lists-squid@no-spam.co.uk wrote:
>>
>>> I know it's possible (and perhaps written in stone in an RFC) to have
>>> the
>>> client maintain a proxy exclusion list, but that would be unmanageble in
>>> this sort of setup.
>>
>> Is it? You use a centrally provided proxy.pac to control the browser.
>> You don't need a complete whitelist in the proxy.pac, just sufficient to
>> avoid wasting too much bandwidth.
>
> Thanks for your response.
> I've done a bit of digging around but have found little info on
> proxy.pac files. Can i assume, before i do more digging around, that I
> can put an exclusion list in a .pac file, and have squid push it
> transparently to each web browser client upon first http request?
No. Each browser must be setup to load the .pac itself. WPAD with
DNS/DHCP can be used to push .pac to the browser but the method was
never standardised and each browser is still different.
> The
> transparency is important, as getting each user to configure their
> browser is out of the question in this setup.
Then you will need to test the WPAD methods and give your users
instructions and hope they follow them.
> I can already see problems
> with exclusion lists becoming large enough to take a substantial time to
> download to the clients.
>
You started having troubles the moment you started having customers.
Welcome to the world of network admins.
> Again, one could imagine an proxy exclusion list held on the squid
> server, that when a URL request is received by squid, if it matches the
> exclusion list, squid could answer "go directly to destination", but i
> doubt that is part of the http-proxy protocol.
>
> cheers
>
> Jack
Received on Fri Jun 22 2007 - 03:32:32 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT