Re: Force using Squid

From: Dancer <>
Date: Fri, 03 Apr 1998 15:22:48 +1000

Yes. Info from one of my sattelite sites is appended. I don't know about
other systems, but under linux it's amazingly trivial to set up.


Ian Simpson wrote:
> With respect to setting up a redirector that displays a site with port 80
> usage and requirements if an attempt is made to access without the proxy
> set, does anyone have any pointers to a good source of information?
> > We _do_ however, redirect any attempted direct connections to a script
> > that provides a page that explains (in rough) how to set up proxies in
> > most common browsers.

Here's an excerpt from the network startup script on that site (this is
all under linux, for reference):

# Block port 80
# Port 80 traffic for any server on our lan can come from anywhere
ipfwadm -I -a accept -D $INTERNETUSERS 80 -P tcp -S $ANY

# Traffic originating from a web server on the lan is fine.
ipfwadm -F -a accept -D $INTERNETUSERS 80 -P tcp -S $ANY

# Stuff requested from the hub web server is okay
ipfwadm -F -a accept -D $HUB 80 -P tcp -S $ANY
ipfwadm -I -a accept -D $HUB 80 -P tcp -S $ANY

# Traffic originated by us is cool too.
ipfwadm -O -a accept -D $ANY 80 -P tcp -S $INTERNETUSERS

# Traffic forwarding through from internal to external is not
ipfwadm -I -a accept -D $ANY 80 -P tcp -S $INTERNETUSERS -r 8080

Note the last line here takes anything that didn't pass the previous
rules and redirects it to port 8080.

So, here's a new entry in /etc/services:
webstopper 8080/tcp

..and a matching entry in inetd.conf (linewrap may treat this poorly):
webstopper stream tcp nowait root
/usr/local/sbin/webstopper /usr/local/sbin/webstopper

And the /usr/local/sbin/webstopper script itself (well, just the start
of it, anyway)


echo "HTTP/1.0 400 Please adjust your settings"
echo "Content-type: text/html"
echo ""
echo "<html>"
echo "<head>"
echo "<title>Please change your browser settings</title>"
echo "</head>"
echo "<body>"
echo "<h1>Please change your browser settings</h1>"
echo "In order to access the WWW <em>faster</em> and <em>more
reliably</em>, please adjust"
echo "the configuration of your browser.<p>"
echo "If your browser supports Automatic proxy configuration, enter the
URL <b></b> into the automatic
proxy configuration box.<p>"
echo "If your browser does not support Automatic proxy configuration,
here are the settings you will need:"
Received on Thu Apr 02 1998 - 21:30:39 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:39:34 MST