On 01/04/11 00:43, Saurabh Agarwal wrote:
> I want Squid to behave only as a transparent caching proxy. We are making all traffic go through a bridge box which runs squid.
> I want that no user can explicitly use squid as a proxy cache by configuring proxy cache settings in the browser. Only traffic that is routed through the bridge box gets transparently intercepted for caching.
Okay. This is more of a firewall problem than a Squid one.
Do you use iptables? I've added the "mangle" tables rules that do this
to the example configuration:
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat
(works for DNAT, REDIRECT and TPROXY capturing).
I'm not sure about other firewalls. The criteria of when the block needs
to happen in the packet flow is outlined in that wiki page.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.5Received on Thu Mar 31 2011 - 12:58:30 MDT
This archive was generated by hypermail 2.2.0 : Thu Mar 31 2011 - 12:00:02 MDT