Re: [squid-users] Squid, Squidguard and Transparent Proxying

From: Chris Robertson <crobertson@dont-contact.us>
Date: Mon, 16 Oct 2006 13:49:21 -0800

Scott Ackerman wrote:
> I am the IT Administrator for a local charter school. I was hired
> after an external support company was determined to no longer meet our
> needs. The short story is that I am trying to set up an adequate
> web-filtering solution for our school. I have already set up Squid and
> have it configured to run as a transparent proxy, as it is my
> understanding that this is the only way I can force the use of our
> proxy server (the little urchins discovered last year how to change
> proxy settings in their browser to get to open proxies and view
> anything they want). But I am not sure how well this will integrate
> with Squidguard as I also understand that in order for me to allow
> teachers more access, some form of authentication with squid needs to
> happen which won't work with a transparent proxy. Any suggestions on
> this. I am currently running squid 2.5 on a Fedora Core 5 box with
> Shorewall doing the redirect through netfilter.
>
Set Squid up to listen on two ports, and only allow authenticated
requests on the second port. Teachers can specify the second port and
use authentication, and you can redirect other traffic to the
intercepting port.

Specifics depend on how you have defined your ACLs and http_access rules.

Chris
Received on Mon Oct 16 2006 - 15:49:27 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST