> At 10:43 AM 1/14/2004 -0500, Timothy J. Massey wrote:
> [...]
> > > If you want more details than this ... for example, if you want the actual
> > > URLs logged, not just the IP addresses ... then a proxy server
> is the usual
> > > way to go. I seem to recall that Squid can run in a non-caching
> mode, but I
> > > do not remember the specifics. In any case, that is application-
> layer info,
> > > not normally recorded by routers and firewalls, which work at the network
> > > and transport layers, almost entirely.
> >
> >And that's why I was considering Squid. It seems that for transparent
> >proxying, you need Squid to be compiled with certain switches. I have yet
> >to find a LEAF Squid compiled in this way, and I don't have a LEAF compile
> >environment.
>
> I'm not quite sure what you mean here.
>
> Squid can be set up in no-cache mode quite easily via the squid.conf file
> ... see
> http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.20
> for the details.
This I understand. > > If you want Squid to cache invisibly ...
Yes, I do.
>TheSquid FAQ at
> http://www.squid-cache.org/Doc/FAQ/FAQ-17.html
> seems to say that, for a Linux system, the necessary reconfiguration can be
> done in squid.conf (and some iptables rules, of course).
It also needs to be compiled with "./configure --enable-linux-netfilter ", and I haven't found a LRP version that was, as far as I can tell...
> But in all of this, I may still be misunderstanding what you want to
> accomplish ... in particular, how thoroughly you want to conceal the
> existence of this monitoring scheme from your customers. (If you don't want
> to conceal it at all, just run Squid as a normal proxy and tell them they
> have to set their browsers to use it. Right?)
No, you have it mostly right. I would love to just say, "Turn on proxying in the browser" but the *client* doesn't want it that way.
He wants a server that logs all (or most all: I'm not worried about non-80 ports) web usage. He wants to see how much time employees are spending on surfing the web for non-business reasons. And he wants it to work without reconfiguring every client: transparently.
Squid came to mind first, but finding an LRP module that has the proper compile options has been difficult (impossible, really). I was really hoping that someone knew of something more simple: something that just scanned all port-80-bound traffic and grabbed the GET line from the stream, for example, or similar. I guess there isn't such a system...
Tim Massey
------------------------------------------------------- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
