What you need is "inverse" firewalling, denying your users to go directly.
Can also be combined with similar techniques as in transparent proxying to
provide the user with instructions on how to configure the proxy settings if
they attempt in going directly.
Regards
Henrik
Ps. Questions on Squid usage should be sent to the Squid-Users mailing list.
On Wednesday 28 November 2001 05.48, NRCG wrote:
> Dear Mr.Henrik,
> I am running a server with 2 NICs and squid running on the eth1, port 8080.
> I am running Apache on the eth0 port 80 and the web page of my organization
> also is hosted on.I use proxy authentication with NCSA and hence, can not
> run proxy in the transparent mode. Now my problem is 1. I want all my
> internal users (users on the network 192.168.1.0) must use the proxy on
> 192.168.1.1:8080 (eth1) compulsorily and should not access the internet
> directly by setting their browser direct (without proxy) 2. Even if I set
> the proxy option in the client's browser, he can change the setting to
> direct and reach internet bypassing proxy and authentication., I want to
> block such direct access to the internet
Received on Wed Nov 28 2001 - 02:57:10 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:35 MST