Michael S. wrote:
> --- In [email protected], "Nadeem M. Khan" <[EMAIL PROTECTED]>
> wrote:
>> With inline squid, you get to implement intercept caching. That is,
>> squid can intercept traffic without configuring the client browsers to
>> use a proxy. This supposedly prevents users from disabling the "use
>> proxy" feature in their browsers and get free access.
>
> This is reffered to as a "transparent proxy" if I'm not mistaking. You
> have to set some options in your squid.conf and more importantly you
> have to configure your firewall / iptables, whatever to redirect all
> port 80 traffic from your LAN your <proxy host>:<proxy port>. Like so:
I've done this on every corporate and home network I've configured for years
now.. it's an absolute
winner.. especially if you have a number of windows boxes that all pull
updates, as it caches a lot
of those.. same for debian boxes actually... so the 1st box takes ages, and all
the rest pull their
updates at full network speed.
Plus if you visit a limited list of websites like I do, just caching the images
alone makes for a
much nicer browsing experience..
As for the port 80 being open thing.. Etisalat blocks 80 in any case.. but
aside from that a simple
iptables rule will limit access to that nicely from outside your network.
Nice summary Michael :)
B
--
"Human beings, who are almost unique in having the ability
to learn from the experience of others, are also remarkable
for their apparent disinclination to do so." -- Douglas Adams
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/dubailug/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
