On Monday 12 July 2004 16:31, Antony Stone wrote: > How about *configuring* the clients so they use the proxy "properly" > instead of doing transparent redirection? Then you can keep the Squid box > on the same subnet as the clients, and still block people trying to do TCP > port 80 straight through the firewall (only one source IP is allowed - the > Squid box). The reason has been the desire to not have to ferry around dozens of machines configuring proxy settings, really. I'll certainly give the seperate-subnet idea some thought :) Cheers, Gavin.
