Re: [squid-users] Squid Configuration -- 2 Questions
Hello, I believe these setting should be setup in the squid.conf file and you have compiled squid. For auto-discover I believe you need to run squid in transparent mode, so it listens on port 80 and not 3128. Why run a proxy server for access to a local network only ? Michael. On Tue, 16 Mar 2004 10:36:03 -0800 "Jim Gifford" <[EMAIL PROTECTED]> wrote: > Question 1 : I want to limit things to only the local network. Do I have the > proper configuration line for this? > > ./configure --prefix=/usr --sysconfdir=/etc/squid --localstatedir=/var --lib > execdir=/usr/lib/squid --datadir=/usr/share/squid \ > --enable-removal-policies="lru,heap" --enable-external-acl- > helpers="ip_user" --enable-storeio="ufs,diskd,coss,aufs,null" \ > --enable-linux-netfilter --enable-ident-lookups --enable-us > eragent-log --enable-cache-digests --enable-delay-pools --enable-referer-log > \ > --enable-async-io --enable-truncate --enable-arp-acl --with > -pthreads --enable-htcp --enable-carp --enable-ssl --enable-poll > > Question 2 : How do I setup the autodiscovery information for netscape/IE to > automatically find the proxy? > > > Jim Gifford > [EMAIL PROTECTED] > > > > > -- Michael Gale Network Administrator Utilitran Corporation
Re: [squid-users] Squid Configuration -- 2 Questions
Maybe I used the wrong terminology. I only want the authorized users from (LAN) 192.168.0.0 to use the proxy. I want everyone from the Internet to use the servers I provide (ftp,www, etc).
Re: [squid-users] Squid Configuration -- 2 Questions
Hello, Do you want the proxy to be available from the out side to ? What you most likely want is: You have a firewall with 3 zones, internal, external and dmz (SSN). You want users who are accessing the web servers located on the DMZ or external servers (such as google) to go through the proxy server for authentication. Plus all uses who are outside the company (externally) only be able to access the web server on the DMZ through a iptable or other firewall rule. This is simple, when starting squid only have it listen on the internal interface, exmaple: http_port Then create or enable your firewall rules for connections to be forwarded to the web server from out side. Michael. On Tue, 16 Mar 2004 11:18:20 -0800 "Jim Gifford" <[EMAIL PROTECTED]> wrote: > Maybe I used the wrong terminology. I only want the authorized users from > (LAN) 192.168.0.0 to use the proxy. I want everyone from the Internet to use > the servers I provide (ftp,www, etc). > > > > > -- Michael Gale Network Administrator Utilitran Corporation
