Fwd: Re: [squid-users] Transparency and blocking other proxies from jimmy@dont-contact.us on 2006-04-21 (squid-users)

From: <jimmy@dont-contact.us>
Date: Fri, 21 Apr 2006 12:38:57 -0700

----- Forwarded message from jimmy@emobilenetworks.com -----
    Date: Fri, 21 Apr 2006 12:36:52 -0700
    From: jimmy@emobilenetworks.com
Reply-To: jimmy@emobilenetworks.com
Subject: Re: [squid-users] Transparency and blocking other proxies
      To: Dwayne Hottinger <dhottinger@harrisonburg.k12.va.us>

Only solution we can think of is a login and assign rights by IP, then
remove IP
after logout or timeout using a monitor. Squid can block by IP in
transparency.
We are looking into other ways though because this means editing the conf file
many many times. Depending on the number of users, this can get real ugly. We
let Shorewall handle the rest.

Quoting Dwayne Hottinger <dhottinger@harrisonburg.k12.va.us>:

>
>
> Quoting Henrik Nordstrom <henrik@henriknordstrom.net>:
>
>> ons 2006-04-19 klockan 15:35 -0700 skrev jimmy@emobilenetworks.com:
>> > Then can we use Shorewall + squid to accomplish this task?
>>
>> Yes, Shorewall like most other firewall products can be instructed to
>> block all Internet access...
>>
>> If this is what you want to do is another question. You still have not
>> specified why you want to block access to other proxies..
>>
>> Regards
>> Henrik
>>
>
> If he is with a school system in the US he probably has to filter all
> internet
> traffic for content to insure the kiddies dont stumble on something
> bad, or get
> stalked in a chat room. Henrick is right though, Im not sure there is a good
> way to do it with a transparent proxy. Ive been thinking about using
> a radius
> server or NTLM (I think) and making everyone have a username and password to
> get to the internet. But, that would be quite a nightmare to set up.
> If I was
> running Novell, Id use bordermanager and Novells transparent proxy,
> so everyone
> would have to login to a server in order to do anything network wise.
> Unfortunately I have Apples Computers, Windows Computer and Linux so
> I cant yet
> use Novell. Keep us posted on what you find out. Im sure Im not the only
> network admin at a school that is curious how to keep kids (and
> teachers) from
> Skirting around the Internet filter.
>
> ddh
>
> --
> Dwayne Hottinger
> Network Administrator
> Harrisonburg City Public Schools
>

----- End forwarded message -----
Received on Fri Apr 21 2006 - 13:39:04 MDT

This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT