> -----Original Message-----
> From: Kenn Murrah [mailto:kenn@thebytebusiness.com]
> Is there any way to ensure that the proxy is not being
> bypassed? In other
> words, the proxy has an IP of 192.168.100.100, which logs
> the traffic and
> directs it to the gateway (192.168.100.41) ... is there any
> possible way to
> keep an enterprising user from discovering the gateway
> address and accessing
> it directly, bypassing squid?
My solution was to set the gateway's firewall to only allow outgoing
requests from Squid on web server ports. If they don't go through Squid,
their connections get refused. Very effective. Plus your firewall log then
becomes a list of misconfigured machines. ;)
Received on Mon Jan 27 2003 - 08:44:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:53 MST