> > Hi List! > > I'm actually working with > squid-2.5.STABLE3 installed on a Slackware 7.2 > > this box acts as a Gateway, Firewall and VPN(FreeSWAN) > so I've set up my own private LAN and users > > It's all working fine now, Squid, Firewall, and so on, > I just need that all users on the private LAN -MUST- > go through the Squid-Firewall Box to surf the WEB.. > > at the moment I've added the Transparent Proxy > iptables rule on my Firewall settings, through which > all traffic passing through port 80 is then redirected > to my Squid-Firewall box, on port 3128. > > -- iptables -t nat -A PREROUTING -i eth1 -p tcp > --dport 80 -j REDIRECT --to-port 3128 -- > > But with this rule in, I get that all users, even if > they don't set their Browsers to use a Proxy, can surf > the WEB withouth being authenticated by Squid, but > passing through the Proxy anyway (in fact I can see > them on my Access.log file) > > what I wish to do is to set the Squid or Firewall > settings to impose a Squid Authentication even if my > users don't set their Browsers to use a Proxy, so > > USER1 Browser-configured --> Authentication = Allowed > > USER2 NoBrowser-configured --> Authentication or ERROR > You are not allowed to ... > You can't at least in in the squid context :
http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.15 M.