RE: [squid-users] Best policy to allow only proxy surfing

From: Boniforti Flavio <>
Date: Wed, 5 May 2010 17:54:09 +0200

Hy Glenn


> Aside from a few ports (SMTP, POP3, IMAP, DNS, etc. on the
> DMZ), the LAN won't be able to go anywhere. Except for me, of
> course; I can go anywhere...
> Don't know if this is going to work, but if it does, rules
> similar to these may solve your problem. With no proxy whinage.

This *is* going to work, I did such setups too, some years ago. The fact
is, that similar solutions require some more intervention, because (as
you might know) every day a new software/tool/internet application needs
to be used (and it is FOR SURE that it HAS to be used, for working
purposes, not for joke)... This would mean, adding rules from time to

Good luck, but still I confess that I *may be* switching to this your
suggestion too! ;-)

Flavio Boniforti

Via Ballerini 21
6600 Locarno
Phone: +41 91 751 68 81
Fax: +41 91 751 69 14
Received on Wed May 05 2010 - 15:54:16 MDT

This archive was generated by hypermail 2.2.0 : Wed May 05 2010 - 12:00:04 MDT