Re: Follow-up, Re: Can anybody make any sense out of this? (it involves lack of DNS)

[Scott Klement <klemscot@xxxxxxxxxxxx>]

On 1/9/2012 12:16 PM, Pete Helgren wrote:
> I am pretty sure that HTTPAPI uses the same mechanism as a "browser":
> The initial contact with the proxy is at the proxy IP and port and then
> from that point all of the conversations with the outside world are
> "direct", that is, without specifying the proxy information (Scott would
> have to verify this and I am sure the mechanics are much more involved).

No, sorry that's not correct.  (And, if it were, you could not refer to 
the device as a "proxy" -- the word "proxy" means that it's making the 
requests on your behalf.)

What you're describing would be an authenticated whitelisting firewall 
-- but I've never heard of something like that on the market.


>
> The only alternative is to configure the firewall/proxy to allow traffic
> to pass unfettered from a specific IP address (which is what I do).
>

That defeats the purpose behind having a proxy in teh first place.

Here are some of the reasons you might use a proxy:

1) So you can keep track of who is connecting to where. (Logging.)

2) So you can authorize certain users to certain sites.

3) So you can cache some of the details from sites to improve 
performance.  (Particularly useful when you have many users all 
connecting to the same sites.)

4) So you can block certain sites.  (For example, block all pornographic 
sites from your place of business.)

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------