Re: [squid-users] Restricting users to access web w/o using SQUID

From: Mathieu MALAISE <mmalaise@dont-contact.us>
Date: Thu, 7 Nov 2002 10:02:16 -0800

What are the services you want to allow for direct connects ?

----- Original Message -----
From: <shaheen@OpenNetbd.com>
To: "Mathieu MALAISE" <mmalaise@mediatronics-corp.com>
Sent: Thursday, November 07, 2002 9:50 AM
Subject: Re: [squid-users] Restricting users to access web w/o using SQUID

> You are right, the Linux box is my gateway. Any pointer you want to throw
in
> as to how the iptables command you are recommending should look like and
then
> I will look up the actual syntax. Thanks in advance.
>
> Mathieu MALAISE wrote:
>
> > Hello,
> >
> > You should try to restrict the access using IPTABLES.
> > I understand that your linux box in your gateway... if not
> > restrict it in your firewall.
> >
> > Mathieu.
> >
> > ----- Original Message -----
> > From: <shaheen@OpenNetbd.com>
> > To: <squid-users@squid-cache.org>
> > Sent: Thursday, November 07, 2002 9:21 AM
> > Subject: [squid-users] Restricting users to access web w/o using SQUID
> >
> > > Hi, I am seeing some users are bypassing the squid proxy servers by
> > > going directly to the net. Any way to restrict this? They simply do
not
> > > have the proxy server mentioned in their browser and using the proxy
> > > server as their default gateway (which has 2 NICs, one pvt other
> > > public).
> > >
> > > I am running 2.4STABLE7 of SQUID on RH 7.3 and have the following
> > > iptables commands in my rc.local file.
> > >
> > > /sbin/iptables -t nat -P POSTROUTING DROP
> > > /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> > >
> > >
> > > --
> > > Ce message ne contient pas de virus connu.
> > > neoDomaine Postmaster - http://www.neodomaine.com/
> > >
>
>
> --
> Ce message ne contient pas de virus connu.
> neoDomaine Postmaster - http://www.neodomaine.com/
>
Received on Thu Nov 07 2002 - 10:57:51 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:13 MST