Jason Thompson wrote:
> This is for 2 reasons, one we have passwords on Internet access so we
> can log pages to a specific username, and secondly because the server
> is in an educational establishment our isp offers a 'protected'
> Internet service, but only if you go through thier proxy. Which is why
> we do not want ot allow direct access.
1. Make a HTML page describing how to configure the proxy settings
(preferably using a PAC file). If you need images, be sure to use a full
URL to a local HTTP server where the images are located.
2. Configure a small HTTP service running on the proxy server, returning
the above page on all accesses (see below). Have this run on port 8888
or something like that.
3. Tell Linux to redirect all requests for port 80 to the above HTTP
server:
ipchains -I input -d 0.0.0.0/0 80 -j REDIRECT 8888
An example of how to set up a dummy HTTP service always returning a
fixed page:
1. Make a preformatted HTTP response
--- /etc/setproxy.txt --------------------------
HTTP/1.0 200 OK
Content-Type: text/html
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 GMT
<HTML>
<HEAD>
<TITLE>Configure your proxy settings</TITLE>
</HEAD>
<BODY>
<H1>You need to configure your proxy settings to access the Internet
....
-------------------------------------------
2. Add the service to /etc/services
setproxy 8888/tcp
3. Add the service to /etc/inetd.conf
setproxy stream tcp nowait nobody /bin/cat setproxy /etc/setproxy.txt
4. Tell inetd to reconfigure
killall -HUP inetd
5. Verify that the service works
telnet localhost 8888
-- Henrik Nordstrom Squid hackerReceived on Sat Nov 20 1999 - 06:46:20 MST
This archive was generated by hypermail pre-2.1.9 : Wed Apr 09 2008 - 11:57:32 MDT