Re: [squid-users] YAHOO:MSN:GOOGLE

Tarak Ranjan wrote:
> --- Amos Jeffries <squid3@treenet.co.nz> wrote:
>
>> Tarak Ranjan wrote:
>>> hi list,
>>> i have one squid server which is running on FC6 ,
>> im
>>> using SQUID
>>> 2.6.STABLE16. that is running fine, not any issue
>> with
>>> that, Now i want
>>> to make SQUID some effective.
>>> I want my squid proxy should detect
>>>
>>> 1) which file users are downloading or uploading
>>> 2) using Chat [yahoo, msn, google],
>> IFF client software configured to use HTTP-Proxy
>> protocol.
>>
>>> which file users
>>> are sending or
>>> receiving ,
>> _possibly_ depending on how client software does it.
>> usually not.
>>
>>> which chat room they are entering ,
>> No can do, even if client could go through server.
>> The chat-rooms are IM-protocol data, not
>> HTTP-protocol data.
>>
>> > time
>>> duration of login
>>> in messenger .
>> IFF the client software uses HTTP-Proxy CONNECT
>> methods this can be
>> measured from squid transfer-duration records.
>>
>> side note:
>> I have found this to be just under 100% of the
>> time a user has PC
>> turned on and plugged into the net. Not useful to
>> detect messenger
>> usage, its _always_ running connected in the
>> background.
>>
>>> All these i want to track using Squid, has anyone
>>> implement those
>>> stuff . Any help will be really appreciate. or any
>>> Link
>>>
>> Step 1) Configure each client IM to use HTTP-Proxy
>> protocol features.
>>
>> NP: Windows or MSN messengers, also block the IM
>> protocol ports. IM
>> will failover to using port-80 then an IE-configured
>> proxy.
>>
>> Step 2) check squid access.log
>>
>> Thats ALL you can do in squid.
>>
>> If you are extremely lucky the client software will
>> do some file up/down
>> actions as proper HTTP and you maybe can pass them
>> through an external
>> filter.
>>
>> Squid is an HTTP-proxy. Its simply not written or
>> capable yet as a
>> random-internet-traffic monitor.
>>
>> Amos
>
> Force fully if i want to connect all the messenger
> using http proxy,
> from the server side, means nothing to change in
> client . will it
> possible
>
> bypass all messenger traffic through SQUID , will it
> possible ?
>

Redirecting IM ports to squid will result in numerous protocol failures
for both squid and client IM.

Only the Windows messenger, MSN messenger have hacks to get around that
AND only if client confgured (DHCP? WPAD? maul?) to use proxy for IE anyway.
Still leaves you with minimal control, zero statistical reporting.

Amos

-- 
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.