On Monday 14 October 2002 3:03 am, Flávio Brito wrote: > Dear Friends > > I have two machines, and I trying to force all port 80 traffic to pass > in SQUID 3128. But when people unset proxy in browser, they bypass SQUID > to the Internet . I cannot put transparent proxy, because SQUID is > authenticating. I don't see why Squid Authentication stops you from setting netfilter to do transparent proxying. Anyway, to solve your problem, block access from all machines except your Squid to external TCP port 80. iptables -A FORWARD -s ! a.b.c.d -p tcp --dport 80 -o ethx -j DROP where a.b.c.d is the address of the squid machine and ethx is your external interface. Antony. -- The difference between theory and practice is that in theory there is no difference, whereas in practice there is.
