Joe,
When running LTSP all Firefox instances are running on the server,
not on the client. That means all Web traffic is coming from the server,
not from each client.
Moral of the story is you can not use squid to do what you are trying
to do unless you run Firefox as a local app, which is a whole 'nother
can of worms.
You can either treat all traffic the same or you can use something
like squidGuard to filter based on username.
Also you have:
acl local-lan0 src 100.100.100.2/255.255.255.0
acl local-lan1 src 100.100.100.113/255.255.255.0
acl local-lan2 src 100.100.100.114
lines #1 and #2 equate to the same thing (100.100.100.0/24)
line #3 needs a netmask i.e. 100.100.100.114/255.255.255.255
Pete Billson
--
http://www.elbnet.com
ELB Internet Service, Inc.
Web Design, Computer Consulting, Internet Hosting
Joe Auerbach wrote:
So after much debate I decided that firefox alone could do what I
wanted, but not with the flexibility of squid, so I'm still going ot try
it.
And after about 14 hours of wrestling I got the conf file to the point
where squid runs.
Now the only problem is that it doesn't actually prevent web access, as
it is written to do and I don't know why.
That said, here's some info about my network. I'd like someone to take
a look at my squid.conf file (linked below) and hopefully we'll figure
out what's wrong. I think that it would work fine if it were on hte
firewall as wrotten, but I can't seem to make it work for the ltsp
machine (which is where it's running).
the goal is to have specific machines (in an ip range of about 30
addresses) blocked from web access, but to allow web access for other
machines. Ideally the blocked machines would redirect blocked pages to
a local html file.
Our network is all behind a basic centOS firewall. The internal ip of
the firewall is 100.100.100.254 (it's called rossfire). the ltsp
machine's address is 100.100.100.2 and it called ltsp. All the thin
clients have an ip range from 100.100.100.110 through about
100.100.100.130. I'm, just testing a few right now and nothing's
happening. I'm running a default ltsp setup, really. Nothing fancy at
all.
my squid.conf file is at http://www.anivair.com/downloads/squid.conf
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.freenode.net
