On 01/06/2011 11:27 PM, Amos Jeffries wrote:
> On 07/01/11 15:54, mpnordland wrote:
>> The tricky thing is, is that this is all on one computer, squid is a
>> proxy for the computer it is installed on, the idea of it all is to
>> track the urls that the users visit. Authentication is necessary so that
>> one user's log isn't mixed with another's. And just so you know, this
>> isn't spyware.
>>
>
> Not much difference to a proxy on a router. Just use the user-PID
> instead of source client IP in your firewall rules around port 80.
> For example the squid user ID is allowed port 80 access but all others
> are not. WPAD is used to point at 127.0.0.1 as the proxy IP.
>
> And yes WPAD and the *nix global http_proxy environment variable are the
> only ways to get authentication in a proxy without configuring it
> directly into the browser.
>
> Amos
Ok, I like this because it makes sense, I am pretty sure I can figure
out how to setup iptables to only allow squid, how should I set up WPAD
on my setup, and why 127.0.0.1?
Received on Fri Jan 07 2011 - 15:01:34 MST
This archive was generated by hypermail 2.2.0 : Fri Jan 07 2011 - 12:00:02 MST