Re: transparent proxies

From: Marc van Selm <>
Date: Tue, 29 Jul 1997 16:14:18 +0100

At 11:50 AM 7/29/97 +0100, Richard Ayres wrote:
>-----Original Message-----
>From: Leigh Porter <>
>> So a proxying cache cannot be used as a "normal" cache as well?
>Yes, a proxying cache can be used as a "normal" cache also, but without the
>transparent proxying there is no way of ensuring that all my users use it.

It depends how you look at this and what kind of business you are. An ISP
can't enforce proxy-use (I wouldn't have my provider doing this to me). But
if you are a business or a government-agency and coms are an expensive
resource (it mostly is) you can easily enforce it.

We made it a mandatory policy to use the proxy. This only worked for about
50% of the users and the rest didn't care. After a short announcement we
just blocked outgoing traffic to port 80 on our router (except for the proxy
and 1 test machine) and that helped. Now 99.99% of the users use the proxy.
No complaints were received (because all users caught by "surprise" knew it
was mandatory and they didn't comply to the rules)

The 0.01% are users who don't know/care and just try. They pop up in the
NeTraMet accounting I have running (real-time) and they tend to try for a
few days, receive absolutely no data and give up or configure to use the proxy.

So why not enforce it if you are a business and the boss is paying for your
www-browsing. Also direct billing to the user of non proxy-traffic and give
branches an internet budget works but this requires good accounting. I
prefer a simple router filter....

Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
....UNIX IS THE ANSWER....LINUX IS ALSO FREE.... (personal statement)
Received on Tue Jul 29 1997 - 07:17:34 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:52 MST