Siju George wrote:
First of all proxy is used to control web access ( like URL filter )
for a certain group of people. There are others who connect through
NAT and who can get better perfomance. Yes Squid degrades performances
at some cases.
Then there are websites that don't work well with squid.
So in my case I have to work up a solution which is a mixture
You need to learn more about squid, in particular the ACLs for different
groups logged in users (try LDAP).
If you are going to use an app, be man enough to have it listen on the
correct interface. You gain nothing by running it on the loopback and
then using a packet filter to redirect packets to it. What a waste of time.
Not at all!
I hear that most security conscious people do it that way.
To my knowledge that is the recommended way.
To make services listen on the loopback and use PF to redirect
appropriate traffic to it.
How on earth does that make an app more secure. You are listening to
urban rumours, like vista being the most secure os.......
Not sure what you mean by being man enough :-)
Cowards hide behind their mother's skirt. You are trying to hide squid
on the loopback, which is as flimsy a protection device as a skirt.
