On Mon, May 17, 2004 at 06:42:58PM -0400, Joseph S D Yao wrote:
> I've seen similar questions to mine in the archives with no answers.
> I'm open to any reasonable suggestions.
>
> We have several different proxying firewalls coming out of our private
> internet to the public Internet. I'd like to use squid to (a) change
> or remove some of the header information that's gratuitously [;-)]
> entered by some browser paths, and (b) to direct which proxying
> firewall I want to use. I believe I have read that squid can do (a).
> I had thought that squid could do (b). The considerations for the
> latter are:
>
> - some users will be coming from anywhere [corporate network,
> dial-in, other VPNs], but will want to select one particular
> firewall that does things they way they like it, and we need
> to accommodate those customers
> - some users' organizations have stated a preference for
> certain firewalls, and so we need to accommodate those
> customers
> - some URLs' hosts are "closest" on the public Internet to one
> or another firewall, and so we'd like to use that firewall
> for those hosts, in the absence of a clearly stated request
> - some firewalls are equivalent, and in the absence of any
> other consideration, we'd like to pass queries around.
It looks like I declare all of the firewals to be "parent" peers, and
use ACLs to do all this. Does this sound right?
Thanks!
-- Joe Yao jsdy@center.osis.gov - Joseph S. D. Yao OSIS Center Systems Support EMT-B ----------------------------------------------------------------------- PLEASE ... send or Cc: all "OSIS Systems Support" mail to sys-adm@center.osis.gov ----------------------------------------------------------------------- This message is not an official statement of OSIS Center policies.Received on Thu Jun 03 2004 - 23:40:15 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT