trying to reach internal endpoints (e.g. a web server). It could be used for load balancing, caching, TLS termination, security etc
Corporate Proxy Configurations¶
Here are some proxy configuration settings I've found for various components.
Linux via environmental variable¶
export http_proxy="http://<my-proxy-address>:80/"
export https_proxy="http://<my-proxy-address>:80/"
export no_proxy="localhost, 127.0.0.1"
apt-get¶
Within /etc/apt/apt.conf./apt.conf
Acquire {
HTTP::proxy "http://<my-proxy-address>:80/";
HTTPS::proxy "http://<my-proxy-address>:80/";
}
Docker¶
Within /etc/systemd/system/docker.service./http-proxy.conf
Environment="HTTP_PROXY=http://<my-proxy-address>:80/"
Environment="HTTPS_PROXY=http://<my-proxy-address>:80/"
Environment="NO_PROXY=localhost,127.0.0./8"
Restart Docker
wget¶
Within /etc/wgetrc
curl¶
Within ~/.curlrc
Rancher¶
Within Rancher cluster.yml
network:
http_proxy: http://<my-proxy-address>:80/
https_proxy: http://<my-proxy-address>:80/
no_proxy: localhost,127.0.0.1
What about NAT?¶
Network Address Translation is changing the network address and performs a different function from the proxy examples above
Source NAT¶
Changes the source IP address
e.g. for an internal client with a private address sending a packet outbound to the internet
Destination NAT¶
Changes the destination IP address
e.g. for an external client sending a packet inbound to an endpoint with a private address
