> -----Original Message----- > From: Peter Albrecht [mailto:peter.albrecht@xxxxxxxxxx] > Sent: Tuesday, August 07, 2007 10:04 AM > To: squid-users@xxxxxxxxxxxxxxx > Subject: Re: Blocking proxies > > Hi Thomas, > > On Tuesday 07 August 2007 15:41, Thomas Raef wrote: > > How can we block open proxy use? > > > > Either transparent or non-transparent. We looked at using l7-filter but > > there must be an acl or some config option to block users from accessing > > outside proxy servers. We have a school in need of this. > > What do you want to block? > > 1) Users from the school accessing another proxy somewhere? Then you need > to block all http/https requests on your router. I.e., every connection > that does not come from your proxy needs to be blocked. [Tom replied with:] I am detecting all http/https connections with l7-filter and forcing the use of the squid box. Will that block access to all anonymous proxies? Do I need to use: header_access X-Forwarded-For deny all Or some other such acl? Thank you for your reply. > 2) Other users from the outside using your proxy? Define an ACL to allow > access only from your internal network. Or have Squid listen on the > internal network interface only. > > Hope this helps, > > Peter > > -- > Peter Albrecht, Novell Training Services
